Office 365

Make Microsoft TEAMS the default IM application

Having multiple applications that act as chat respective IM application but you want Microsoft TEAMS to be the default Instant Messenger application especially so Outlook e.g. shows the correct online/offline as well as free and busy status for employees and so they can start a conversation directly from there, you will need to make sure that Microsoft TEAMS is the default IM Provider.

This came up especially in combination with Cisco Jabber, that is often used as the software phone client for a Cisco phone system. This application might overrule the user settings and take presence especially in Microsoft Outlook. Cisco has an article about this here that talks about various registry keys. But this is actually not the direct solution for this issue.

In order to set TEAMS, if installed, the default application for your employees, it is easiest to engage Group Policies, GPOs, for this. Simply follow the below steps. Those settings will find out if Microsoft TEAMS is available and if so set it as default IM Provider. Close Microsoft Outlook and open it again and you will see the status icons and message box being associated with Microsoft TEAMS.

Of course, you could slightly adjust the suggested GPO settings and engage e.g. Cisco Jabber or any other IM provider available instead. Just have a look at the registry path HKEY_CURRENT_USER\Software\IM Providers and see what is available and set the GPO accordingly. All you need is the name of the sub key for the DefaultIMApp value.

Steps for the user GPO

Create a new GPO (or chose an existing GPO)
1. This will be a User Configuration
Navigate to User Configuration\Preferences\Windows Settings\Registry
Create a new Registry Item
Settings on General tab
1. Leave the Action settings to Update
2. Hive: HKEY_CURRENT_USER
3. Key Path: Software\IM Providers
4. Value name: DefaultIMApp
5. Value type: REG_SZ
6. Value data: Teams
Settings on Common tab
1. Check Run in logged-on user’s security contact (user policy option)
2. Check Item-level targeting
3. Click on Targeting and apply the following settings
  1. The following steps make sure that this is only applied if Microsoft TEAMS is available as a IM provider
  2. Click on New Item and chose Registry Match
  3. Match type: Key exists
  4. Hive: HKEY_CURRENT_USER
  5. Key Path: Software\IM Providers\Teams
4. It is good practice to provide a Description for this item – e.g.: This will set Microsoft TEAMS as default IM Provider for e.g. Outlook – if available as IM Provider.

Make sure the GPO applies to your users and you should be all set. This will make sure that even if a new application is installed and takes the IM Provider role over, that your clients will still fall back to Microsoft TEAMS. Of course, it will depend on when the GPO was reapplied and that the user actually closes and reopens Outlook.

Auditing network users against HR lists etc.

Auditing network users against HR lists – a topic that is often overlooked or causes some headache due to e.g. name variations, while it is so important to make sure that your Active Directory is a clean and up to date as possible.

There are big paid solutions out there, but unless you have the budget, resources and processes in place, you will need a simpler approach. Having worked in various sized businesses, let me make some suggestions here. Keep in mind, not all of it might be applicable or best for you, but I hope it will at least provide you some ideas and help to improve your network security.

Structured groups and rights

Before we begin – you should always make any effort to have a very well structured rights base. Avoid cross use of e.g. groups for mail distribution and NTFS file system access. It seems like a good idea until someone needs access to the NTFS path and boom he/she receives the group based communication as well. This is of course just one example. Structure your file systems and right assignments well. All of it can make all the difference. Don’t complicate things, keep it simple.

Monitoring Active Directory activity

What you want is something that constantly looks for any changes to Active Directory, at a bare minimum new users and deleted users as well as group-membership changes. There is some software out there to do this, some is free, often with limited functionality, some you need to buy. Personally I was working on a Windows Service to monitor Active Directory changes, but my time is limited and to this day I did not finish it. Having said this, the IT-Asset Management Database on this website actually has a module that does just this, it monitors the most important activities while it does actually a compare of gathered SQL data against current Active Directory information and eventually sends you a daily report about changes.

Such reports might not be perfect, as they don’t real-time monitor such activity, rather then only send you daily summary reports. Paessler PRTG in combination with either some default sensors or custom scripts like Group Membership change and password reset monitoring or the more specific script for group-membership monitoring are more then helpful. Monitor especially e.g. Domain Admins groups and other groups that would allow access to sensitive areas and data of your network. Such active alerts due to a network monitoring solutions might give you the chance to act fast.

Auditing your user base against HR (Human Resources) data

Again, there is software and solutions out there that can do this automatically or help you with your efforts. But often HR is simply using their Payroll platforms and depending on what they have, it won’t have the functionality you need or they are reluctant to implement such processes or possibly provide you access after all.

The main issue I came across is that there is a difference between the HR data and what the full name in your Active Directory (e.g.) is. You can’t further not just automate user name prediction based on any HR export data you have, cause there likely will be duplicate names as well, depending on how you create user names.

