Script LibraryScript Library
Organisierte Sammlung kopierfertiger PowerShell-Skripte für Benutzer, Gruppen, Sicherheit, Exchange Online, SharePoint, Teams, Reporting und Automatisierung.Organized collection of copy-ready PowerShell scripts for users, groups, security, Exchange Online, SharePoint, Teams, reporting, and automation.
Zur Kategorie springen.Jump to category.
Zur Kategorie springen.Jump to category.
Zur Kategorie springen.Jump to category.
Zur Kategorie springen.Jump to category.
Zur Kategorie springen.Jump to category.
Zur Kategorie springen.Jump to category.
Zur Kategorie springen.Jump to category.
Zur Kategorie springen.Jump to category.
User Management ScriptsUser Management Scripts
Jeder Eintrag enthält eine kurze Beschreibung, Voraussetzungen, kopierbaren PowerShell-Code und die erwartete Ausgabe.Each entry contains a short description, prerequisites, copyable PowerShell code, and the expected output.
Export All UsersExport All Users
Exportiert alle Benutzer mit Kernattributen und Kontostatus.Exports all users with core attributes and account status.
- Microsoft.Graph.UsersMicrosoft.Graph.Users
- Scopes: User.Read.AllScopes: User.Read.All
- CSV-ExportCSV export
param([string]$OutputPath = ".\all-users.csv")
try {
Import-Module Microsoft.Graph.Users -ErrorAction Stop
Connect-MgGraph -Scopes "User.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgUser -All -Property DisplayName,UserPrincipalName,AccountEnabled,UserType
$items | Select-Object DisplayName,UserPrincipalName,AccountEnabled,UserType | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit DisplayName, UPN, Benutzerstatus und UserType.CSV with display name, UPN, account status, and user type.
Create Users from CSVCreate Users from CSV
Erstellt neue Cloud-Benutzer aus einer CSV-Datei.Creates new cloud users from a CSV file.
- CSV mit DisplayName,UserPrincipalName,MailNickname,PasswordCSV with DisplayName,UserPrincipalName,MailNickname,Password
- Microsoft.Graph.UsersMicrosoft.Graph.Users
- Scopes: User.ReadWrite.AllScopes: User.ReadWrite.All
param(
[Parameter(Mandatory)]
[string]$InputCsv,
[string]$OutputPath = ".\created-users.csv"
)
try {
Import-Module Microsoft.Graph.Users -ErrorAction Stop
Connect-MgGraph -Scopes "User.ReadWrite.All" -NoWelcome -ErrorAction Stop
$report = foreach ($row in (Import-Csv $InputCsv -ErrorAction Stop)) {
$user = New-MgUser -AccountEnabled `
-DisplayName $row.DisplayName `
-MailNickname $row.MailNickname `
-UserPrincipalName $row.UserPrincipalName `
-PasswordProfile @{ ForceChangePasswordNextSignIn = $true; Password = $row.Password }
[pscustomobject]@{ DisplayName = $user.DisplayName; UserPrincipalName = $user.UserPrincipalName; Result = "Created" }
}
$report | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit neu erstellten Benutzerkonten und Ergebnisstatus.CSV with created user accounts and result status.
Disable Dormant UsersDisable Dormant Users
Deaktiviert Benutzer, die länger als 120 Tage inaktiv waren.Disables users that have been inactive for more than 120 days.
