Last active
November 14, 2017 14:06
-
-
Save panreel/add4fd41a9af463a3632 to your computer and use it in GitHub Desktop.
Testing PowerShell connection to O365/EXO by storing User Credentials for automatic access
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# use stored credential or ask for new one | |
$useStoredCredsIfAvailable = $True | |
# credsFile location | |
$CredsFile = "./AuthKey" | |
# check if creds file exists | |
$FileExists = Test-Path $CredsFile | |
If(-not $useStoredCredsIfAvailable -or $useStoredCredsIfAvailable -and -not $FileExists){ | |
# display message about no file found | |
If($useStoredCredsIfAvailable -and -not $FileExists) { | |
Write-Host "Trying to retrieve saved Credential but unable to find Key file. Using prompt to authenticate user" -foregroundcolor "Yellow" | |
} | |
# collect credential | |
# NOTE: ConvertFrom-SecureString and ConvertToSecureString can use a -SecretKey param to handle encryption key | |
$User = Read-Host -Prompt "Enter Admin AAD username" | |
$PWord = Read-Host -Prompt "Enter Admin AAD password" -AsSecureString | |
#save credential in file | |
$User | Out-File $CredsFile | |
"#" | Out-File $CredsFile -append | |
$PWord | ConvertFrom-SecureString | Out-File $CredsFile -append | |
Write-Host "Credentials received, Password safely saved -AsSecureString" -foregroundcolor "Yellow" | |
} Else { | |
Write-Host "Extracting credential from saved one" -foregroundcolor "Yellow" | |
$UserNameAndPassword = (Get-Content $CredsFile).Split("#") | |
$User = $UserNameAndPassword[0] | |
$PWord = $UserNameAndPassword[3] | ConvertTo-SecureString | |
} | |
$Credential = New-Object System.Management.Automation.PSCredential($User, $PWord) | |
# pass credential to Office 365 for authentication | |
$UserCredential = Get-Credential -Credential $Credential | |
Write-Host "User successfully logged:" $UserCredential.UserName -foregroundcolor "Green" | |
# create Office 365 session and import list of available commands | |
$ExchangeSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection | |
Write-Host "New Exchange Session initiated" -foregroundcolor "Yellow" | |
$ExchangeSessionImport = Import-PSSession $ExchangeSession -ErrorAction SilentlyContinue -AllowClobber | |
Write-Host "Exchange Session imported" -foregroundcolor "Yellow" | |
# retrieve account to monitor | |
$MailBoxToAudit = Read-Host -Prompt "Enter mailbox identity to monitor" | |
# perform IIS log simulation | |
Write-Host "Performing IIS Log simulation in Office 365" -foregroundcolor "Yellow" | |
Get-MobileDeviceStatistics -Mailbox $MailBoxToAudit -ActiveSync | |
# perform SMTP & CA log simulation | |
Write-Host "Performing SMTP & CA Log simulation in Office 365" -foregroundcolor "Yellow" | |
Search-MailboxAuditLog -ShowDetails -LogonTypes:owner -Identity $MailBoxToAudit | |
# perform Message Tracking simulation | |
Write-Host "Performing Message Tracking Log simulation in Office 365" -foregroundcolor "Yellow" | |
Get-MessageTrace -StartDate $dateStart -EndDate $dateEnd | | |
Select-Object Received, SenderAddress, RecipientAddress, Subject, Status, ToIP, FromIP, Size, MessageID, MessageTraceID | | |
Where-Object {$_.SenderAddress -eq $MailBoxToAudit -or $_.RecipientAddress -eq $MailBoxToAudit} | |
# close session | |
Remove-PSSession -session $ExchangeSession |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment