Been over a month since my last blogpost. I have been completely out of ides on what to blog about or what to script. Twitter to the rescue. Did not take long time after asking that i got some ideas on what i could script. So this is what i decided on doing:
What about a script that goes through all the teams, gets all the guests added to it and sends an email to the team owners asking to check whether they’re all still needed to have access? Like, proactive security? Too lame?
— Max Sanna (@MaxSanna) March 15, 2018
My script does exactly what Max requested, and here it is:
#Remeber to log on to Exchange Online. $EmailCredential = Get-Credential $Groups = Get-UnifiedGroup $Info = @() foreach($group in $Groups){ $TeamsEnabledCheck = Get-MailboxFolderStatistics -Identity $Group.Alias -IncludeOldestAndNewestItems -FolderScope ConversationHistory | Select-Object FolderType If ($TeamsEnabledCheck.FolderType -like 'TeamChat') { $Owners = Get-UnifiedGroupLinks $group.Alias -LinkType owners $Ownersemail = $Owners.primarysmtpaddress -join ', ' $GroupAlias = $Group.Alias $Users = Get-UnifiedGroupLinks $Group.Alias -LinkType members | Where-Object {$_.RecipientTypeDetails -eq "GuestMailUser"} foreach($User in $Users){ $Object=[PSCustomObject]@{ Name = $User.displayname Email = $User.primarysmtpaddress } $script:info+=$Object } If(!$info){ "No external members in $GroupAlias" } Else { $info2 = $info | Out-String Send-MailMessage -From admin@contoso.com -To "$owneremail" -Subject "Can any of these External Members on your Team $GroupAlias be disabled?" -Body $info2 -credential $EmailCredential -SmtpServer "smtp.office365.com" -UseSsl $info = @() "$GroupAlias Email sent to these owners: $ownersemail" } } }