- Microsoft.Graph.UsersMicrosoft.Graph.Users
- Scopes: User.ReadWrite.All, AuditLog.Read.AllScopes: User.ReadWrite.All, AuditLog.Read.All
- Review vor Einsatz in ProduktionReview before production use
param(
[int]$InactiveDays = 120,
[switch]$WhatIfOnly,
[string]$OutputPath = ".\dormant-users-review.csv"
)
try {
Import-Module Microsoft.Graph.Users -ErrorAction Stop
Connect-MgGraph -Scopes "User.ReadWrite.All","AuditLog.Read.All" -NoWelcome -ErrorAction Stop
$cutoff = (Get-Date).AddDays(-$InactiveDays)
$users = Get-MgUser -All -Property DisplayName,UserPrincipalName,AccountEnabled,SignInActivity
$report = foreach ($user in $users | Where-Object { $_.AccountEnabled -and $_.SignInActivity.LastSuccessfulSignInDateTime -and ([datetime]$_.SignInActivity.LastSuccessfulSignInDateTime) -lt $cutoff }) {
if (-not $WhatIfOnly) { Update-MgUser -UserId $user.UserPrincipalName -AccountEnabled:$false }
[pscustomobject]@{ UserPrincipalName = $user.UserPrincipalName; LastSuccessfulSignIn = $user.SignInActivity.LastSuccessfulSignInDateTime; Action = $(if ($WhatIfOnly) { "Review" } else { "Disabled" }) }
}
$report | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit allen deaktivierten oder markierten Benutzerkonten.CSV with all disabled or flagged user accounts.
Export Guest UsersExport Guest Users
Listet alle Gastbenutzer inklusive Einladungsstatus.Lists all guest users including invitation state.
- Microsoft.Graph.UsersMicrosoft.Graph.Users
- Scopes: User.Read.AllScopes: User.Read.All
- Guest ReportingGuest reporting
param([string]$OutputPath = ".\guest-users.csv")
try {
Import-Module Microsoft.Graph.Users -ErrorAction Stop
Connect-MgGraph -Scopes "User.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgUser -All -Filter "userType eq 'Guest'" -Property DisplayName,UserPrincipalName,ExternalUserState,CreatedDateTime
$items | Select-Object DisplayName,UserPrincipalName,ExternalUserState,CreatedDateTime | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit Gast-UPNs, ExternalUserState und Erstellungsdatum.CSV with guest UPNs, external user state, and creation time.
Bulk Update DepartmentBulk Update Department
Aktualisiert Department-Attribute für mehrere Benutzer per CSV.Updates department attributes for multiple users via CSV.
- CSV mit UserPrincipalName,DepartmentCSV with UserPrincipalName,Department
- Microsoft.Graph.UsersMicrosoft.Graph.Users
- Scopes: User.ReadWrite.AllScopes: User.ReadWrite.All
param(
[Parameter(Mandatory)]
[string]$InputCsv,
[string]$OutputPath = ".\department-update-results.csv"
)
try {
Import-Module Microsoft.Graph.Users -ErrorAction Stop
Connect-MgGraph -Scopes "User.ReadWrite.All" -NoWelcome -ErrorAction Stop
$report = foreach ($row in (Import-Csv $InputCsv -ErrorAction Stop)) {
Update-MgUser -UserId $row.UserPrincipalName -Department $row.Department -ErrorAction Stop
[pscustomobject]@{ UserPrincipalName = $row.UserPrincipalName; Department = $row.Department; Result = "Updated" }
}
$report | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit aktualisierten Departments und Bearbeitungsstatus.CSV with updated departments and processing status.
Users Without ManagerUsers Without Manager
Findet Benutzer ohne zugewiesenen Manager.Finds users without an assigned manager.
- Microsoft.Graph.UsersMicrosoft.Graph.Users
- Scopes: User.Read.AllScopes: User.Read.All
- Graph Directory DataGraph directory data
param([string]$OutputPath = ".\users-without-manager.csv")
try {
Import-Module Microsoft.Graph.Users -ErrorAction Stop
Connect-MgGraph -Scopes "User.Read.All" -NoWelcome -ErrorAction Stop
$report = foreach ($user in (Get-MgUser -All -Property DisplayName,UserPrincipalName)) {
$manager = Get-MgUserManager -UserId $user.Id -ErrorAction SilentlyContinue
if (-not $manager) { [pscustomobject]@{ DisplayName = $user.DisplayName; UserPrincipalName = $user.UserPrincipalName } }
}
$report | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit Benutzern ohne Manager-Beziehung.CSV with users that have no manager relationship.
Licensed User InventoryLicensed User Inventory
Zeigt alle Benutzer mit mindestens einer Lizenz.Shows all users with at least one license assigned.
- Microsoft.Graph.UsersMicrosoft.Graph.Users
- Scopes: User.Read.AllScopes: User.Read.All
- LizenzübersichtLicense overview
param([string]$OutputPath = ".\licensed-users.csv")
try {
Import-Module Microsoft.Graph.Users -ErrorAction Stop
Connect-MgGraph -Scopes "User.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgUser -All -Property DisplayName,UserPrincipalName,AssignedLicenses,UserType
$items | Where-Object { $_.AssignedLicenses.Count -gt 0 } | Select-Object DisplayName,UserPrincipalName,@{Name='LicenseCount';Expression={$_.AssignedLicenses.Count}},UserType | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit UPN, Lizenzanzahl und Benutzertyp.CSV with UPN, license count, and user type.
Password Change ReviewPassword Change Review
Exportiert Benutzer mit veraltetem Kennwortwechselstempel.Exports users with an outdated password-change timestamp.
- Microsoft.Graph.UsersMicrosoft.Graph.Users
- Scopes: User.Read.AllScopes: User.Read.All
- Nur für Cloud-Attribute nutzbarUseful only for cloud attributes
param([string]$OutputPath = ".\password-change-review.csv")
try {
Import-Module Microsoft.Graph.Users -ErrorAction Stop
Connect-MgGraph -Scopes "User.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgUser -All -Property DisplayName,UserPrincipalName,LastPasswordChangeDateTime
$items | Select-Object DisplayName,UserPrincipalName,LastPasswordChangeDateTime | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit LastPasswordChangeDateTime und Review-Hinweis.CSV with last password change time and a review hint.
Disabled Users ReviewDisabled Users Review
Exportiert alle deaktivierten Konten zur periodischen Bereinigung.Exports all disabled accounts for periodic cleanup.
- Microsoft.Graph.UsersMicrosoft.Graph.Users
- Scopes: User.Read.AllScopes: User.Read.All
- Cleanup ReviewCleanup review
param([string]$OutputPath = ".\disabled-users.csv")
try {
Import-Module Microsoft.Graph.Users -ErrorAction Stop
Connect-MgGraph -Scopes "User.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgUser -All -Property DisplayName,UserPrincipalName,AccountEnabled,UserType
$items | Where-Object { -not $_.AccountEnabled } | Select-Object DisplayName,UserPrincipalName,UserType | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit deaktivierten Konten und Benutzerstatus.CSV with disabled accounts and user state.
Authentication Methods InventoryAuthentication Methods Inventory
Listet registrierte MFA-Methoden pro Benutzer.Lists registered MFA methods per user.
- Microsoft.Graph.ReportsMicrosoft.Graph.Reports
- Scopes: Reports.Read.AllScopes: Reports.Read.All
- Authentication method reportsAuthentication method reports
param([string]$OutputPath = ".\authentication-methods.csv")
try {
Import-Module Microsoft.Graph.Reports -ErrorAction Stop
Connect-MgGraph -Scopes "Reports.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgReportAuthenticationMethodUserRegistrationDetail -All
$items | Select-Object UserPrincipalName,UserDisplayName,@{Name='Methods';Expression={($_.MethodsRegistered -join '; ')}},DefaultMfaMethod | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit registrierten Methoden und Default-MFA-Status.CSV with registered methods and default MFA state.
Group Management ScriptsGroup Management Scripts
Jeder Eintrag enthält eine kurze Beschreibung, Voraussetzungen, kopierbaren PowerShell-Code und die erwartete Ausgabe.Each entry contains a short description, prerequisites, copyable PowerShell code, and the expected output.
Group InventoryGroup Inventory
Exportiert Sicherheits-, Mail- und Microsoft-365-Gruppen.Exports security, mail, and Microsoft 365 groups.
- Microsoft.Graph.GroupsMicrosoft.Graph.Groups
- Scopes: Group.Read.AllScopes: Group.Read.All
- GruppeninventurGroup inventory
param([string]$OutputPath = ".\group-inventory.csv")
try {
Import-Module Microsoft.Graph.Groups -ErrorAction Stop
Connect-MgGraph -Scopes "Group.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgGroup -All -Property DisplayName,MailEnabled,SecurityEnabled,GroupTypes
$items | Select-Object DisplayName,MailEnabled,SecurityEnabled,@{Name='GroupTypes';Expression={($_.GroupTypes -join ';')}} | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit Gruppentyp, MailEnabled und SecurityEnabled.CSV with group type, mail enabled, and security enabled.
Group Members ExportGroup Members Export
Exportiert Mitglieder einer angegebenen Gruppe.Exports members of a specified group.
- Microsoft.Graph.GroupsMicrosoft.Graph.Groups
- Scopes: Group.Read.AllScopes: Group.Read.All
- GroupId erforderlichGroupId required
param(
[Parameter(Mandatory)]
[string]$GroupId,
[string]$OutputPath = ".\group-members.csv"
)
try {
Import-Module Microsoft.Graph.Groups -ErrorAction Stop
Connect-MgGraph -Scopes "Group.Read.All" -NoWelcome -ErrorAction Stop
Get-MgGroupMember -GroupId $GroupId -All |
Select-Object Id,AdditionalProperties |
Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit Gruppenmitgliedern und Objekt-IDs.CSV with group members and object IDs.
Bulk Add Group MembersBulk Add Group Members
Fügt per CSV mehrere Mitglieder zu einer Gruppe hinzu.Adds multiple members to a group via CSV.
- CSV mit DirectoryObjectIdCSV with DirectoryObjectId
- Microsoft.Graph.GroupsMicrosoft.Graph.Groups
- Scopes: GroupMember.ReadWrite.AllScopes: GroupMember.ReadWrite.All
param(
[Parameter(Mandatory)]
[string]$GroupId,
[Parameter(Mandatory)]
[string]$InputCsv,
[string]$OutputPath = ".\group-member-add-results.csv"
)
try {
Import-Module Microsoft.Graph.Groups -ErrorAction Stop
Connect-MgGraph -Scopes "GroupMember.ReadWrite.All" -NoWelcome -ErrorAction Stop
$report = foreach ($row in (Import-Csv $InputCsv -ErrorAction Stop)) {
New-MgGroupMemberByRef -GroupId $GroupId -BodyParameter @{ "@odata.id" = "https://graph.microsoft.com/v1.0/directoryObjects/$($row.DirectoryObjectId)" }
[pscustomobject]@{ DirectoryObjectId = $row.DirectoryObjectId; Result = "Added" }
}
$report | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit hinzugefügten Mitgliedern und Ergebnisstatus.CSV with added members and result status.
Empty Groups ReportEmpty Groups Report
Findet Gruppen ohne Mitglieder.Finds groups without members.
- Microsoft.Graph.GroupsMicrosoft.Graph.Groups
- Scopes: Group.Read.AllScopes: Group.Read.All
- Kann bei großen Tenants länger laufenCan take longer in large tenants
param([string]$OutputPath = ".\empty-groups.csv")
try {
Import-Module Microsoft.Graph.Groups -ErrorAction Stop
Connect-MgGraph -Scopes "Group.Read.All" -NoWelcome -ErrorAction Stop
$report = foreach ($group in (Get-MgGroup -All -Property DisplayName)) {
if ((Get-MgGroupMember -GroupId $group.Id -Top 1 -ErrorAction SilentlyContinue | Measure-Object).Count -eq 0) {
[pscustomobject]@{ DisplayName = $group.DisplayName; GroupId = $group.Id }
}
}
$report | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit leeren Gruppen zur Review oder Bereinigung.CSV with empty groups for review or cleanup.
