This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$tenantID = "tenant.onmicrosoft.com" #your tenantID or tenant root domain | |
$appID = "12345678-1234-1234-1234-1234567890AB" #the GUID of your app | |
$client_secret = "XXXXXXXXXXXXXXXXXXXXXX" #client secret for the app | |
$body = @{ | |
client_id = $AppId | |
scope = "https://outlook.office365.com/.default" | |
client_secret = $client_secret | |
grant_type = "client_credentials" | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$users = Import-Csv .\Users-to-disable.csv | |
foreach ($user in $users) { | |
Write-Verbose "Processing licenses for user $($user.UserPrincipalName)" | |
try { $user = Get-MsolUser -UserPrincipalName $user.UserPrincipalName -ErrorAction Stop } | |
catch { continue } | |
$SKUs = @($user.Licenses) | |
if (!$SKUs) { Write-Verbose "No Licenses found for user $($user.UserPrincipalName), skipping..." ; continue } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$mailbox = "shared@domain.com" | |
$folders = Get-MailboxFolderStatistics $mailbox | ? {$_.FolderType -ne “Root” -and $_.FolderType -ne “Recoverableitemsroot” -and $_.FolderType -ne “Audits” -and $_.FolderType -ne “CalendarLogging” -and $_.FolderType -ne “RecoverableItemsDeletions” -and $_.FolderType -ne “RecoverableItemspurges” -and $_.FolderType -ne “RecoverableItemsversions”} | |
Add-MailboxFolderPermission $mailbox -User user@domain.com -AccessRights Reviewer #root permissions | |
foreach ($folder in $folders) { | |
$FolderPath = $folder.FolderPath.Replace("/","\").Replace([char]63743,"/") #with PowerShell v3 'fix' | |
$MailboxFolder = "$mailbox`:$FolderPath" | |
Add-MailboxFolderPermission "$MailboxFolder" -User user@domain.com -AccessRights Reviewer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$calendars = Get-Mailbox -RecipientTypeDetails UserMailbox | Get-MailboxFolderStatistics | ? {$_.FolderType -eq "Calendar"} | select @{n="Identity"; e={$_.Identity.Replace("\",":\")}} | |
$calendars | % {Set-MailboxFolderPermission -Identity $_.Identity -User Default -AccessRights AvailabilityOnly} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$mailboxes = Get-Mailbox | Select-Object Alias,ExchangeGuid,Emailaddresses | |
foreach ($mailbox in $mailboxes) { | |
$aliases = $mailbox | select -ExpandProperty EmailAddresses | ? {$_.Split(":")[1] -notlike 'string*'} | |
if ($aliases.Count -eq $mailbox.EmailAddresses.Count) {continue} | |
if ($aliases | ? {$_ -cmatch "SMTP:"}) { | |
$emailaddresses = $aliases | |
} | |
elseif (!$aliases) { $emailaddresses = $("SMTP:" + $mailbox.Alias + "@" + (Get-AcceptedDomain | ? {$_.Default -eq $true}).Name) } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$authHeader = @{ | |
'Authorization'=$authenticationResult.Result.CreateAuthorizationHeader() | |
'Content-Type' = 'application\json' | |
} | |
$uri = "https://graph.microsoft.com/v1.0/users/user@tenant.onmicrosoft.com" | |
$body = @{mobilePhone="+421905111222"} | ConvertTo-Json | |
try { | |
Invoke-WebRequest -Method Patch -Uri $uri -Body $body -Verbose -Headers $authHeader -ContentType "application/json" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Set the authentication details | |
$tenantID = "tenant.onmicrosoft.com" #your tenantID or tenant root domain | |
$appID = "12345678-1234-1234-1234-1234567890AB" #the GUID of your app. For best result, use app with Policy.ReadWrite.Authorization scope granted. | |
$client_secret = "XXXXXXXXXXXXXXXxxxx" #client secret for the app | |
$body = @{ | |
client_id = $AppId | |
scope = "https://graph.microsoft.com/.default" | |
client_secret = $client_secret | |
grant_type = "client_credentials" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Set the authentication details | |
$tenantID = "tenant.onmicrosoft.com" #your tenantID or tenant root domain | |
$appID = "12345678-1234-1234-1234-1234567890AB" #the GUID of your app. For best result, use app with Policy.Read.All and Policy.ReadWrite.ConditionalAccess scopes granted | |
$client_secret = "XXXXXXXXXXXXXXXxxxx" #client secret for the app | |
$body = @{ | |
client_id = $AppId | |
scope = "https://graph.microsoft.com/.default" | |
client_secret = $client_secret | |
grant_type = "client_credentials" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$users = Import-Csv .\Users-to-disable.csv | |
foreach ($user in $users) { | |
Write-Verbose "Processing licenses for user $($user.UserPrincipalName)" | |
try { $user = Get-AzureADUser -ObjectId $user.UserPrincipalName -ErrorAction Stop } | |
catch { continue } | |
$SKUs = @($user.AssignedLicenses) | |
if (!$SKUs) { Write-Verbose "No Licenses found for user $($user.UserPrincipalName), skipping..." ; continue } | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Connect-MgGraph -Tenant tenant.onmicrosoft.com -Scopes User.ReadWrite.All | |
#Import the list of users, or generate it dynamically as needed | |
$users = Import-Csv .\Users-to-disable.csv | |
#$users = Get-MgUser -Filter "Department eq 'Marketing'" | |
foreach ($user in $users) { | |
Write-Verbose "Processing licenses for user $($user.UserPrincipalName)" | |
try { $user = Get-MgUser -UserId $user.UserPrincipalName -ErrorAction Stop } | |
catch { Write-Verbose "User $($user.UserPrincipalName) not found, skipping..." ; continue } |