HR normally has an employee number, they should be able to provide this in any employee export to you. Now, Active Directory has actually some attributes that you easily can engage: EmployeeID, employeeNumber and employeeType. PowerShell is your friend, if you want to set them. I highly recommend to use PowerShell to some extend if you create new users. Look at the CheckLists in combination with employees in the IT-Asset Management Database as well for some hints and automation. Microsoft’s Set-ADUser PowerShell command will be helpful as well.

Eventually use a tool like the IT-Admins tool to read your users from your Active Directory and export to Excel. Once you have this, you compare the HR list against the Active Directory export. Don’t bother with VLOOKUP – research the use of INDEX/MATCH in Excel. Format both tables as tables in Excel and document your process, as this might depend a bit on what tools you engaged and how the eventual data looks like. You should end up comparing the HR employee number against the HR employee number stored and exported from Active Directory. This should give you a quick and clean overview. What you should be on the lookout for are those N/A error in Excel in the compare column, as well as possibly HR data that indicates a termination or change. You can go as far as compare the department information, again there are Active Directory attributes for this as well. Department names and department IDs.

If you want to go another step, start comparing group-membership as well. Export all the groups and members, again the IT-Admins Tool can help you here. View it possibly from both sides, the group and members view as well as user is member of groups view. Have the department owners take a look at it as well, they might want to see this.

And step three will be an NTFS rights review. Never ever should there be a user account directly used to assign rights in NTFS. This always should be done via groups. How ever, to review this I again recommend using the IT-Admins Tool, as this is actually designed to help you with the process and is able to export the needed data rather quick and simple.

Don’t forget your ERP systems and systems with Active Directory independent user bases

It is not always possible to rely on Active Directory as only source for your user base. Even if you can, the right assignment in e.g. your ERP system to functions likely is independent from Active Directory. Look in to any possibility of your ERP, either API’s or possibly dig in to the database (or where ever the data is stored), to find out about right changes (groups) and review those lists as well against HR information periodically.

Office 365

Oh – it is synchronized with Active Directory, right? Well – review it anyways. There might be a user object that is not synchronized and exists only in Office 365, groups as well. Review the rights to access certain administrative areas within Office 365.

You should definitive review third party users – especially Microsoft TEAMS and sharing e.g. SharePoint or OneDrive files and folders with outside of the organization will likely create some guest accounts. Keep an eye on those.

And then the third party applications – you need to keep an eye on those, as they can cause possible harm or gain access to sensible data. Users/Employees often will install them without reviewing them thoroughly, or they simply don’t realize they might have been there and share confidential data.

Account breach / compromise and API keys in Office 365 should also be something you want to keep a good eye on. Clicking on the wrong link (it will happen!), entering the password and it is to late. Don’t think a simple password reset will solve the issue. Don’t only rely on your MFA. Review does API keys especially in Office 365. What can happen is that the password is used right away to install an API based access to Office 365 that will then independently from password changes have access to the data. Keep an eye on those things as well!

September 25, 2020 by Florian Rossmark monitoring prtg security server

Office 365 licenses and activated features per user

Ever wondered which user has what license activated and e.g. which specific feature is activated? Recently I was challenged to see who has the Exchange mailbox feature enabled and who not out of the active user base. Due to the huge user-base this would have taken hours to review manually. Using PowerShell for this, connecting to Office 365, exporting the data eventually to a CSV file and filtering it in Microsoft Excel made this way easier.

The challenge here is that Microsoft uses SKU’s – or licenses – that again can have various features enabled or disabled. Let’s say you have a E5 Plan (license) assigned to your user, you still can disabled various features within this plan, e.g. Microsoft Exchange.

If you take a look at the following website, you find a whole list of GUIDs / IDs of all those various features.

https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/licensing-service-plan-reference

In case of the Microsoft Exchange Mailbox feature – we are talking about this GUID: efb87545-963c-4e0d-99df-69c6916d9eb0

Once I had identified the GUID the next step was to grab users from a specific on premise Active Directory OU and query them against Microsoft Azure on the Office 365 environment as for their assigned licenses/features. The results then are collected in a PowerShell object and eventually saved in a defined file name in a CSV format that you easily can filter in Excel afterwards.

Please keep in mind that you will need RSAT tools (PowerShell) and Azure/Office 365 connectivity, rights etc. in order for this to work.

#script looks for all users in a base OU path
#it checks for the license defined per user
#it will write a CSV file in the path the script is in: O365UserMailboxList.csv 

#Base OU path - needs to be set
$BaseOU = "DC=domain,DC=local"


#Exchange mailbox license ID - see link for full list
#https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/licensing-service-plan-reference
$ExchangeMailboxId = "efb87545-963c-4e0d-99df-69c6916d9eb0"


#Script starts below - no additional changes should be needed - besides the last line for the output file name
$tbl = New-Object System.Data.DataTable "Results"
$col1 = New-Object System.Data.DataColumn UserPrincipalName
$col2 = New-Object System.Data.DataColumn ADUserEnabled
$col3 = New-Object System.Data.DataColumn ExchangeMailboxEnabled
$col4 = New-Object System.Data.DataColumn ErrorMessage
$tbl.Columns.Add($col1)
$tbl.Columns.Add($col2)
$tbl.Columns.Add($col3)
$tbl.Columns.Add($col4)

$ADUsersFromOU = Get-ADUser -SearchBAse $BaseOU -filter * 

Connect-AzureAD

ForEach ($ADUser In $ADUsersFromOU) {
    $i += 1
    $p = [math]::Round(($i/$ADusersFromOU.Count*100),0)
    Write-Host "..processing $i of"$ADusersFromOU.Count"- $p% - "$ADUser.UserPrincipalName
    $MailboxEnabled = $false
    $ErrorMessage = ""
    try {
        $UserLicenses = Get-AzureADUser -objectid $ADUser.UserPrincipalName | Select -ExpandProperty AssignedPlans | Where {$_.CapabilityStatus -eq "Enabled"}
    } catch {
        $ErrorMessage = $Error[0]
        #Write-Host "....Error: "$Error[0]
    }
    ForEach ($ULicense In $UserLicenses) {
        If ($ULicense.ServicePlanId -eq $ExchangeMailboxId)
        {
            $MailboxEnabled = $true
            break;
        }
    }
    $row = $tbl.NewRow()
    $row.UserPrincipalName = $ADUser.UserPrincipalName
    $row.ADUserEnabled = $ADUser.Enabled
    $row.ExchangeMailboxEnabled = $MailboxEnabled
    $row.ErrorMessage = $ErrorMessage
    $tbl.Rows.Add($row)
}

$tbl |ft

#adjust this export-file name if you want to
$tbl | Export-Csv -Path .\O365UserMailboxList.csv

#script looks for all users in a base OU path

#it checks for the license defined per user

#it will write a CSV file in the path the script is in: O365UserMailboxList.csv

#Base OU path - needs to be set

$BaseOU = "DC=domain,DC=local"

#Exchange mailbox license ID - see link for full list

#https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/licensing-service-plan-reference

$ExchangeMailboxId = "efb87545-963c-4e0d-99df-69c6916d9eb0"

#Script starts below - no additional changes should be needed - besides the last line for the output file name

$tbl = New-Object System.Data.DataTable "Results"

$col1 = New-Object System.Data.DataColumn UserPrincipalName

$col2 = New-Object System.Data.DataColumn ADUserEnabled

$col3 = New-Object System.Data.DataColumn ExchangeMailboxEnabled

$col4 = New-Object System.Data.DataColumn ErrorMessage

$tbl.Columns.Add($col1)

$tbl.Columns.Add($col2)

$tbl.Columns.Add($col3)

$tbl.Columns.Add($col4)

$ADUsersFromOU = Get-ADUser -SearchBAse $BaseOU -filter *

Connect-AzureAD

ForEach ($ADUser In $ADUsersFromOU) {

$i += 1

$p = [math]::Round(($i/$ADusersFromOU.Count*100),0)

Write-Host "..processing $i of"$ADusersFromOU.Count"- $p% - "$ADUser.UserPrincipalName

$MailboxEnabled = $false

$ErrorMessage = ""

try {

$UserLicenses = Get-AzureADUser -objectid $ADUser.UserPrincipalName | Select -ExpandProperty AssignedPlans | Where {$_.CapabilityStatus -eq "Enabled"}

} catch {

$ErrorMessage = $Error[0]

#Write-Host "....Error: "$Error[0]

}

ForEach ($ULicense In $UserLicenses) {

If ($ULicense.ServicePlanId -eq $ExchangeMailboxId)

{

$MailboxEnabled = $true

break;

}

$row = $tbl.NewRow()

$row.UserPrincipalName = $ADUser.UserPrincipalName

$row.ADUserEnabled = $ADUser.Enabled

$row.ExchangeMailboxEnabled = $MailboxEnabled

$row.ErrorMessage = $ErrorMessage

$tbl.Rows.Add($row)

}

$tbl |ft

#adjust this export-file name if you want to

$tbl | Export-Csv -Path .\O365UserMailboxList.csv

March 24, 2020 by Florian Rossmark o365 / m365 scripts

Move user Documents and Desktop to OneDrive

The PowerShell script below was design to move Documents, Music, Videos, Pictures, Favorites and Desktop to a sub-folder in a connected OneDrive. In theory the script does not depend on OneDrive and could be adjusted to any other destination.

While it normally is wise to engage GPOs to adjust those paths to internal server resources, this is not possible easily while using OneDrive. The script therefor works better here.

What it does

is the current path per folder accessible
does the target path exist
1. YES: adjust the registry respective folder targets to the target path – FINISHED
2. NO: create the target folders – see 3.
is the source path on the same volume / partition – like C:
1. YES: see below – 4.
2. NO: check if there is enough free space for the amount of data needed to be moved
  1. YES: see below – 4.
  2. ALMOST: YELLOW warning – see below 4.
  3. NO: RED error – you could still proceed or simply close the script
move the data to the new target folder
remove the old folder – if not possible rename it

The script retains the special icons for the folders and engages the Windows API to adjust the folder paths.

What you need to do

Adjust the target-path in the top of the script
If desired, adjust the minimum free space value (2 GB by default) for the warning in regards to the free space – this only matters if the source and target volume / partition aren’t the same

To start the script, either right click and say run with PowerShell or run it directly in a PowerShell. This script will need to execute in the user-context and does NOT need administrative rights.

Clear
$NewRootPath = "$env:USERPROFILE\OneDrive - MYDOMAIN\User Profile"
$regUSF = "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders"
$regSF = "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" 

$Folders = "Personal,My Pictures,My Music,My Video,Favorites,Desktop"
$Folders = $Folders.Split(",")
$FolderNames = "Documents,Pictures,Music,Videos,Favorites,Desktop"
$FolderNames = $FolderNames.Split(",")

$AddSize = 2000000000 #free space in Bytes to add if files are on a different volume (2000000000 = about 2 GB)

$ArrayPosition = -1

Function Move-KnownFolderPath {
    Param (
            [Parameter(Mandatory = $true)]
            [ValidateSet('Desktop', 'Documents', 'Downloads', 'Favorites', 'Music', 'Pictures', 'Videos')]
            [string]$KnownFolder,
            [Parameter(Mandatory = $true)]
            [string]$Path
    )

    # Known Folder GUIDs
    $KnownFolders = @{
        'Desktop' = @('B4BFCC3A-DB2C-424C-B029-7FE99A87C641');
        'Documents' = @('FDD39AD0-238F-46AF-ADB4-6C85480369C7','f42ee2d3-909f-4907-8871-4c22fc0bf756');
        'Downloads' = @('374DE290-123F-4565-9164-39C4925E467B','7d83ee9b-2244-4e70-b1f5-5393042af1e4'); #not in use - just in case you want to use it..
        'Favorites' = '1777F761-68AD-4D8A-87BD-30B759FA33DD';
        'Music' = @('4BD8D571-6D19-48D3-BE97-422220080E43','a0c69a99-21c8-4671-8703-7934162fcf1d');
        'Pictures' = @('33E28130-4E1E-4676-835A-98395C3BC3BB','0ddd015d-b06c-45d5-8c4c-f59713854639');
        'Videos' = @('18989B1D-99B5-455B-841C-AB7C74E4DDFC','35286a68-3c57-41a1-bbb1-0eae73d76c95');
    }

    $FolderGUID = ([System.Management.Automation.PSTypeName]'KnownFolders').Type
	#create the Type entry if it does not yet exist / relates to the Registry eventually
    If (-not $FolderGUID) {
        $KnownFolderGUID = @'
[DllImport("shell32.dll")]
public extern static int SHSetKnownFolderPath(ref Guid folderId, uint flags, IntPtr token, [MarshalAs(UnmanagedType.LPWStr)] string path);
'@
        $FolderGUID = Add-Type -MemberDefinition $KnownFolderGUID -Name 'KnownFolders' -Namespace 'SHSetKnownFolderPath' -PassThru
    }

    If(!(Test-Path $Path)){
		#in case folder does yet exist, we create it
		Try {
			New-Item -Path $Path -Type Directory -Force -ErrorAction SilentlyContinue
		} Catch {}
    }
	#set the new folder path
	ForEach ($TmpGUID in $KnownFolders[$KnownFolder]) {
		$tmp = $FolderGUID::SHSetKnownFolderPath([ref]$TmpGUID, 0, 0, $Path)	
	}	
	Attrib +r $Path	#needed to retain the icon 
}

ForEach ($Folder In $Folders)
{	
	$ArrayPosition += 1
    Write-Host "Working on folder"$FolderNames[$ArrayPosition] -BackgroundColor DarkGreen
    $SourcePath = (Get-ItemProperty -Path $regUSF -Name $Folder).$Folder
    If ($SourcePath.Length -gt 0)
    {
		Write-Host "..checking source path: $SourcePath"
		If ((Test-Path -Path $SourcePath)){
			Write-Host "....path is accessible"
			$CompSource = Get-Item -Path $SourcePath
			$CompareResult = $false
			If ((Test-Path -Path ($NewRootPath + "\" + $CompSource.Name))){
				$CompTarget = Get-Item -Path ($NewRootPath + "\" + $CompSource.Name)
				Write-Host "..Comparing Source Path: "$CompSource.FullName
				Write-Host "....with Target Path:    "$CompTarget.FullName
				If ($CompSource.FullName.ToLower() -eq $CompTarget.FullName.ToLower()){
					$CompareResult = $true
				} Else {
					$CompareResult = $false
				}
			} Else {
				Write-Host "..Target Path does not exist"
			}
			If ($CompareResult -eq $true){
				Write-Host "..Source and Target path are identical: $CompTarget" -ForegroundColor Yellow
				Write-Host "....Not applying any changes!" -ForegroundColor Yellow
				Pause
			} Else {
				$SourceFolder = Get-Item -Path $SourcePath
				Write-Host "..accessing source folder $SourceFolder" -ForegroundColor Green
				If (!(Test-Path -Path ($NewRootPath + '\' + $SourceFolder.Name))){
					Move-KnownFolderPath -KnownFolder ("" + $FolderNames[$ArrayPosition] + "") -Path ($NewRootPath + '\' + $FolderNames[$ArrayPosition])
					$TargetPath = Get-Item -Path ("$NewRootPath\" + $FolderNames[$ArrayPosition])
					Write-Host "..created new folder $TargetPath"
					