Dynamic Group Rules ExportDynamic Group Rules Export
Exportiert alle dynamischen Gruppen mit Membership Rules.Exports all dynamic groups with membership rules.
- Microsoft.Graph.GroupsMicrosoft.Graph.Groups
- Scopes: Group.Read.AllScopes: Group.Read.All
- Dynamische GruppenDynamic groups
param([string]$OutputPath = ".\dynamic-group-rules.csv")
try {
Import-Module Microsoft.Graph.Groups -ErrorAction Stop
Connect-MgGraph -Scopes "Group.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgGroup -All -Property DisplayName,GroupTypes,MembershipRule,MembershipRuleProcessingState
$items | Where-Object { $_.MembershipRule } | Select-Object DisplayName,MembershipRule,MembershipRuleProcessingState | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit Gruppenname, Regel und Verarbeitungsstatus.CSV with group name, rule, and processing state.
Security & Compliance ScriptsSecurity & Compliance Scripts
Jeder Eintrag enthält eine kurze Beschreibung, Voraussetzungen, kopierbaren PowerShell-Code und die erwartete Ausgabe.Each entry contains a short description, prerequisites, copyable PowerShell code, and the expected output.
Conditional Access InventoryConditional Access Inventory
Exportiert alle Conditional-Access-Richtlinien und ihren Status.Exports all Conditional Access policies and their state.
- Microsoft.Graph.Identity.SignInsMicrosoft.Graph.Identity.SignIns
- Scopes: Policy.Read.AllScopes: Policy.Read.All
- CA GovernanceCA governance
param([string]$OutputPath = ".\conditional-access-inventory.csv")
try {
Import-Module Microsoft.Graph.Identity.SignIns -ErrorAction Stop
Connect-MgGraph -Scopes "Policy.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgIdentityConditionalAccessPolicy -All
$items | Select-Object DisplayName,State,CreatedDateTime,ModifiedDateTime | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit Richtlinienname, State und Zeitstempeln.CSV with policy name, state, and timestamps.
MFA Coverage SnapshotMFA Coverage Snapshot
Snapshot der MFA-Registrierung mit Methoden und Standardfaktor.Snapshot of MFA registration including methods and default factor.
- Microsoft.Graph.ReportsMicrosoft.Graph.Reports
- Scopes: Reports.Read.AllScopes: Reports.Read.All
- Authentication method reportsAuthentication method reports
param([string]$OutputPath = ".\mfa-coverage-snapshot.csv")
try {
Import-Module Microsoft.Graph.Reports -ErrorAction Stop
Connect-MgGraph -Scopes "Reports.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgReportAuthenticationMethodUserRegistrationDetail -All
$items | Select-Object UserPrincipalName,IsMfaRegistered,DefaultMfaMethod | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit MFA-Registrierungsstatus je Benutzer.CSV with MFA registration state per user.
Privileged Roles ExportPrivileged Roles Export
Exportiert aktive Rollenzuweisungen aus Entra ID.Exports active role assignments from Entra ID.
- Microsoft.Graph.Identity.GovernanceMicrosoft.Graph.Identity.Governance
- Scopes: RoleManagement.Read.AllScopes: RoleManagement.Read.All
- PIM/Role reviewPIM/role review
param([string]$OutputPath = ".\privileged-roles.csv")
try {
Import-Module Microsoft.Graph.Identity.Governance -ErrorAction Stop
Connect-MgGraph -Scopes "RoleManagement.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgRoleManagementDirectoryRoleAssignmentSchedule -All
$items | Select-Object PrincipalId,RoleDefinitionId,StartDateTime,EndDateTime | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit PrincipalId und RoleDefinitionId.CSV with principal and role definition IDs.
App Secret ExpiryApp Secret Expiry
Kurzer App-Secret-Ablaufbericht für Sicherheitsreviews.Short app secret expiry report for security reviews.
