PowerShell – SharePoint – Move folders between site collections, subsites, and libraries

There are several ways to move data between libraries in SharePoint. One of them is using UI. While this method has become better over the years, it's still slow and buggy at times. Just recently I had an issue where SharePoint UI would not move more than 20 folders, it would time out.  Another method is using PowerShell to do such a task. Out there you can definitely find scripts that would move data; however, you need to provide all prerequisite information and do it correctly. A typo or a library display name vs different internal name would leave you scratching your head for quite some time. If you do use subsites in your site collections, then things become progressively more complicated. To address most of the struggle I decided to create a script that will do it all. The goal was to automate everything where an admin would only…

Continue Reading PowerShell – SharePoint – Move folders between site collections, subsites, and libraries

PowerShell – SharePoint – Permission report for all lists and libraries within every site collection and subsite

Here is a script that comes very handy when you need to replace some SharePoint groups with other ones. While doing so you definitely want to make sure no one has lost access. So you need to know where each group has been used. To create this script I used Salaudeen Rajack's PnP PowerShell to Export Document Library Permissions in SharePoint Online script posted here (https://www.sharepointdiary.com/2019/02/sharepoint-online-pnp-powershell-to-export-document-library-permissions.html), then did some adjustments to it including converting it to a function. Then added my code to go through each site collection and subsite. What this script does and how it might be beneficial to you: goes through every site collection and subsite, then library and list; has a list of site collections to exclude; does not include Office 365 Group sites; outputs the following data - site/subsite URL, library/list title, user/group name, user/group type, permission level, how it's granted. This script might take…

Continue Reading PowerShell – SharePoint – Permission report for all lists and libraries within every site collection and subsite

PowerShell – Script to migrate a security group and all its members from AD to AAD

When you decide it's time to migrate your security groups from on-premise AD to the Cloud, you might find it very tedious and prone to mistakes. Of course that is if you have lots of groups to move. The script in this post should come to your aid as it finds the group you would like to migrate, creates a new group in AAD with a name you choose, then it adds all users and nested groups into the newly created group - the same as your AD group had. A few nice things this script also does: checks if the group you are about to migrate exists in AD; makes sure a group you will be creating in AAD doesn't already exist; combines description and notes, then adds them to a newly created group in AAD. Note that for this script to work well all nested groups must be…

Continue Reading PowerShell – Script to migrate a security group and all its members from AD to AAD

PowerShell – script to reset user password in AAD and AD then force sign out from Office 365 services

The only purpose of this script is to act as fast as possible when dealing with a successful phishing attack where one of your users got compromised. You can perform all the steps below one by one using UI but it takes more time which must not be wasted in such a case. So, here are actions the script does: Creates a new random password (you can play with how your temp password should look like). Your user will be forced to change it. Resets a password in the cloud / Office 365. Optionally resets a password in your on-premise AD (if your accounts are synced with Active Directory) Terminates all active Office 365 sessions (Invalidates the refresh tokens issued to applications for a user per Microsoft). In order to reset passwords in AD the script must “Run As” an account that can edit AD. If you are remote, you…

Continue Reading PowerShell – script to reset user password in AAD and AD then force sign out from Office 365 services

PowerShell – script to show all mailbox rules and disable selected ones

Ever needed to quickly find and disable mail rules in user mailboxes? Look no further as the script below does all of it. It’s a convenience by itself to not go into Exchange Admin Portal, but there might be cases where your user gets hacked, some bad person creates a rule or two. Then you need to disable those quickly. So this script does the following to a specified email: lists all mailbox rules and shows their most important info - its actions, description, and status; then you can select and disable any rule by typing its number until (if desired) all rules are disabled. Don’t forget to replace @contoso.com with your own domain. #---------------------------------------[Functions]--------------------------------------------------- Function List-Rules { param ( [Parameter(Mandatory=$True)]$email ) Begin{} Process{ $collection = @() $i = 0 $rules = Get-InboxRule -Mailbox $email ForEach ($rule in $rules) { $outObject = "" | Select Number,Status,"Rule Name","Applies to emails From","Delete…

Continue Reading PowerShell – script to show all mailbox rules and disable selected ones

PowerShell – auxiliary script to populate CustomAttribute10 with a Purged Items FolderID

