mcvic1rj
commented
7 years ago This sounds more like a holistic issue with the exchange online module. @stuartcl @bkoeller Do either of you have a way to report this internally microsoft?
Open beanxyz opened 7 years ago
mcvic1rj
commented
7 years ago This sounds more like a holistic issue with the exchange online module. @stuartcl @bkoeller Do either of you have a way to report this internally microsoft?
neospud1
commented
6 years ago I don't think it has anything to do with a module. It's just how these commandlets work. Probably best to just write the script in a way that works in the current environment. Anyway.. just mentioning this because microsoft's secure score tool had an item that suggests making this change in the environment and it's self links to this script.
privateclouds
commented
6 years ago $userCredential = Get-Credential
$ExoSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $userCredential -Authentication Basic -AllowRedirection
Import-PSSession $ExoSession
$users=get-mailbox | select name, distinguishedname ; Foreach($user in $users) { set-mailbox $user.distinguishedname -auditEnabled $true}
$user=Get-Mailbox -ResultSize Unlimited -Filter {RecipientTypeDetails -eq "UserMailbox" -or RecipientTypeDetails -eq "SharedMailbox" -or RecipientTypeDetails -eq "RoomMailbox" -or RecipientTypeDetails -eq "DiscoveryMailbox"} | select name, distinguishedname ; Foreach($user in $users) { Set-Mailbox $user.distinguishedname -AuditEnabled $true -AuditLogAgeLimit 180 -AuditAdmin Update, MoveToDeletedItems, SoftDelete, HardDelete, SendAs, SendOnBehalf, Create, UpdateFolderPermission -AuditDelegate Update, SoftDelete, HardDelete, SendAs, Create, UpdateFolderPermissions, MoveToDeletedItems, SendOnBehalf -AuditOwner UpdateFolderPermission, MailboxLogin, Create, SoftDelete, HardDelete, Update, MoveToDeletedItems }
Get-Mailbox -ResultSize Unlimited | Select Name, AuditEnabled, AuditLogAgeLimit | Out-Gridview
It will throw an error of 'The operation couldn't be performed because 'XXX' matches multiple entries' because the pipe automatically use the alias to match the identity
Suggest Fix: Designate distinguishedName as the identity
e.g:
$users=get-mailbox | select name, distinguishedname ; Foreach($user in $users) { set-mailbox $user.distinguishedname -auditEnabled $true}