- Microsoft.Graph.ApplicationsMicrosoft.Graph.Applications
- Scopes: Application.Read.AllScopes: Application.Read.All
- Credential hygieneCredential hygiene
param([string]$OutputPath = ".\app-secret-expiry-short.csv")
try {
Import-Module Microsoft.Graph.Applications -ErrorAction Stop
Connect-MgGraph -Scopes "Application.Read.All" -NoWelcome -ErrorAction Stop
$report = foreach ($app in (Get-MgApplication -All -Property DisplayName,AppId,PasswordCredentials)) {
foreach ($secret in $app.PasswordCredentials) {
[pscustomobject]@{ DisplayName = $app.DisplayName; AppId = $app.AppId; SecretName = $secret.DisplayName; EndDateTime = $secret.EndDateTime }
}
}
$report | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit AppId, SecretName und EndDateTime.CSV with app ID, secret name, and end date.
Risky Users ExportRisky Users Export
Exportiert Risky Users aus Identity Protection.Exports risky users from Identity Protection.
- Microsoft.Graph.Identity.SignInsMicrosoft.Graph.Identity.SignIns
- Scopes: IdentityRiskyUser.Read.AllScopes: IdentityRiskyUser.Read.All
- Entra ID P2Entra ID P2
param([string]$OutputPath = ".\risky-users.csv")
try {
Import-Module Microsoft.Graph.Identity.SignIns -ErrorAction Stop
Connect-MgGraph -Scopes "IdentityRiskyUser.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgRiskyUser -All
$items | Select-Object Id,RiskLevel,RiskState,UserDisplayName | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit Risk Level und Benutzer-ID.CSV with risk level and user ID.
Audit Log Sign-Ins ExportAudit Log Sign-Ins Export
Exportiert aktuelle Sign-In-Ereignisse aus dem Audit Log.Exports recent sign-in events from the audit log.
- Microsoft.Graph.Identity.SignInsMicrosoft.Graph.Identity.SignIns
- Scopes: AuditLog.Read.AllScopes: AuditLog.Read.All
- Audit dataAudit data
param([string]$OutputPath = ".\signins-audit.csv")
try {
Import-Module Microsoft.Graph.Identity.SignIns -ErrorAction Stop
Connect-MgGraph -Scopes "AuditLog.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgAuditLogSignIn -Top 500
$items | Select-Object UserPrincipalName,AppDisplayName,CreatedDateTime,IpAddress | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit App, Benutzer, Status und IP-Adresse.CSV with app, user, status, and IP address.
Secure Score SnapshotSecure Score Snapshot
Erzeugt einen schnellen Snapshot der Microsoft Secure Scores.Creates a quick snapshot of Microsoft secure scores.
- Microsoft.Graph.SecurityMicrosoft.Graph.Security
- Scopes: SecurityEvents.Read.AllScopes: SecurityEvents.Read.All
- Security dashboard inputSecurity dashboard input
param([string]$OutputPath = ".\secure-score.csv")
try {
Import-Module Microsoft.Graph.Security -ErrorAction Stop
Connect-MgGraph -Scopes "SecurityEvents.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgSecuritySecureScore -All
$items | Select-Object CurrentScore,MaxScore,CreatedDateTime,AzureTenantId | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit Secure Score, Maximum und Datum.CSV with secure score, maximum, and date.
Sensitivity Labels ExportSensitivity Labels Export
Exportiert verfügbare Sensitivity Labels aus Compliance-Workflows.Exports available sensitivity labels from compliance workflows.
- ExchangeOnlineManagement / Purview RechteExchangeOnlineManagement / Purview permissions
- Label GovernanceLabel governance
- Compliance accessCompliance access
param([string]$OutputPath = ".\sensitivity-labels.csv")
try {
Import-Module ExchangeOnlineManagement -ErrorAction Stop
Connect-ExchangeOnline -ShowBanner:$false -ErrorAction Stop
$items = Get-Label
$items | Select-Object Name,DisplayName,Priority,ImmutableId | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-ExchangeOnline -Confirm:$false -ErrorAction SilentlyContinue
}
Expected output:Expected output: CSV mit Labelnamen und Priorität.CSV with label names and priority.