Originally this script ( New-ComplianceSearch script ) would search through Purged Items. That was the downside of it comparing to a "classic" Search-Mailbox you can find here ( Search-Mailbox script ). So imagine you run the script the 1st time, find target messages, and then delete them - the found results make sense. However, should you run the script the 2nd time with the same search criteria, it would find those already purged messages again. That creates some confusion. So it would be great to exclude Purged Items folders from the search. Now, it is possible to do so on the fly ( https://docs.microsoft.com/en-us/microsoft-365/compliance/use-content-search-for-targeted-collections ) but it is very time consuming and takes about 1-3 seconds for each mailbox which stacks up pretty fast. So I came up with a script to take care of this issue by storing a Purged Items FolderID in a CustomAttribute10 of each mailbox. So…

Continue Reading PowerShell – auxiliary script to populate CustomAttribute10 with a Purged Items FolderID

PowerShell – New-ComplianceSearch script to go through all mailboxes, find a target message, and remove it

Here is another more advanced script that searches for messages of interest, then optionally exports and purges them. So, what makes this script more advanced? Unlike the other script that uses Search-Mailbox ( https://365basics.com/powershell-search-mailbox-script-to-go-through-all-mailboxes-find-a-target-message-and-remove-it/ ) this script below is based on New-ComplianceSearch cmdlet: Pros: Super fast, multi-threaded, takes about 1-2 minutes on average to complete the whole task. As Microsoft is trying to depreciate Search-Mailbox, they put more effort into New-ComplianceSearch, so we can expect new functionality to come in the future. Can create an export file that can be downloaded and investigated. Cons: Always searches through all folders including Purged Items which might create some confusion when showing results (if running the same search again) - see UPDATE 9/30/2019 Cannot copy messages to another mailbox for you to investigate. Of course there are quite a few scripts out there that use New-ComplianceSearch, everyone has their own approach. So let…

Continue Reading PowerShell – New-ComplianceSearch script to go through all mailboxes, find a target message, and remove it

PowerShell – Search-Mailbox script to go through all mailboxes, find a target message, and remove it

When looking at the title of this post, one might notice I used a target word, and it is on purpose. This script below is useful when trying to remove all types of messages from users' mailboxes whether it's a spam, scam, virus or a an important message that needs to be "recalled". This script is based on Search-Mailbox cmdlet, works well but it has its own pros and cons, more on some of them below. Later I will have another post showing a different and more advanced script to do the same and even better. So stay tuned. Pros: Doesn't search through Purged Items (a bit more about the 3rd layer of Trash is here - https://365basics.com/script-to-search-through-recoverable-and-purged-items-and-restore-those/ ). Can copy messages to another mailbox (IT Help in that example). Cons: Per Microsoft Search-Mailbox will be depreciated, we don't know when it will happen though. Slow (if a target message…

Continue Reading PowerShell – Search-Mailbox script to go through all mailboxes, find a target message, and remove it

PowerShell – change the storage space for a specific user’s OneDrive

As an admin you can easily make an adjustment of a OneDrive storage limit for all users through a OneDrive admin center. If you need to do the same for a specific user, here is a Microsoft article that describes that - https://docs.microsoft.com/en-us/onedrive/change-user-storage Truth is, it only takes a single line of code to make an adjustment; however, my script below takes care of most little things, requirements, and inconveniences: you only need an email address of a user; the minimum size of allocated space is 1 GB; the maximum size is 5 TB. $email = Read-Host "Please provide an email address of the user" $convertedemail = $email -replace "\.","_" -replace "@","_" $partofthelink = "-my.sharepoint.com/personal/" + $convertedemail $onedriveurl = Get-SPOSite -IncludePersonalSite $true -Limit all -Filter "Url -like $partofthelink" $onedriveurl Do { Try { $num = $true [int]$sizegb = Read-Host "Please specify the size of OneDrive storage space to be set…

Continue Reading PowerShell – change the storage space for a specific user’s OneDrive

PowerShell – show and adjust resource booking configuration according to 4 scenarios

There is an amazing article (https://itpro.outsidesys.com/2017/11/06/exchange-configuring-the-resource-booking-attendant-with-powershell/) published by John Dougherty on how to adjust resource booking configuration having 4 different scenarios. Those 4 scenarios are: Anyone can book the resource. No delegate approval required. Anyone can book the resource. Delegate approval required for all requests. Only a list of people can book the resource without delegate approval. All others require delegate approval. Only a list of people can book the resource. All others are denied. There are no delegates. Not everything can be done through an Admin portal, that's why having such a PowerShell script is crucial. I decided to do several things to improve that process: Added code to check an existing configuration for every single Room and Resource. If the configuration is any different than these 4 above, then the script notifies you about it. Combined scripts into a single one. Added more user input to not adjust the…

Continue Reading PowerShell – show and adjust resource booking configuration according to 4 scenarios