					#compare source size with target free space here
					Write-Host "..Comparing Source and Target drive letters"
					If ($NewRootPath.SubString(0,2).ToLower() -ne $SourcePath.SubString(0,2).ToLower())
					{
						#source drives are different.. we need to obey the SourceSize against the free space on the target
						Write-Host "....Source and Target drive letters are different"
						Write-Host "......Please wait while calculating the source size"
						$SourceSize = (Get-ChildItem -Path $SourcePath -Recurse | Measure-Object -Property Length -Sum -ErrorAction SilentlyContinue).Sum
						$TargetFree = Get-PSDrive $NewRootPath.SubString(0,1) | Select-Object Free
						If ($SourceSize -gt $TargetFree.Free) {
							Write-Host "......The Source size of $SourceSize Bytes is bigger then the free space on the Target of $TargetFree.Free Bytes" -ForegroundColor Red
						} ElseIf (($SourceSize + $AddSize) -gt $TargetFree.Free) {
							Write-Host "......The Source size of $SourceSize Bytes is close to the free space on the Target of $TargetFree.Free Bytes" -ForegroundColor Yellow
						} Else {
							Write-Host "......The Source size of $TargetFree.Free Bytes is sufficient to hold the data from the Source of $SourceSize Bytes" -ForegroundColor Green
						}
						Pause
					} Else {
						Write-Host "....Source and Targets are on the same drive, all good"
					}
					
					Write-Host "..Moving data from: $SourcePath"
					Write-Host "....to folder:      $TargetPath"
					Write-Host "....This can take several minutes..."
					Move-Item -Path ("" + $SourcePath + "\*") -Destination $TargetPath -Force -ErrorAction SilentlyContinue
					Write-Host "....Done moving data"
				} Else {
					Write-Host "..Warning - Target Path exists already: $CompTarget" -ForegroundColor Yellow
					Write-Host "....Files will not be moved, registry still will be adjusted to the target path!" -ForegroundColor Yellow
					Pause
					Move-KnownFolderPath -KnownFolder ("" + $FolderNames[$ArrayPosition] + "") -Path ($NewRootPath + '\' + $FolderNames[$ArrayPosition])
					Write-Host "....Finished adjusting registry"
				}
				Write-Host "..Trying to remove $SourcePath"
				Pause
				Try {
					Attrib -r -s $SourceFolder.FullName	
					Remove-Item -Path $SourceFolder.FullName -Force -Confirm:$false -Recurse -ErrorAction SilentlyContinue
				} Catch {}	
				Try {
					Attrib -r -s ($SourceFolder + "\desktop.ini")	
					Remove-Item -Path ($SourceFolder + "\desktop.ini") -Force -Confirm:$false -ErrorAction SilentlyContinue
				} Catch {}						
				Try {
					Rename-Item -Path $SourceFolder -NewName ($SourceFolder.Name + ".old") -Force -ErrorAction SilentlyContinue
				} Catch {}		
			}
		} Else {
			Write-Host "....SourceFolder Path invalid: $SourcePath" -ForegroundColor Red
		}
    } 
	Write-Host "..Done processing"$FolderNames[$ArrayPosition] -BackgroundColor Blue
	Pause
}
Write-Host "Script finished processing" -ForegroundColor Green
Pause

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

Clear

$NewRootPath = "$env:USERPROFILE\OneDrive - MYDOMAIN\User Profile"

$regUSF = "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders"

$regSF = "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders"

$Folders = "Personal,My Pictures,My Music,My Video,Favorites,Desktop"

$Folders = $Folders.Split(",")

$FolderNames = "Documents,Pictures,Music,Videos,Favorites,Desktop"

$FolderNames = $FolderNames.Split(",")

$AddSize = 2000000000 #free space in Bytes to add if files are on a different volume (2000000000 = about 2 GB)

$ArrayPosition = -1

Function Move-KnownFolderPath {

Param (

[Parameter(Mandatory = $true)]

[ValidateSet('Desktop', 'Documents', 'Downloads', 'Favorites', 'Music', 'Pictures', 'Videos')]

[string]$KnownFolder,

[Parameter(Mandatory = $true)]

[string]$Path

)

# Known Folder GUIDs

$KnownFolders = @{

'Desktop' = @('B4BFCC3A-DB2C-424C-B029-7FE99A87C641');

'Documents' = @('FDD39AD0-238F-46AF-ADB4-6C85480369C7','f42ee2d3-909f-4907-8871-4c22fc0bf756');

'Downloads' = @('374DE290-123F-4565-9164-39C4925E467B','7d83ee9b-2244-4e70-b1f5-5393042af1e4'); #not in use - just in case you want to use it..

