Tips-Of-Mine/Powershell
2
0
Fork 0
Code Pull Requests Wiki Activity

update

Browse Source
This commit is contained in:
Hubert Cornet
2023-07-04 12:59:44 +02:00
parent 2cef42a718
commit 09c2faad93
231 changed files with 261001 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

223
SharePoint Online/Get-ExternalSharingReport.ps1 Normal file
View File

@ -0,0 +1,223 @@
<#
=============================================================================================
Name: Office 365 external user file access report
Description: This script exports SharePoint Online external user file access report to CSV
Version: 1.0
Website: o365reports.com
Script by: O365Reports Team
For detailed script execution: https://o365reports.com/2021/05/20/audit-sharepoint-online-external-sharing-using-powershell
============================================================================================
#>
Param
(
[Parameter(Mandatory = $false)]
[Nullable[DateTime]]$StartDate,
[Nullable[DateTime]]$EndDate,
[switch]$SharePointOnline,
[switch]$OneDrive,
[string]$AdminName,
[string]$Password
)
Function Connect_Exo {
#Check for EXO v2 module inatallation
$Module = Get-Module ExchangeOnlineManagement -ListAvailable
if ($Module.count -eq 0) {
Write-Host Exchange Online PowerShell V2 module is not available -ForegroundColor yellow
$Confirm = Read-Host Are you sure you want to install module? [Y] Yes [N] No
if ($Confirm -match "[yY]") {
Write-host "Installing Exchange Online PowerShell module"
Install-Module ExchangeOnlineManagement -Repository PSGallery -AllowClobber -Force
}
else {
Write-Host EXO V2 module is required to connect Exchange Online.Please install module using Install-Module ExchangeOnlineManagement cmdlet.
Exit
}
}
Write-Host Connecting to Exchange Online...
if (($AdminName -ne "") -and ($Password -ne "")) {
$SecuredPassword = ConvertTo-SecureString -AsPlainText $Password -Force
$Credential = New-Object System.Management.Automation.PSCredential $AdminName, $SecuredPassword
Connect-ExchangeOnline -Credential $Credential
}
else {
Connect-ExchangeOnline
}
}
$MaxStartDate = ((Get-Date).AddDays(-89)).Date
#Getting external user file access for past 90 days
if (($StartDate -eq $null) -and ($EndDate -eq $null)) {
$EndDate = (Get-Date).Date
$StartDate = $MaxStartDate
}
$startDate
#Getting start date to generate external sharing report
While ($true) {
if ($StartDate -eq $null) {
$StartDate = Read-Host Enter start time for report generation '(Eg:04/28/2021)'
}
Try {
$Date = [DateTime]$StartDate
if ($Date -ge $MaxStartDate) {
break
}
else {
Write-Host `nExternal sharing report can be retrieved only for past 90 days. Please select a date after $MaxStartDate -ForegroundColor Red
return
}
}
Catch {
Write-Host `nNot a valid date -ForegroundColor Red
}
}
#Getting end date to generate external sharing report
While ($true) {
if ($EndDate -eq $null) {
$EndDate = Read-Host Enter End time for report generation '(Eg: 04/28/2021)'
}
Try {
$Date = [DateTime]$EndDate
if ($EndDate -lt ($StartDate)) {
Write-Host End time should be later than start time -ForegroundColor Red
return
}
break
}
Catch {
Write-Host `nNot a valid date -ForegroundColor Red
}
}
Connect_Exo
$OutputCSV = ".\ExternalSharingReport_$((Get-Date -format yyyy-MMM-dd-ddd` hh-mm` tt).ToString()).csv"
$IntervalTimeInMinutes = 1440 #$IntervalTimeInMinutes=Read-Host Enter interval time period '(in minutes)'
$CurrentStart = $StartDate
$CurrentEnd = $CurrentStart.AddMinutes($IntervalTimeInMinutes)
#Check whether CurrentEnd exceeds EndDate
if ($CurrentEnd -gt $EndDate) {
$CurrentEnd = $EndDate
}
if ($CurrentStart -eq $CurrentEnd) {
Write-Host Start and end time are same.Please enter different time range -ForegroundColor Red
Exit
}
$AggregateResults = @()
$CurrentResult = @()
$CurrentResultCount = 0
