Skip to content

Commit

Permalink
20240924(3)
Browse files Browse the repository at this point in the history 
- Get-RoleGroupsMembers
- Rivisto download file JSON licenze (+ GitHub Action per allineare i file ogni giorno)
- Minor fixes
  • Loading branch information
@gioxx
gioxx committed Sep 24, 2024
1 parent f7946a2 commit 98fe4c3
Show file tree
Hide file tree
Showing 9 changed files with 187 additions and 272 deletions.
4 changes: 3 additions & 1 deletion Gioxx.ToyBox/GTB.Main.psm1
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
# DATA =============================================================================================================================================================
$GTB = [ordered]@{
LicensesJSON = 'https://raw.githubusercontent.com/gioxx/ps.toybox/main/JSON/M365_licenses.json'
LicenseFilePath = 'JSON/M365_licenses.json'
RepoName = 'ps.toybox'
RepoOwner = 'gioxx'
}
New-Variable -Name GTBVars -Value $GTB -Scope Script -Force # Lista licenze M365 utilizzata in Export-MsolAccountSku

Expand Down
3 changes: 2 additions & 1 deletion Gioxx.ToyBox/Gioxx.ToyBox.psd1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@
"Get-QuarantineToRelease",
"Get-RandomPassword",
"Get-RoomsDetails",
"Get-RoleGroupsMembers",
"Get-UserGroups",
"New-SharedMailbox",
"Release-QuarantineFrom",
Expand Down Expand Up @@ -85,7 +86,7 @@
# ReleaseNotes of this module
# ReleaseNotes = ''

Prerelease = '20240614(1)'
Prerelease = '20240924(3)'
RequireLicenseAcceptance = $False

}
Expand Down
43 changes: 36 additions & 7 deletions Gioxx.ToyBox/Groups/GTB.Groups.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,15 +30,15 @@ function Export-DG {
if (-not([string]::IsNullOrEmpty($folderCSV))) { $CSV = $True }
if ($CSV) { $folder = priv_CheckFolder($folderCSV) }

$DGs | ForEach {
$DGs | ForEach-Object {
try {
$CurrentDG = $_
$GetDG = Get-DistributionGroup $CurrentDG
$DGsCounter++
$PercentComplete = (($DGsCounter / $DGs.Count) * 100)
Write-Progress -Activity "Processing $($GetDG.DisplayName)" -Status "$DGsCounter out of $($DGs.Count) ($($PercentComplete.ToString('0.00'))%)" -PercentComplete $PercentComplete

Get-DistributionGroupMember $CurrentDG | ForEach {
Get-DistributionGroupMember $CurrentDG | ForEach-Object {
if ($All) {
$arr_ExportedDG += New-Object -TypeName PSObject -Property $([ordered]@{
"Group Name" = $GetDG.DisplayName
Expand Down Expand Up @@ -110,15 +110,15 @@ function Export-DDG {
if (-not([string]::IsNullOrEmpty($folderCSV))) { $CSV = $True }
if ($CSV) { $folder = priv_CheckFolder($folderCSV) }

$DDGs | ForEach {
$DDGs | ForEach-Object {
try {
$CurrentDDG = $_
$GetDDG = Get-DynamicDistributionGroup $CurrentDDG
$DDGsCounter++
$PercentComplete = (($DDGsCounter / $DDGs.Count) * 100)
Write-Progress -Activity "Processing $($GetDDG.DisplayName)" -Status "$DDGsCounter out of $($DDGs.Count) ($($PercentComplete.ToString('0.00'))%)" -PercentComplete $PercentComplete

Get-DynamicDistributionGroupMember $CurrentDDG | ForEach {
Get-DynamicDistributionGroupMember $CurrentDDG | ForEach-Object {
if ($All) {
$arr_ExportedDDG += New-Object -TypeName PSObject -Property $([ordered]@{
"Group Name" = $GetDDG.DisplayName
Expand Down Expand Up @@ -190,15 +190,15 @@ function Export-M365Group {
if (-not([string]::IsNullOrEmpty($folderCSV))) { $CSV = $True }
if ($CSV) { $folder = priv_CheckFolder($folderCSV) }

$M365Gs | ForEach {
$M365Gs | ForEach-Object {
try {
$CurrentM365G = $_
$GetM365G = Get-UnifiedGroup $CurrentM365G
$M365GsCounter++
$PercentComplete = (($M365GsCounter / $M365Gs.Count) * 100)
Write-Progress -Activity "Processing $($GetM365G.DisplayName)" -Status "$M365GsCounter out of $($M365Gs.Count) ($($PercentComplete.ToString('0.00'))%)" -PercentComplete $PercentComplete