'Favorites' = '1777F761-68AD-4D8A-87BD-30B759FA33DD';

'Music' = @('4BD8D571-6D19-48D3-BE97-422220080E43','a0c69a99-21c8-4671-8703-7934162fcf1d');

'Pictures' = @('33E28130-4E1E-4676-835A-98395C3BC3BB','0ddd015d-b06c-45d5-8c4c-f59713854639');

'Videos' = @('18989B1D-99B5-455B-841C-AB7C74E4DDFC','35286a68-3c57-41a1-bbb1-0eae73d76c95');

}

$FolderGUID = ([System.Management.Automation.PSTypeName]'KnownFolders').Type

#create the Type entry if it does not yet exist / relates to the Registry eventually

If (-not $FolderGUID) {

$KnownFolderGUID = @'

[DllImport("shell32.dll")]

public extern static int SHSetKnownFolderPath(ref Guid folderId, uint flags, IntPtr token, [MarshalAs(UnmanagedType.LPWStr)] string path);

$FolderGUID = Add-Type -MemberDefinition $KnownFolderGUID -Name 'KnownFolders' -Namespace 'SHSetKnownFolderPath' -PassThru

}

If(!(Test-Path $Path)){

#in case folder does yet exist, we create it

Try {

New-Item -Path $Path -Type Directory -Force -ErrorAction SilentlyContinue

} Catch {}

}

#set the new folder path

ForEach ($TmpGUID in $KnownFolders[$KnownFolder]) {

$tmp = $FolderGUID::SHSetKnownFolderPath([ref]$TmpGUID, 0, 0, $Path)

}

Attrib +r $Path #needed to retain the icon

}

ForEach ($Folder In $Folders)

{

$ArrayPosition += 1

Write-Host "Working on folder"$FolderNames[$ArrayPosition] -BackgroundColor DarkGreen

$SourcePath = (Get-ItemProperty -Path $regUSF -Name $Folder).$Folder

If ($SourcePath.Length -gt 0)

{

Write-Host "..checking source path: $SourcePath"

If ((Test-Path -Path $SourcePath)){

Write-Host "....path is accessible"

$CompSource = Get-Item -Path $SourcePath

$CompareResult = $false

If ((Test-Path -Path ($NewRootPath + "\" + $CompSource.Name))){

$CompTarget = Get-Item -Path ($NewRootPath + "\" + $CompSource.Name)

Write-Host "..Comparing Source Path: "$CompSource.FullName

Write-Host "....with Target Path: "$CompTarget.FullName

If ($CompSource.FullName.ToLower() -eq $CompTarget.FullName.ToLower()){

$CompareResult = $true

} Else {

$CompareResult = $false

}

} Else {

Write-Host "..Target Path does not exist"

}

If ($CompareResult -eq $true){

Write-Host "..Source and Target path are identical: $CompTarget" -ForegroundColor Yellow

Write-Host "....Not applying any changes!" -ForegroundColor Yellow

Pause

} Else {

$SourceFolder = Get-Item -Path $SourcePath

Write-Host "..accessing source folder $SourceFolder" -ForegroundColor Green

If (!(Test-Path -Path ($NewRootPath + '\' + $SourceFolder.Name))){

Move-KnownFolderPath -KnownFolder ("" + $FolderNames[$ArrayPosition] + "") -Path ($NewRootPath + '\' + $FolderNames[$ArrayPosition])

$TargetPath = Get-Item -Path ("$NewRootPath\" + $FolderNames[$ArrayPosition])

Write-Host "..created new folder $TargetPath"

#compare source size with target free space here

Write-Host "..Comparing Source and Target drive letters"

If ($NewRootPath.SubString(0,2).ToLower() -ne $SourcePath.SubString(0,2).ToLower())

{

#source drives are different.. we need to obey the SourceSize against the free space on the target

Write-Host "....Source and Target drive letters are different"

Write-Host "......Please wait while calculating the source size"

$SourceSize = (Get-ChildItem -Path $SourcePath -Recurse | Measure-Object -Property Length -Sum -ErrorAction SilentlyContinue).Sum

$TargetFree = Get-PSDrive $NewRootPath.SubString(0,1) | Select-Object Free

If ($SourceSize -gt $TargetFree.Free) {

Write-Host "......The Source size of $SourceSize Bytes is bigger then the free space on the Target of $TargetFree.Free Bytes" -ForegroundColor Red

} ElseIf (($SourceSize + $AddSize) -gt $TargetFree.Free) {

Write-Host "......The Source size of $SourceSize Bytes is close to the free space on the Target of $TargetFree.Free Bytes" -ForegroundColor Yellow

} Else {

Write-Host "......The Source size of $TargetFree.Free Bytes is sufficient to hold the data from the Source of $SourceSize Bytes" -ForegroundColor Green

}

Pause

} Else {

Write-Host "....Source and Targets are on the same drive, all good"

}

Write-Host "..Moving data from: $SourcePath"

Write-Host "....to folder: $TargetPath"

Write-Host "....This can take several minutes..."

