New scripts to support the deprecation of Search-Mailbox

[jmartinmsft]

@microsoft-github-policy-service agree [company="Microsoft"]

[bill-long]

@jmartinmsft

• The CLA does not apply to Microsoft employees. Instead, you must link your GitHub account to your corp creds and join the Microsoft org: https://docs.opensource.microsoft.com/github/opensource/accounts/linking/

• Do we know how these scripts compare to the existing search-and-destroy script here: https://microsoft.github.io/CSS-Exchange/Security/CVE-2023-23397/? This purposely wasn't released as a more general replacement for Search-Mailbox because of concerns around accidental deletions, but modifying it to delete anything you want is pretty trivial. If we're going to release a script to do this, we need to revisit that discussion.

• One big difference I see is that the EWS version of the new script calls FindItems rather than using a search folder. This will make it very slow compared to the search folder approach we added to the CVE script, which cut the time to search all mailboxes on corp and other large environments to less than 10% of the time it takes to call FindItems over and over and synchronously wait for the result.

• Disclaimers and authorship need to be removed from the top of the script. Disclaimers are added by the build pipeline.

• Right now, the build is failing because the docs haven't been added to mkdocs.yml.

[jmartinmsft]

Account has been linked (thought this was done a while ago).

It is similar to the CVE-2023-23397 script, but with more search options. There is a demand for this capability with the removal of the Search-Mailbox cmdlet, so we definitely need to revisit the discussion.

All changes will be put on hold until we discuss and determine next steps.

[dpaulson45]

Closing this as work is being done to determine if this is a valid option. Either open a new PR once that work is completed if on different branch or reopen if on the same branch of your repository.