$GetM365G | Get-UnifiedGroupLinks -LinkType Member | ForEach {
$GetM365G | Get-UnifiedGroupLinks -LinkType Member | ForEach-Object {
if ($All) {
$arr_ExportedM365Groups += New-Object -TypeName PSObject -Property $([ordered]@{
"Group Name" = $GetM365G.DisplayName
Expand Down Expand Up @@ -240,6 +240,34 @@ function Export-M365Group {
}
}

function Get-RoleGroupsMembers {
Set-Variable ProgressPreference Continue
$eolConnectedCheck = priv_CheckEOLConnection

if ( $eolConnectedCheck -eq $true ) {
$roleGroups = Get-RoleGroup
$rgCounter = 0

$permTable = foreach ($rg in $roleGroups) {
$rgCounter++
$PercentComplete = (($rgCounter / $roleGroups.Count) * 100)
Write-Progress -Activity "Processing $($rg)" -Status "$rgCounter out of $($roleGroups.Count) ($($PercentComplete.ToString('0.00'))%)" -PercentComplete $PercentComplete

$rgMembers = (Get-RoleGroupMember $rg).DisplayName -join "`n"
[PSCustomObject]@{
"Role Group" = $rg
Count = (Get-RoleGroupMember $rg).Count
Members = $rgMembers
}
}

$permTable | Sort-Object Count -Descending | Format-Table -AutoSize -Wrap

} else {
Write-Error "`nCan't connect or use Microsoft Exchange Online Management module. `nPlease check logs."
}
}

function Get-UserGroups {
# Credits: https://infrasos.com/get-mgusermemberof-list-group-memberships-of-azure-ad-user-powershell/
param(
Expand Down Expand Up @@ -302,7 +330,7 @@ function Get-UserGroups {
}

if ( $groups -ne $null ) {
$groups | ForEach {
$groups | ForEach-Object {
$groupIDs = $_.id
$otherproperties = $_.AdditionalProperties

