This script has been developed for a custom project with the following requirements:
The script utilizes a self developed C# command line tool, which has been published as open source at Github. The ResizeImage Wiki explains the usage of the command line tool. The application's configuration controls the target size and an optional pixel based offset.
Maybe the script will be useful in your project as well.
The code samples utilize the following folder structure:
# EXAMPLE # Resize photos stored in the default PictureSource folder for Exchange On-Premises (648x648) and write images to user mailboxes .\Set-UserPictures.ps1 -ExchangeOnPrem # EXAMPLE # Resize photos stored on a SRV01 share for Exchange Online and save resized photos on a SRV02 share .\Set-UserPictures.ps1 -ExchangeOnline -PictureSource '\\SRV01\HRShare\Photos' -TargetPathExchange '\\SRV02\ExScripts\Photos' # EXAMPLE # Resize photos stored in the default PictureSource folder for Active Directory (96x96) and write images to user thumbnailPhoto attribute .\Set-UserPictures.ps1 -ActiveDirectory # EXAMPLE # Resize photos stored in the default PictureSource folder for Intranet (150x150) .\Set-UserPictures.ps1 -Intranet
When using this PowerShell script you can update the guest user's thumbnail photo to a photo that aligns with your company's corporate identity and compliance guidelines, and you do not have to rely on the Azure AD default photo.
# EXAMPLE # Set the photo ExternalUser.png for all guest users if no photo exists .\Set-GuestUserPhoto.ps1 -FilePath D:\Photos\ExternalUser.png -GuestUsersToSelect All -UpdateMode SetIfNoPhotoExists # EXAMPLE # Set the photo ExternalUser.png for guest user JohnDoe@varunagroup.de if no photo exists .\Set-GuestUserPhoto.ps1 -FilePath D:\Photos\ExternalUser.png -GuestUsersToSelect Single -UserPrincipalName JohnDoe@varunagroup.de
This script deletes user from the NoSpamProxy NoSpamProxyAddressSynchronization database table [Usermanagement].[User] table that have not been removed by the NoSpamProxy Active Directory synchronization job.
The script was developed due to a process flaw in how Active Directory accounts are handled as part of a leaver process. So this script does not fix a software bug, but a process glitch.
Due to the Active Directory account process the accounts still exist in Active Directory and are synchronized to the NoSpamProxyAddressSynchronization database.
When executed without the -Delete parameter all identified users are wirtten the log file only.
# EXAMPLE 1 # Check for Active Directory existance of all users stored in NoSpamProxy database. Do NOT delete any users from the database. .\Remove-NspUsers.ps1 # EXAMPLE 2 # Delete users from NoSpamProxy database hosted on SQL instance MYNSPSERVER\SQLEXPRESS that do NOT exist in Active Directory. .\Remove-NspUsers.ps1 -Delete -SqlServerInstance MYNSPSERVER\SQLEXPRESS
This script searches for OOF rules created by users using the Outlook rule-tab in the OOF assistant and deletes exisiting OOF rules.
In preparation to configure compliant Out-Of-Office (OFF) settings for users, any existing OOF rule needs to be deleted. The script will use either an exisiting Exchange Server EWS library or the Managed EWS library installed using the default file path.
This is the first of two scripts for the complete solution. Find the second script here.
The script access the mailbox rules using Exchange Web Services. Therefore the account executing the script either needs to have ApplicationImpersonation rights or full access to the user mailbox.
# EXAMPLE 1 # Find any existing OOF rule and write results to log file Remove-OOFRule # EXAMPLE 2 # Find and delete any existing OOF rules in all user mailboxes and write delete actions to log file Remove-OOFRule -Delete # EXAMPLE 3 # Find and delete any existing OOF rules for user SomeUser@varunagroup.de and write delete actions to log file Remove-OOFRule -Mailbox SomeUser@varunagroup.de -Delete
Rhoderick Milne (https://blogs.technet.microsoft.com/rmilne)
You can block an user from logging on to Office 365 by setting the BlockCredential attribute to $true.
Set-MsolUser -UserPrincipalName myuser@mcsmemail.de -BlockCredential $true
But the MSOL user attribute is reverted to $false, when ADD Connect synchonization cycle runs.
This happens, because the local Active Directory attribute accountEnabled is used to controll the BlockCredential attribute in Azure AD.
If your IT operation requires the ability to have enabled users in your local Active Directory infrastructure and you need to prevent logon to cloud services you need to prevent the accountEnabled attribute from being synchronized to Azure AD. This might not necessarily be a general requirement during normal operations, but might be useful while doing a Proof-of-Concept.