Move-Item -Path ("" + $SourcePath + "\*") -Destination $TargetPath -Force -ErrorAction SilentlyContinue

Write-Host "....Done moving data"

} Else {

Write-Host "..Warning - Target Path exists already: $CompTarget" -ForegroundColor Yellow

Write-Host "....Files will not be moved, registry still will be adjusted to the target path!" -ForegroundColor Yellow

Pause

Move-KnownFolderPath -KnownFolder ("" + $FolderNames[$ArrayPosition] + "") -Path ($NewRootPath + '\' + $FolderNames[$ArrayPosition])

Write-Host "....Finished adjusting registry"

}

Write-Host "..Trying to remove $SourcePath"

Pause

Try {

Attrib -r -s $SourceFolder.FullName

Remove-Item -Path $SourceFolder.FullName -Force -Confirm:$false -Recurse -ErrorAction SilentlyContinue

} Catch {}

Try {

Attrib -r -s ($SourceFolder + "\desktop.ini")

Remove-Item -Path ($SourceFolder + "\desktop.ini") -Force -Confirm:$false -ErrorAction SilentlyContinue

} Catch {}

Try {

Rename-Item -Path $SourceFolder -NewName ($SourceFolder.Name + ".old") -Force -ErrorAction SilentlyContinue

} Catch {}

}

} Else {

Write-Host "....SourceFolder Path invalid: $SourcePath" -ForegroundColor Red

}

Write-Host "..Done processing"$FolderNames[$ArrayPosition] -BackgroundColor Blue

Pause

}

Write-Host "Script finished processing" -ForegroundColor Green

Pause

Please be advised – the script will by default not try to move e.g. DOWNLOADS.

You can adjust this, while adding the folder to the two parameter, see sample below.

$Folders = "Personal,My Pictures,My Music,My Video,Favorites,Desktop<strong>,Downloads</strong>" 
$Folders = $Folders.Split(",") 
$FolderNames = "Documents,Pictures,Music,Videos,Favorites,Desktop<strong>,Downloads</strong>" 
$FolderNames = $FolderNames.Split(",")

$Folders = "Personal,My Pictures,My Music,My Video,Favorites,Desktop<strong>,Downloads</strong>"

$Folders = $Folders.Split(",")

$FolderNames = "Documents,Pictures,Music,Videos,Favorites,Desktop<strong>,Downloads</strong>"

$FolderNames = $FolderNames.Split(",")

If you want more folder, the script would need some special adjustments. It can be used as a base script, if you want.

April 18, 2019 by Florian Rossmark o365 / m365 recommendations scripts windows

Office 365/Exchange Public Folders – find out if they are still in use

Public Folders in Microsoft Exchange are one of the most challenging parts in Exchange system administrators can face. Microsoft actually tried to get rid of them several times and still they are around. As from an administrative point of view, they often did grow wild and I saw environments with a huge amount of public folders and no one was able to tell if they are still in use or not.

About a year ago I faced the same challenge and had to determine for a few thousand folders if we could retire them or not. PowerShell commands seemed to be the best approach for this, but soon I found out this is actually not as easy as I hoped it would be. There is no direct command that would give me all I needed and there was no easy way to determine if the folder is in use or not, this is especially because you can’t go with attributes like ‘last accessed’ for this cause, simply because they might show you data that is not really helpful to determine whether the folder is still in use or not. The folder ‘last modified’ is not as accurate either due to a simple marked as read action could modify this attribute as well.

Drilling further down in what I could use, I decided to see when the newest object in the folder actually was created – so the last created object in the folder – whether it was an email folder or e.g. a calendar.

The script you will find below will actually export the following columns in to a CSV file that you can process further in e.g. Microsoft Excel”:

Public Folder Path
- the path to this public folder
Mail Enabled
- well – is direct email enabled on this folder yes or no – this can actually be quite important and might need further review or needs groups/distribution list to be created instead
Mail address
- helps to determine if this might be somewhere in use on a website etc.
Folder Class
- the class in most cases is either an email folder or an calendar
Folder Size
- total size of the folder – some folders might be really small and this helps to determine if you will need to keep em or not
Number of Items
- like size – this helps a lot to see if it is something to discard or not
Top 1 object creation time
- if there are items in the folder, this is the newest created item – specifically it is the date / time the item was created, as mentioned, modified will not help you because a simple mark as read action through Outlook already would influence this – the most accurate information I was able to find is the creation time for this cause

Now to the script(s). We actually talk about two scripts here – this is simply due to the fact that I developed this against a Office 365 Exchange system that needed me to logon and load the PowerShell modules from Office 365. The script itself should work on respective against an on premise Exchange server as well.