Expand Down Expand Up @@ -353,4 +381,5 @@ Export-ModuleMember -Alias *
Export-ModuleMember -Function "Export-DG"
Export-ModuleMember -Function "Export-DDG"
Export-ModuleMember -Function "Export-M365Group"
Export-ModuleMember -Function "Get-RoleGroupsMembers"
Export-ModuleMember -Function "Get-UserGroups"
118 changes: 98 additions & 20 deletions Gioxx.ToyBox/Mailboxes/GTB.Mboxes.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,33 +64,98 @@ function Add-MboxPermission {
Switch ($AccessRights) {
"FullAccess" {
if ($AutoMapping) {
Write-Information "Add $($CurrentUser) (FullAccess) to $($SourceMailbox) ..."
Add-MailboxPermission -Identity $SourceMailbox -User $CurrentUser -AccessRights FullAccess -AutoMapping:$True -Confirm:$False | Out-Host
Write-Information "`nAdd $($CurrentUser) (FullAccess) to $($SourceMailbox) ..."
$addMboxPerm = Add-MailboxPermission -Identity $SourceMailbox -User $CurrentUser -AccessRights FullAccess -AutoMapping:$True -Confirm:$False
$addMboxPermDN = (Get-User -Identity $addMboxPerm.User).DisplayName
[PSCustomObject]@{
Identity = $addMboxPerm.Identity
User = $addMboxPerm.User
DisplayName = $addMboxPermDN
AccessRights = $addMboxPerm.AccessRights
IsInherited = $addMboxPerm.IsInherited
Deny = $addMboxPerm.Deny
} | Out-Host
} else {
Write-Information "Add $($CurrentUser) (FullAccess) to $($SourceMailbox) without AutoMapping ..."
Add-MailboxPermission -Identity $SourceMailbox -User $CurrentUser -AccessRights FullAccess -AutoMapping:$False -Confirm:$False | Out-Host
Write-Information "`nAdd $($CurrentUser) (FullAccess) to $($SourceMailbox) without AutoMapping ..."
$addMboxPerm = Add-MailboxPermission -Identity $SourceMailbox -User $CurrentUser -AccessRights FullAccess -AutoMapping:$False -Confirm:$False
$addMboxPermDN = (Get-User -Identity $addMboxPerm.User).DisplayName
[PSCustomObject]@{
Identity = $addMboxPerm.Identity
User = $addMboxPerm.User
DisplayName = $addMboxPermDN
AccessRights = $addMboxPerm.AccessRights
IsInherited = $addMboxPerm.IsInherited
Deny = $addMboxPerm.Deny
} | Out-Host
}
}
"SendAs" {
Write-Information "Add $($CurrentUser) (SendAs) to $($SourceMailbox) ..."
Add-RecipientPermission $SourceMailbox -Trustee $CurrentUser -AccessRights SendAs -Confirm:$False | Out-Host
Write-Information "`nAdd $($CurrentUser) (SendAs) to $($SourceMailbox) ..."
$addMboxPerm = Add-RecipientPermission $SourceMailbox -Trustee $CurrentUser -AccessRights SendAs -Confirm:$False
$addMboxPermDN = (Get-User -Identity $addMboxPerm.Trustee).DisplayName
[PSCustomObject]@{
Identity = $addMboxPerm.Identity
Trustee = $addMboxPerm.Trustee
DisplayName = $addMboxPermDN
AccessControlType = $addMboxPerm.AccessControlType
AccessRights = $addMboxPerm.AccessRights
} | Out-Host
}
"SendOnBehalfTo" {
Write-Information "Add $($CurrentUser) (SendAs) to $($SourceMailbox) ..."
Write-Information "`nAdd $($CurrentUser) (SendAs) to $($SourceMailbox) ..."
Set-Mailbox $SourceMailbox -GrantSendOnBehalfTo @{add="$($CurrentUser)"} -Confirm:$False | Out-Host
}
"All" {
if ($AutoMapping) {
Write-Information "Add $($CurrentUser) (FullAccess) to $($SourceMailbox) ..."
Add-MailboxPermission -Identity $SourceMailbox -User $CurrentUser -AccessRights FullAccess -AutoMapping:$True -Confirm:$False | Out-Host
Write-Information "Add $($CurrentUser) (SendAs) to $($SourceMailbox) ..."
Add-RecipientPermission $SourceMailbox -Trustee $CurrentUser -AccessRights SendAs -Confirm:$False | Out-Host
}
else {
Write-Information "Add $($CurrentUser) (FullAccess) to $($SourceMailbox) without AutoMapping ..."
Add-MailboxPermission -Identity $SourceMailbox -User $CurrentUser -AccessRights FullAccess -AutoMapping:$False -Confirm:$False | Out-Host
Write-Information "Add $($CurrentUser) (SendAs) to $($SourceMailbox) ..."
Add-RecipientPermission $SourceMailbox -Trustee $CurrentUser -AccessRights SendAs -Confirm:$False | Out-Host

Write-Information "`nAdd $($CurrentUser) (FullAccess) to $($SourceMailbox) ..."
$addMboxPerm = Add-MailboxPermission -Identity $SourceMailbox -User $CurrentUser -AccessRights FullAccess -AutoMapping:$True -Confirm:$False
$addMboxPermDN = (Get-User -Identity $addMboxPerm.User).DisplayName
[PSCustomObject]@{
Identity = $addMboxPerm.Identity
User = $addMboxPerm.User
DisplayName = $addMboxPermDN
AccessRights = $addMboxPerm.AccessRights
IsInherited = $addMboxPerm.IsInherited
Deny = $addMboxPerm.Deny
} | Out-Host

Write-Information "`nAdd $($CurrentUser) (SendAs) to $($SourceMailbox) ..."
$addMboxPerm = Add-RecipientPermission $SourceMailbox -Trustee $CurrentUser -AccessRights SendAs -Confirm:$False
$addMboxPermDN = (Get-User -Identity $addMboxPerm.Trustee).DisplayName
[PSCustomObject]@{
Identity = $addMboxPerm.Identity
Trustee = $addMboxPerm.Trustee
DisplayName = $addMboxPermDN
AccessControlType = $addMboxPerm.AccessControlType
AccessRights = $addMboxPerm.AccessRights
} | Out-Host

} else {

Write-Information "`nAdd $($CurrentUser) (FullAccess) to $($SourceMailbox) without AutoMapping ..."
$addMboxPerm = Add-MailboxPermission -Identity $SourceMailbox -User $CurrentUser -AccessRights FullAccess -AutoMapping:$False -Confirm:$False
$addMboxPermDN = (Get-User -Identity $addMboxPerm.User).DisplayName
[PSCustomObject]@{
Identity = $addMboxPerm.Identity
User = $addMboxPerm.User
DisplayName = $addMboxPermDN
AccessRights = $addMboxPerm.AccessRights
IsInherited = $addMboxPerm.IsInherited
Deny = $addMboxPerm.Deny
} | Out-Host