$AggregateResultCount = 0
Write-Host `nRetrieving external sharing events from $StartDate to $EndDate...
$ProcessedAuditCount = 0
$OutputEvents = 0
$ExportResult = ""
$ExportResults = @()
while ($true) {
#Getting exteranl sharing audit data for given time range
$Results = Search-UnifiedAuditLog -StartDate $CurrentStart -EndDate $CurrentEnd -Operations "Sharinginvitationcreated,AnonymousLinkcreated,AddedToSecureLink" -SessionId s -SessionCommand ReturnLargeSet -ResultSize 5000
$ResultCount = ($Results | Measure-Object).count
foreach ($Result in $Results) {
$ProcessedAuditCount++
$MoreInfo = $Result.auditdata
$Operation = $Result.Operations
$AuditData = $Result.auditdata | ConvertFrom-Json
$Workload = $AuditData.Workload
#Filter for SharePointOnline external Sharing events
If ($SharePointOnline.IsPresent -and ($Workload -eq "OneDrive")) {
continue
}
If ($OneDrive.IsPresent -and ($Workload -eq "SharePoint")) {
continue
}
#Check for Guest sharing
if ($Operation -ne "AnonymousLinkcreated") {
If ($AuditData.TargetUserOrGroupType -ne "Guest") {
continue
}
$SharedWith = $AuditData.TargetUserOrGroupName
}
else {
$SharedWith = "Anyone with the link can access"
}
$ActivityTime = Get-Date($AuditData.CreationTime) -format g
$SharedBy = $AuditData.userId
$SharedResourceType = $AuditData.ItemType
$sharedResource = $AuditData.ObjectId
$SiteURL = $AuditData.SiteURL
#Export result to csv
$OutputEvents++
$ExportResult = @{'Shared Time' = $ActivityTime; 'Sharing Type' = $Operation; 'Shared By' = $SharedBy; 'Shared With' = $SharedWith; 'Shared Resource Type' = $SharedResourceType; 'Shared Resource' = $SharedResource; 'Site url' = $Siteurl; 'Workload' = $Workload; 'More Info' = $MoreInfo }
$ExportResults = New-Object PSObject -Property $ExportResult
$ExportResults | Select-Object 'Shared Time', 'Shared By', 'Shared With', 'Shared Resource Type', 'Shared Resource', 'Site URL', 'Sharing Type', 'Workload', 'More Info' | Export-Csv -Path $OutputCSV -Notype -Append
}
Write-Progress -Activity "`n Retrieving external sharing events from $CurrentStart to $CurrentEnd.."`n" Processed audit record count: $ProcessedAuditCount"
$currentResultCount = $CurrentResultCount + $ResultCount
if ($CurrentResultCount -ge 50000) {
Write-Host Retrieved max record for current range.Proceeding further may cause data loss or rerun the script with reduced time interval. -ForegroundColor Red
$Confirm = Read-Host `nAre you sure you want to continue? [Y] Yes [N] No
if ($Confirm -match "[Y]") {
Write-Host Proceeding audit log collection with data loss
[DateTime]$CurrentStart = $CurrentEnd
[DateTime]$CurrentEnd = $CurrentStart.AddMinutes($IntervalTimeInMinutes)
$CurrentResultCount = 0
$CurrentResult = @()
if ($CurrentEnd -gt $EndDate) {
$CurrentEnd = $EndDate
}
}
else {
Write-Host Please rerun the script with reduced time interval -ForegroundColor Red
Exit
}
}
if ($Results.count -lt 5000) {
#$AggregateResultCount +=$CurrentResultCount
if ($CurrentEnd -eq $EndDate) {
break
}
$CurrentStart = $CurrentEnd
if ($CurrentStart -gt (Get-Date)) {
break
}
$CurrentEnd = $CurrentStart.AddMinutes($IntervalTimeInMinutes)
$CurrentResultCount = 0
$CurrentResult = @()
if ($CurrentEnd -gt $EndDate) {
$CurrentEnd = $EndDate
}
}
}
If ($OutputEvents -eq 0) {
Write-Host No records found
}
else {
Write-Host `nThe output file contains $OutputEvents audit records
if ((Test-Path -Path $OutputCSV) -eq "True") {
Write-Host `nThe Output file availble in $OutputCSV -ForegroundColor Green
$Prompt = New-Object -ComObject wscript.shell
$UserInput = $Prompt.popup("Do you want to open output file?", `
0, "Open Output File", 4)
If ($UserInput -eq 6) {
Invoke-Item "$OutputCSV"
}
}
}
#Disconnect Exchange Online session
Disconnect-ExchangeOnline -Confirm:$false -InformationAction Ignore -ErrorAction SilentlyContinue

