cmdlts: get, set, new, enable, disable
Recipients:
get-msluser
new-msoluser -lastname test -firstname userxx – …just copy from example
Then assign license:
get-msolaccountsku list licenses
set-msol -uselicense -userprinciplename insert email address etc -addlicenses etc | set (and then set the license..)
so, get mailbox user, then pipe it to whatever:
get-mailbox whoever | set-mailbox -prohibit…
get-distributiongroup
Resource mailboxes established in Exchange
new-mailbox -room
new-mailbox -shared
get-mailbox whoever | add-mailboxpremission -user admin -accessrights fullaccess
mail contact is just a contact
mail user doesn;t have a mailbox but does have permissions
new-mailcontact -externalemailaddress
new-mailuser….. which would have to include passwords etc
PUBLIC FOLDER
want to use recurse and pipe it to whatever – better than EAC
Mail Flow:
get-help [cmdlt] -example
get-accepted-domain
-accepted-domain
Azure cmdlts start with MSOL
get-MSOLdomain
new-MSOLdomain fabrikam.com or contoso
get-MSOLdomainverificationDns
set=MSOLdomain -name fabrikan.com -isdefault
get-transportrule
get-transportruleeradicate
get-transportruleactions
get-help new-transportrule -examples
new-transportrule -name “test rule” -FromsScope notinorganisation -sentto “admin@whoever.com -prependsubject “for Admin”
get-messagetrace -senderaddress admin@… -startdate (NB not more than 30 days -enddate (whatever)
get-messagetrackingreport
Outlook web app policies
get-CasMailbox [id]
get-CasMailbox | fl
Sort the policy
get-owamailboxpolicy
set-owamailboxpolicy “testPolic” -allowofflineOn none
get-mobiledevicepolicy
set-mobiledevicepolicy
Assign policy to user
clear-mobiledevice
get-mobiledevice -mailbox
get-mailbox | %{get-mobiledevice -mailbox %.name.name}
Sharing apps
Powershell best for getting detail on apps.
get-app
get-app messageheaderanalyzer | fl *
new-app (usually url)
Role Based Acces Control – RBAC
If you are doing something with RBAC, you need to run:
enable-organizationcustomization
Configuring
get-rolegroup
add-rolegroupmember
get-managementrole
new-rolegroup -name “Address List Admin” -roles “Address Lists” -members admin
get-rolegroup to see address list group added to groups
get-managementroleentry “Address Lists\*”
GAL segmentation:
address list
GAL list
Room List
Offline address list
create address list:
get-help new-addresslist -examples
See address books in technet Exchange Online – good for showing how GAL segmentation works
Configuring Data Loss Prevention DLP
get-dlppolicy
get-dlppolicytemplates
new-dlppolicy -name “US Patriot Act Policy” -Template “U.S. Pattriot Act”
get-dlppolicy
set-dlp-policy “US Patriot Act Policy” Mode Enforce
get-transportrule
Establishing Retention Policies
To create a retention policy:
get-retentionpolicytag
new-retentionpolicy “sales Retention Policy” -Retentionpolicylinks “Inbox-Sales”
set-mailbox alexd -retentionpolicy “Sales Retention Policy”
Notes about Journaling
get-help new-journalrule -examples
get-journalrule
Using eDiscovery
default role group
get-rolegroup
get-rolegroupmember
“Discovery Management”
add-rolegroupmember -identity “Discovery Management” -Member testuser
get-help *search*
get-help new-mailboxsearch -example
get-mailboxsearch lists searches in progress
start-mailboxsearch (check out help on this
****Woah – how to remotely delete email****
search-mailbox “Subject:Hey” -delete (except you need RBAC rights for it)
Audit Reporting
get-adminauditlogconfig (use to disable admin logs if you need)
set-adminauditlogconfig
get-help *audit*
search -adminauditlog (use help to find what)
Exchange Online Protection EOP
get-help *malware*
get-malwarefilterpolicy | fl
Connection filter lists?
get-help *connection*
get-hostedconnectionlists
CONTENT FILTER
get-hosted and then try tabbing
QUARANTINE
get-help quarantine*
get-help *report*