Write-Information "`nAdd $($CurrentUser) (SendAs) to $($SourceMailbox) ..."
$addMboxPerm = Add-RecipientPermission $SourceMailbox -Trustee $CurrentUser -AccessRights SendAs -Confirm:$False
$addMboxPermDN = (Get-User -Identity $addMboxPerm.Trustee).DisplayName
[PSCustomObject]@{
Identity = $addMboxPerm.Identity
Trustee = $addMboxPerm.Trustee
DisplayName = $addMboxPermDN
AccessControlType = $addMboxPerm.AccessControlType
AccessRights = $addMboxPerm.AccessRights
} | Out-Host

}
}
}
Expand Down Expand Up @@ -423,6 +488,7 @@ function New-SharedMailbox {
Write-Host "Set outgoing e-mail copy save for $($SharedMailboxSMTPAddress)" -f "Yellow"
Set-Mailbox $SharedMailboxSMTPAddress -MessageCopyForSentAsEnabled $True
Set-Mailbox $SharedMailboxSMTPAddress -MessageCopyForSendOnBehalfEnabled $True
Set-Mailbox $SharedMailboxSMTPAddress -RetainDeletedItemsFor 30
Write-Host "All done, remember to set access and editing rights to the new mailbox."
} else {
Write-Error "`nCan't connect or use Microsoft Exchange Online Management module. `nPlease check logs."
Expand Down Expand Up @@ -490,12 +556,24 @@ function Remove-MboxPermission {
$UserMailbox | ForEach {
$CurrentUser = $_
Switch ($AccessRights) {
"FullAccess" { Remove-MailboxPermission -Identity $SourceMailbox -User $CurrentUser -AccessRights FullAccess -Confirm:$False }
"SendAs" { Remove-RecipientPermission $SourceMailbox -Trustee $CurrentUser -AccessRights SendAs -Confirm:$False }
"SendOnBehalfTo" { Set-Mailbox $SourceMailbox -GrantSendOnBehalfTo @{remove="$($CurrentUser)"} -Confirm:$False }
"FullAccess" {
Write-Information "Removing full access for $($CurrentUser) from $($SourceMailbox) ..."
Remove-MailboxPermission -Identity $SourceMailbox -User $CurrentUser -AccessRights FullAccess -Confirm:$False
}
"SendAs" {
Write-Information "Removing SendAs for $($CurrentUser) from $($SourceMailbox) ..."
Remove-RecipientPermission $SourceMailbox -Trustee $CurrentUser -AccessRights SendAs -Confirm:$False
}
"SendOnBehalfTo" {
Write-Information "Removing SendOnBehalfTo for $($CurrentUser) from $($SourceMailbox) ..."
Set-Mailbox $SourceMailbox -GrantSendOnBehalfTo @{remove="$($CurrentUser)"} -Confirm:$False
}
"All" {
Write-Information "Removing full access for $($CurrentUser) from $($SourceMailbox) ..."
Remove-MailboxPermission -Identity $SourceMailbox -User $CurrentUser -AccessRights FullAccess -Confirm:$False
Write-Information "Removing SendAs for $($CurrentUser) from $($SourceMailbox) ..."
Remove-RecipientPermission $SourceMailbox -Trustee $CurrentUser -AccessRights SendAs -Confirm:$False
Write-Information "Removing SendOnBehalfTo for $($CurrentUser) from $($SourceMailbox) ..."
Set-Mailbox $SourceMailbox -GrantSendOnBehalfTo @{remove="$($CurrentUser)"} -Confirm:$False
}
}
Expand Down
2 changes: 1 addition & 1 deletion Gioxx.ToyBox/Main/GTB.Connections.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ function Connect-EOL {
Write-Host "Install the ExchangeOnlineManagement module using this command (then relaunch this script): `nInstall-Module ExchangeOnlineManagement" -f "Yellow"
} else {
Import-Module ExchangeOnlineManagement
Connect-ExchangeOnline -UserPrincipalName $UserPrincipalName -ShowBanner:$False
Connect-ExchangeOnline -UserPrincipalName $UserPrincipalName -ShowBanner:$False -SkipLoadingCmdletHelp
}
}

Expand Down
Loading

0 comments on commit 98fe4c3

Please sign in to comment.