80
SharePoint Online/Get-SharePointReport.ps1 Normal file
View File

@ -0,0 +1,80 @@
# Before using this script you must register the PNP App with the Cmdlet : Register-PnPManagementShellAccess
$creduser = Read-Host "Admin email"
$credpassword = Read-Host "Admin Password"
$SiteURL = Read-Host "Site library URL"
$ListName = Read-Host "List Name"
[securestring]$secStringPassword = ConvertTo-SecureString $credpassword -AsPlainText -Force
[pscredential]$credObject = New-Object System.Management.Automation.PSCredential ($creduser, $secStringPassword)
Connect-AzureAD -Credential $credObject
Connect-PnPOnline -Url $SiteURL -Credentials $credObject
$Table2 = New-Object 'System.Collections.Generic.List[System.Object]'
$SpFolderList = Get-PnPFolderItem -FolderSiteRelativeUrl $ListName -ItemType Folder
foreach ($Folder in $SpFolderList) {
$context = Get-PnPContext
$file = Get-PnPFolder -Url $Folder.ServerRelativeUrl -Includes ListItemAllFields.RoleAssignments, ListItemAllFields.HasUniqueRoleAssignments
$context.Load($file);
$context.ExecuteQuery();
if ($file.ListItemAllFields.HasUniqueRoleAssignments -eq $True) {
foreach ($roleAssignments in $file.ListItemAllFields.RoleAssignments) {
Get-PnPProperty -ClientObject $roleAssignments -Property RoleDefinitionBindings, Member
$PermissionType = $roleAssignments.Member.PrincipalType
$PermissionLevels = $roleAssignments.RoleDefinitionBindings | Select-Object -ExpandProperty Name
$PermissionLevels = ($PermissionLevels | Where-Object { $_ -notlike "Acc*s limit*" }) -join ", "
If ($PermissionLevels.Length -eq 0) { Continue }
if ($PermissionType -eq "SecurityGroup") {
$Group = Get-AzureAdGroup -Filter "DisplayName eq '$($roleAssignments.Member.Title)'" | Where-Object { $_.MailEnabled -eq $false -and $_.SecurityEnabled -eq $true }
if (!$Group) {
$Users = "Groupe Introuvable: Erreur"
}
else {
$Users = (Get-AzureADGroupMember -ObjectId $Group.ObjectID | Sort-Object DisplayName | Select-Object -ExpandProperty DisplayName) -join ", "
}
$obj2 = [PSCustomObject]@{
'Dossier' = $Folder.Name
'Type' = $PermissionType
'Nom' = $roleAssignments.Member.Title
'Membres' = $Users
'Droit' = $PermissionLevels
}
}
else {
$obj2 = [PSCustomObject]@{
'Dossier' = $Folder.Name
'Type' = $PermissionType
'Nom' = $roleAssignments.Member.Title
'Membres' = ""
'Droit' = $PermissionLevels
}
}
$table2.add($obj2)
}
}
}
$table2 | Export-Csv -Path "Dossier-SharePoint.csv" -Delimiter ";" -Encoding UTF8 -NoTypeInformation
try {
Import-Module -Name PSWriteHTML
New-HTML {
New-HTMLTable -DataTable $table2 -Title 'SharePoint Library Rights' -HideFooter -PagingLength 25 -AlphabetSearch {
New-TableAlphabetSearch -ColumnName 'Name'
}
} -ShowHTML -FilePath "SharePointReport.html" -Online
}
catch {
{ Write-Host "PSWriteHTLM module is not present" }
}