Simply said, you need to create both script files in the same folder – the ConnectToO365.ps1 script that is called is just a central solution in a huge script folder that is called by each script if necessary. The top section of each script first determines if there is a active session against the Office 365 environment and it will reuse it if possible or call the connect script to establish a new connection.

Import-module ActiveDirectory
Import-Module MSOnline
$LiveCred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection
Import-PSSession $Session
connect-msolservice -credential $LiveCred

Import-module ActiveDirectory

Import-Module MSOnline

$LiveCred = Get-Credential

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection

Import-PSSession $Session

connect-msolservice -credential $LiveCred

Get-MsolDomain -ErrorAction SilentlyContinue > NULL
if($?)
{
"Connection to Office 365 is established"
}
else
{
"Initiating connection to Office 365"
.\ConnectToO365.ps1
}

$OutputFile = "PublicFolderLists_" + (Get-Date -UFormat "%Y%m%d%_%H%M%S") + ".csv"

Write "Writing to file: $OutputFile"

Out-File -FilePath $OutputFile -InputObject "Public Folder path;Mail enabled;Mail address;Folder Class;Folder last modified;Folder Size;Number of items;Top 1 object creation time" -Encoding UTF8 
$objPFs = Get-PublicFolder -Recurse
Foreach ($objPF in $objPFs) 
{ 
$objPFitemstats = PublicFolderItemStatistics -Identity $($objPF.Identity)|Sort-Object CreationTime -Descending|Select-Object -First 1 #|ft CreationTime,LastModificationTime 
$strMailAddreess = ""
if ($objPF.MailEnabled -eq $true)
{
$objPFmail = Get-MailPublicFolder -Identity $($objPF.Identity)
$strMailAddreess = $objPFmail.PrimarySmtpAddress
} 
$objPFstats = Get-PublicFolderStatistics -Identity $($objPF.Identity)
$strOutLine = "$($objPF.Identity);$($objPF.MailEnabled);$strMailAddreess;$($objPF.FolderClass);$($objPFstats.LastModificationTime);$($objPF.FolderSize);$($objPFstats.ItemCount);$($objPFitemstats.CreationTime)"
Out-File -FilePath $OutputFile -InputObject "$strOutLine" -Encoding UTF8 -append 
Write-Host "`t$strOutLine"
} 
#Get-PublicFolder -Recurse | Get-PublicFolderItemStatistics | Group-Object -Property ItemType -NoElement

Get-MsolDomain -ErrorAction SilentlyContinue > NULL

if($?)

{

"Connection to Office 365 is established"

}

else

{

"Initiating connection to Office 365"

.\ConnectToO365.ps1

}

$OutputFile = "PublicFolderLists_" + (Get-Date -UFormat "%Y%m%d%_%H%M%S") + ".csv"

Write "Writing to file: $OutputFile"

Out-File -FilePath $OutputFile -InputObject "Public Folder path;Mail enabled;Mail address;Folder Class;Folder last modified;Folder Size;Number of items;Top 1 object creation time" -Encoding UTF8

$objPFs = Get-PublicFolder -Recurse

Foreach ($objPF in $objPFs)

{

$objPFitemstats = PublicFolderItemStatistics -Identity $($objPF.Identity)|Sort-Object CreationTime -Descending|Select-Object -First 1 #|ft CreationTime,LastModificationTime

$strMailAddreess = ""

if ($objPF.MailEnabled -eq $true)

{

$objPFmail = Get-MailPublicFolder -Identity $($objPF.Identity)

$strMailAddreess = $objPFmail.PrimarySmtpAddress

}

$objPFstats = Get-PublicFolderStatistics -Identity $($objPF.Identity)

$strOutLine = "$($objPF.Identity);$($objPF.MailEnabled);$strMailAddreess;$($objPF.FolderClass);$($objPFstats.LastModificationTime);$($objPF.FolderSize);$($objPFstats.ItemCount);$($objPFitemstats.CreationTime)"

Out-File -FilePath $OutputFile -InputObject "$strOutLine" -Encoding UTF8 -append

Write-Host "`t$strOutLine"

}

#Get-PublicFolder -Recurse | Get-PublicFolderItemStatistics | Group-Object -Property ItemType -NoElement

July 11, 2018 by Florian Rossmark o365 / m365 scripts

Office 365

Make Microsoft TEAMS the default IM application

Auditing network users against HR lists etc.

Structured groups and rights

Monitoring Active Directory activity

Auditing your user base against HR (Human Resources) data

Don’t forget your ERP systems and systems with Active Directory independent user bases

Office 365

Office 365 licenses and activated features per user

Move user Documents and Desktop to OneDrive

Office 365/Exchange Public Folders – find out if they are still in use

Recent blog posts

Blog Archives

Office 365

Structured groups and rights

Monitoring Active Directory activity

Auditing your user base against HR (Human Resources) data

Don’t forget your ERP systems and systems with Active Directory independent user bases

Office 365

Recent blog posts

Blog Archives

Tags