Just exclude the attribute from the Azure Active Directory connector in the Synchronization Service Manager.
The following script disables all users excluding
# Userfilter $UserExceptions = ("Sync_SYNC01_add98768492f@mcsmemail.onmicrosoft.com","SPO-SRV-ACCOUNT@mcsmemail.de","SynchedAdmin@mcsmemail.de") # Fetch synchronized users $DomainAccounts = Get-MsolUser -EnabledFilter EnabledOnly -MaxResults 5000 | Where-Object -Property LastDirSyncTime -ne $null # Select synchronized users not following the pattern ADM*@mcsmemail.de (admin accounts in this case) $DomainAccountsWithoutAdmins = $DomainAccounts | Where-Object -Property UserPrincipalName -notlike "ADM*@mcsmemail.de" # Exclude accounts listed in $UserExceptions $DomainAccountsWithoutAdminsFiltered = $DomainAccountsWithoutAdmins | Where-Object -Property UserPrincipalName -NotIn $UserExceptions # Now block cloud logon for all filtered users ForEach ($User2Block in $DomainAccountsWithoutAdminsFiltered) { Write-Host ('Disabling User: {0}.UserPrincipalName)' -f $User2Block) Set-MsolUser -UserPrincipalName $User2Block.UserPrincipalName -BlockCredential $true }
Enjoy Office 365.
This script imports multiple PST files located in a single directory into a user mailbox or a user mailbox archive.
Due to some filename limitations of the New-MailboxImportRequest cmdlet in reagards to the UNC path, the PST filenames are sanitized. Any unsupported (unwanted) character is removed. You can modify the replacement function as needed. This might be necessary as the PST filenames can be used as target folder names during import.
Original filenames:
Renamed filenames:
When using the FilenameAsTargetFolder switch each PST file is imported into a separate target folder.
After successfully importing a PST file, the PST can optionally be renamed to .imported. This simplifies a re-run of the script in the case that you a lot of PST files for a user or a large number of files as part of archive solution offboarding process.
NOTE: This script utilizes the GlobalFunctions PowerShell module for logging. Please prepare your system for the use of the GlobalFunctions module first.
Steps performed:
Example PowerShell Output
.\Start-MailboxImport.ps1 -Identity JohnDoe -Archive -FilePath "\\ROBERTKWEISS\e$\PSTImport\JohnDoe" -FilenameAsTargetFolder -BadItemLimit 10 -ContinueOnError -SecondsToWait 90 Note: Script will wait 90s between each status check! Create New-MailboxImportRequest for user: JohnDoe and file: \\ROBERTKWEISS\e$\PSTImport\JohnDoe\Myoldarchive.pst into the archive. Targetfolder:"Myoldarchive". Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: InProgress Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: InProgress Waiting for import JohnDoe-Myoldarchive.pst to be completed. Status: InProgress Import request JohnDoe-Myoldarchive.pst completed successfully. Import request JohnDoe-Myoldarchive.pst deleted. Create New-MailboxImportRequest for user: JohnDoe and file: \\ROBERTKWEISS\e$\PSTImport\JohnDoe\Myoldarchive1.pst into the archive. Targetfolder:"Myoldarchive1". Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: Queued Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: InProgress Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: InProgress Waiting for import JohnDoe-Myoldarchive1.pst to be completed. Status: InProgress Import request JohnDoe-Myoldarchive1.pst completed successfully. Import request JohnDoe-Myoldarchive1.pst deleted. Script finished.
This Powershell script has been optimized using the ISESteroids™ add-on. Learn more about ISESteroids™ here.
A new PowerShell script to export all mailbox folder permissions has been published to TechNet Gallery and GitHub.
This script exports all mailbox folder permissions for mailboxes of type "UserMailbox". The permissions are exported to a local CSV file.
"Mailbox";"FolderName";"User";"AccessRights" "Mustermann, Max (mmustermann)";"Tasks";"Doe, John";"Editor" "Mustermann, Max (mmustermann)";"Calendar";"Doe, John";"Editor" "Mustermann, Max (mmustermann)";"Inbox";"Doe, John";"Reviewer" "Mustermann, Max (mmustermann)";"Custom Folder";"Doe, John";"Reviewer"
This script is based on Mr Tony Redmonds blog post http://thoughtsofanidlemind.com/2014/09/05/reporting-delegate-access-to-exchange-mailboxes/
.\Get-MailboxPermissionsReport.ps1 -CsvFileName export.csv
Enjoy.