54
SharePoint Online/New-SpoLibrary.ps1 Normal file
View File

@ -0,0 +1,54 @@
$creduser = Read-Host "Admin email"
$credpassword = Read-Host "Admin Password"
[securestring]$secStringPassword = ConvertTo-SecureString $credpassword -AsPlainText -Force
[pscredential]$credObject = New-Object System.Management.Automation.PSCredential ($creduser, $secStringPassword)
Connect-AzureAD -Credential $credObject
$SiteURL = "Site library URL"
$Library = "List Name"
Connect-PnPOnline -Url $SiteURL -UseWebLogin
$MemberGroup = Get-PnPGroup -Identity "Site de partage - Membres"
$CsvFolderList = Import-csv "SharePoint_Config_Sub.csv" -Delimiter ";" -Encoding UTF8
foreach ($folder in $CsvFolderList) {
$NewFolder = Add-PnPFolder -Name $folder.name -Folder $Library
$NewFolderUrl = Get-PnPFolder -Url ($Library + "/" + $NewFolder.name) -Includes ListItemAllFields.HasUniqueRoleAssignments
If ($NewFolderUrl.ListItemAllFields.HasUniqueRoleAssignments) {
Write-host "Folder is already with broken permissions!" -f Yellow
}
Else {
Write-Host $NewFolderUrl
$NewFolderUrl.ListItemAllFields.BreakRoleInheritance($True, $True)
Invoke-PnPQuery
Write-host "Folder's Permission Inheritance is broken!!" -f Green
}
}
foreach ($folder in $CsvFolderList) {
$ADgroupname = (Get-AzureADGroup | where { $_.displayname -eq $folder.Group } ).objectid
$SpFolder = Get-PnPFolder -Url ("/sites/partage" + $Library + "/" + $folder.name)
Set-PnPListItemPermission -List $Library -Identity ($folder.ListItemAllFields) -Group $MemberGroup -RemoveRole 'Lecture'
Set-PnPfolderPermission -list $Library -identity $SpFolder -user "c:0t.c|tenant|$ADGroupName" -AddRole 'Collaboration'
}
foreach ($folder in $CsvFolderList) {
Add-PnPFolder -Name $folder.name -Folder ($Library + "/" + $folder.parent)
}

1
SharePoint Online/README.md Normal file
View File

@ -0,0 +1 @@
# SharePoint Online

37
SharePoint Online/Set-SpoLanguage.ps1 Normal file
View File

@ -0,0 +1,37 @@
#Load SharePoint CSOM Assemblies
Add-Type -Path CProgram FilesCommon FilesMicrosoft SharedWeb Server Extensions16ISAPIMicrosoft.SharePoint.Client.dll
Add-Type -Path CProgram FilesCommon FilesMicrosoft SharedWeb Server Extensions16ISAPIMicrosoft.SharePoint.Client.Runtime.dll
#function to change Locale in regional settings of a SharePoint Online site
Function Set-SPOLocale([String]$SiteURL, [String]$LocaleID, [PSCredential]$Cred) {
Try {
#Set up the context
$Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
$Ctx.Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.Username, $Cred.Password)
#Get Regional Settings of the Web
$Web = $Ctx.Web
$Ctx.Load($web)
$Ctx.Load($Web.RegionalSettings)
$ctx.ExecuteQuery()
#Update the LocaleID of the site
$Web.RegionalSettings.LocaleId = $LocaleID
$Web.Update()
$Ctx.ExecuteQuery()
Write-host -f Green Locale has been updated for $Web.Url
#Get all subsites of the web
$Ctx.Load($Web.Webs)
$Ctx.executeQuery()
#Iterate through each subsites and call the function recursively
Foreach ($Subweb in $Web.Webs) {
#Call the function to set Locale for the web
Set-SPOLocale -SiteURL $Subweb.URL -LocaleID $LocaleID -Cred $Cred
}
}
Catch [System.Exception] {
Write-Host -f Red Error$_.Exception.Message
}
}