~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~
List users with access to shared mailbox
Get-Mailbox -RecipientTypeDetails SharedMailbox -ResultSize:Unlimited | Get-MailboxPermission |Select-Object Identity,User,AccessRights | Where-Object {($_.user -like '*@*')}|Export-Csv C:\Temp\SharedMailbox-UL.csv
~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~
Query what mailboxes are shared with a user
Get-Mailbox | Get-MailboxPermission -User "UPN@domain.com"
Remove (nuke) user from shared mailbox
Remove-MailboxPermission -Identity "Shared Mailbox" -User "UPN@domain.com" -AccessRights FullAccess -InheritanceType All -Confirm:$false
Query objects Password Expiry value
Get-AzureADUser -ObjectId "UPN@domain.com" | Select-Object UserprincipalName,@{ >> N="PasswordNeverExpires";E={$_.PasswordPolicies -contains "DisablePasswordExpiration"} >> }
Set Password to never expire.
Set-AzureADUser -ObjectId "UPN@domain.com" -PasswordPolicies DisablePasswordExpiration
~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~
P/Shell in and out of Exchange with MFA enabled.
Connect-EXOPSSession -UserPrincipalName <your UPN> -------------- Get-PSSession | Remove-PSSession (close p/shell)
View calendar permissions
Get-MailboxFolderPermission -Identity <User@domain>:\calendar |fl
Add calendar permissions
Add-MailboxFolderPermission -Identity <User@domain>:\calendar -User <User to share with> -AccessRights editor
Remove calendar permission:
Remove-MailboxFolderPermission -identity <user@domain>:\calendar -User <User to remove>
List of permissions
- Owner — read, create, modify and delete all items and folders. Also this role allows manage items permissions;
- PublishingEditor — read, create, modify and delete items/subfolders;
- Editor — read, create, modify and delete items;
- PublishingAuthor — read, create all items/subfolders. You can modify and delete only items you create;
- Author — create and read items; edit and delete own items NonEditingAuthor – full read access and create items. You can delete only your own items;
- Reviewer — read only;
- Contributor — create items and folders;
- AvailabilityOnly — read free/busy information from calendar;
- LimitedDetails;
- None — no permissions to access folder and files.
~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~
Remove a particular mobile device instance
List device agains user mailbox.
get-mobileDevice -Mailbox "Mailbox Name" | fl deviceid,Name,identity
Nuke actual mobile device instance.
Remove-MobileDevice -Identity "identity..."
Remove phone from Quarantine (list then action)
Get-MobileDevice -Mailbox "mailbox name" |fl deviceaccessstate,deviceid
~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~
Query objects Password Expiry value
Get-AzureADUser -ObjectId "UPN@domain.com" | Select-Object UserprincipalName,@{ >> N="PasswordNeverExpires";E={$_.PasswordPolicies -contains "DisablePasswordExpiration"} >> }
Set Password to never expire.
Set-AzureADUser -ObjectId "UPN@domain.com" -PasswordPolicies DisablePasswordExpiration
~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~
P/Shell in and out of Exchange with MFA enabled.
Connect-EXOPSSession -UserPrincipalName <your UPN> -------------- Get-PSSession | Remove-PSSession (close p/shell)
View calendar permissions
Get-MailboxFolderPermission -Identity <User@domain>:\calendar |fl
Add calendar permissions
Add-MailboxFolderPermission -Identity <User@domain>:\calendar -User <User to share with> -AccessRights editor
Remove calendar permission:
Remove-MailboxFolderPermission -identity <user@domain>:\calendar -User <User to remove>
List of permissions
- Owner — read, create, modify and delete all items and folders. Also this role allows manage items permissions;
- PublishingEditor — read, create, modify and delete items/subfolders;
- Editor — read, create, modify and delete items;
- PublishingAuthor — read, create all items/subfolders. You can modify and delete only items you create;
- Author — create and read items; edit and delete own items NonEditingAuthor – full read access and create items. You can delete only your own items;
- Reviewer — read only;
- Contributor — create items and folders;
- AvailabilityOnly — read free/busy information from calendar;
- LimitedDetails;
- None — no permissions to access folder and files.
~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~
Remove a particular mobile device instance
List device agains user mailbox.
get-mobileDevice -Mailbox "Mailbox Name" | fl deviceid,Name,identity
Nuke actual mobile device instance.
Remove-MobileDevice -Identity "identity..."
~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~#~