-
Notifications
You must be signed in to change notification settings - Fork 10
/
Get-O365GroupDependency.ps1
205 lines (126 loc) · 7.91 KB
/
Get-O365GroupDependency.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
<#
.SYNOPSIS
This function queries Office 365 for any cloud only dependencies on the migrated groups.
.DESCRIPTION
This function queries Office 365 for any cloud only dependencies on the migrated groups.
.PARAMETER DN
The DN of the object to search attributes for.
.PARAMETER ATTRIBUTETYPE
The attribute type of the object we're looking for.
.OUTPUTS
An array of PS objects that are the canonicalNames of the dependencies.
.EXAMPLE
get-o36GroupDependency -dn DN -attributeType multiValuedExchangeAttribute
#>
Function Get-O365GroupDependency
{
[cmdletbinding()]
Param
(
[Parameter(Mandatory = $true)]
[string]$DN,
[Parameter(Mandatory = $TRUE)]
[string]$attributeType
)
#Output all parameters bound or unbound and their associated values.
write-functionParameters -keyArray $MyInvocation.MyCommand.Parameters.Keys -parameterArray $PSBoundParameters -variableArray (Get-Variable -Scope Local -ErrorAction Ignore)
#Declare function variables.
[array]$functionTest=@() #Holds the return information for the group query.
$functionCommand=$NULL #Holds the expression that will be utilized to query office 365.
[array]$functionObjectArray=@() #This is used to hold the object that will be returned.
#Start function processing.
Out-LogFile -string "********************************************************************************"
Out-LogFile -string "BEGIN GET-O365GroupDependency"
Out-LogFile -string "********************************************************************************"
#Escape double quotes if present in the DN.
$DN = $dn.replace('`','``')
$DN = $dn.Replace('"','`"')
out-logfile -string ("Updated DN = "+$dn)
out-logfile -string ("Attribute Type = "+$attributeType)
out-logfile -string ("Group Type = "+$groupType)
#Get the specific user using ad providers.
try
{
Out-LogFile -string "Attempting to search Office365 for any groups or users that have the requested dependency."
if ($attributeType -eq "Members")
{
#The attribute type is member - so we need to query recipients.
Out-LogFile -string "Entering query office 365 for DL membership."
$functionCommand = "Get-o365Recipient -Filter { ($attributeType -eq `"$dn`") -and (isDirSynced -eq '$FALSE') } -errorAction 'STOP'"
$scriptBlock=[scriptBlock]::create($functionCommand)
$functiontest += invoke-command -scriptBlock $scriptBlock
out-logfile -string ("The function command executed = "+$functionCommand)
}
elseif ($attributeType -eq "ForwardingAddress")
{
#The attribute type is forwarding address - search only mailboxes.
Out-LogFile -string "Entering query office 365 mailboxes."
$functionCommand = "Get-o365Mailbox -Filter { $attributeType -eq `"$dn`" } -errorAction 'STOP'"
$scriptBlock=[scriptBlock]::create($functionCommand)
$functiontest += invoke-command -scriptBlock $scriptBlock
out-logfile -string ("The function command executed = "+$functionCommand)
}
elseif ($attributeType -eq "ManagedBy")
{
#The attribute type is managed by. This is only relevant to groups.
out-logfile "Managed by is only relevant to groups - performing query on only groups."
out-logfile -string "Starting collection of distribution groups."
$functionCommand = "Get-o365DistributionGroup -Filter { ($attributeType -eq `"$dn`") -and (isDirSynced -eq '$FALSE') } -errorAction 'STOP'"
$scriptBlock=[scriptBlock]::create($functionCommand)
$functiontest += invoke-command -scriptBlock $scriptBlock
out-logfile -string ("The function command executed = "+$functionCommand)
out-logfile -string "Starting collection of dynamic distribution groups."
$functionCommand = "Get-o365DynamicDistributionGroup -Filter { $attributeType -eq `"$dn`" } -errorAction 'STOP'"
$scriptBlock=[scriptBlock]::create($functionCommand)
$functionTest += invoke-command -scriptBlock $scriptBlock
out-logfile -string ("The function command executed = "+$functionCommand)
}
else
{
out-logfile -string "Starting to gather attribute for all recipient types."
out-logfile -string "Starting collection of distribution groups."
$functionCommand = "Get-o365DistributionGroup -Filter { ($attributeType -eq `"$dn`") -and (isDirSynced -eq '$FALSE') } -errorAction 'STOP'"
$scriptBlock=[scriptBlock]::create($functionCommand)
$functiontest += invoke-command -scriptBlock $scriptBlock
out-logfile -string ("The function command executed = "+$functionCommand)
out-logfile -string "Starting collection of dynamic distribution groups."
$functionCommand = "Get-o365DynamicDistributionGroup -Filter { $attributeType -eq `"$dn`" } -errorAction 'STOP'"
$scriptBlock=[scriptBlock]::create($functionCommand)
$functionTest += invoke-command -scriptBlock $scriptBlock
out-logfile -string ("The function command executed = "+$functionCommand)
out-logfile -string "Starting collection of universal distribution groups."
$functionCommand = "Get-o365UnifiedGroup -Filter { $attributeType -eq `"$dn`" } -errorAction 'STOP'"
$scriptBlock=[scriptBlock]::create($functionCommand)
$functionTest += invoke-command -scriptBlock $scriptBlock
out-logfile -string ("The function command executed = "+$functionCommand)
out-logfile -string "Starting collection of mailbox recipients."
$functionCommand = "Get-o365Mailbox -Filter { ($attributeType -eq `"$dn`") -and (isDirSynced -eq '$FALSE') } -errorAction 'STOP'"
$scriptBlock=[scriptBlock]::create($functionCommand)
$functionTest += invoke-command -scriptBlock $scriptBlock
out-logfile -string ("The function command executed = "+$functionCommand)
out-logfile -string "Starting collection of mail user recipients."
$functionCommand = "Get-o365Mailuser -Filter { ($attributeType -eq `"$dn`") -and (isDirSynced -eq '$FALSE') } -errorAction 'STOP'"
$scriptBlock=[scriptBlock]::create($functionCommand)
$functionTest += invoke-command -scriptBlock $scriptBlock
out-logfile -string ("The function command executed = "+$functionCommand)
out-logfile -string "Starting collection of mail contact recipients."
$functionCommand = "Get-o365MailContact -Filter { ($attributeType -eq `"$dn`") -and (isDirSynced -eq '$FALSE') } -errorAction 'STOP'"
$scriptBlock=[scriptBlock]::create($functionCommand)
$functionTest += invoke-command -scriptBlock $scriptBlock
out-logfile -string ("The function command executed = "+$functionCommand)
}
if ($functionTest -eq $NULL)
{
out-logfile -string "There were no groups or users with the request dependency."
}
else
{
$functionObjectArray = $functionTest
}
}
catch
{
Out-LogFile -string $_ -isError:$TRUE
}
return $functionObjectArray
}