Been over a month since my last blogpost. I have been completely out of ides on what to blog about or what to script. Twitter to the rescue. Did not take long time after asking that i got some ideas on what i could script. So this is what i decided on doing:
What about a script that goes through all the teams, gets all the guests added to it and sends an email to the team owners asking to check whether they’re all still needed to have access? Like, proactive security? Too lame?
— Max Sanna (@MaxSanna) March 15, 2018
My script does exactly what Max requested, and here it is:
<span style="font-family:Monaco, Consolas, 'Andale Mono', 'DejaVu Sans Mono', 'Courier 10 Pitch', Courier, monospace;">#Remeber to log on to Exchange Online and Teams in PowerShell</span> $EmailCredential = Get-Credential $Groups = (Get-Team).GroupID | Get-UnifiedGroup $Info = @() foreach($group in $Groups){ $Owners = Get-UnifiedGroupLinks $group.Alias -LinkType owners $Ownersemail = $Owners.primarysmtpaddress -join ', ' $GroupAlias = $Group.Alias $Users = Get-UnifiedGroupLinks $Group.Alias -LinkType members | Where-Object {$_.RecipientTypeDetails -eq "GuestMailUser"} foreach($User in $Users){ $Object=[PSCustomObject]@{ Name = $User.displayname Email = $User.primarysmtpaddress } $script:info+=$Object } If(!$info){ "No external members in $GroupAlias" } Else { $info2 = $info | Out-String Send-MailMessage -From [email protected] -To "$owneremail" -Subject "Can any of these External Members on your Team $GroupAlias be disabled?" -Body $info2 -credential $EmailCredential -SmtpServer "smtp.office365.com" -UseSsl $info = @() "$GroupAlias Email sent to these owners: $ownersemail" } }