Retention Policies ExportRetention Policies Export
Exportiert Aufbewahrungsrichtlinien aus Purview/Compliance.Exports retention policies from Purview/compliance.
- ExchangeOnlineManagement / Purview RechteExchangeOnlineManagement / Purview permissions
- Retention GovernanceRetention governance
- Compliance accessCompliance access
param([string]$OutputPath = ".\retention-policies.csv")
try {
Import-Module ExchangeOnlineManagement -ErrorAction Stop
Connect-ExchangeOnline -ShowBanner:$false -ErrorAction Stop
$items = Get-RetentionCompliancePolicy
$items | Select-Object Name,Mode,ExchangeLocation,SharePointLocation,OneDriveLocation | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-ExchangeOnline -Confirm:$false -ErrorAction SilentlyContinue
}
Expected output:Expected output: CSV mit Policy-Name, Mode und Workload-Details.CSV with policy name, mode, and workload details.
External Sharing EventsExternal Sharing Events
Sammelt externe Sharing-Ereignisse aus dem Unified Audit Log.Collects external sharing events from the unified audit log.
- ExchangeOnlineManagementExchangeOnlineManagement
- Audit Logging aktiviertAudit logging enabled
- Unified Audit SearchUnified audit search
param([string]$OutputPath = ".\external-sharing-events.csv")
try {
Import-Module ExchangeOnlineManagement -ErrorAction Stop
Connect-ExchangeOnline -ShowBanner:$false -ErrorAction Stop
Search-UnifiedAuditLog -StartDate (Get-Date).AddDays(-30) -EndDate (Get-Date) -Operations SharingSet,AnonymousLinkCreated -ResultSize 5000 |
Select-Object CreationDate,Operations,UserIds,AuditData |
Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-ExchangeOnline -Confirm:$false -ErrorAction SilentlyContinue
}
Expected output:Expected output: CSV mit Sharing-Operationen aus SharePoint/OneDrive.CSV with sharing operations from SharePoint/OneDrive.
Exchange Online ScriptsExchange Online Scripts
Jeder Eintrag enthält eine kurze Beschreibung, Voraussetzungen, kopierbaren PowerShell-Code und die erwartete Ausgabe.Each entry contains a short description, prerequisites, copyable PowerShell code, and the expected output.
Mailbox InventoryMailbox Inventory
Exportiert alle Benutzerpostfächer.Exports all user mailboxes.
- ExchangeOnlineManagementExchangeOnlineManagement
- Exchange AdminExchange admin
- Mailbox overviewMailbox overview
param([string]$OutputPath = ".\mailbox-inventory.csv")
try {
Import-Module ExchangeOnlineManagement -ErrorAction Stop
Connect-ExchangeOnline -ShowBanner:$false -ErrorAction Stop
$items = Get-EXOMailbox -ResultSize Unlimited
$items | Select-Object DisplayName,UserPrincipalName,PrimarySmtpAddress,RecipientTypeDetails | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-ExchangeOnline -Confirm:$false -ErrorAction SilentlyContinue
}
Expected output:Expected output: CSV mit SMTP-Adresse und Typ.CSV with SMTP address and type.
Mailbox Permissions ExportMailbox Permissions Export
Exportiert Mailboxberechtigungen für ein Zielpostfach.Exports mailbox permissions for a target mailbox.
- ExchangeOnlineManagementExchangeOnlineManagement
- Mailbox IdentityMailbox identity
- Permission reviewPermission review
param(
[Parameter(Mandatory)]
[string]$Identity,
[string]$OutputPath = ".\mailbox-permissions.csv"
)
try {
Import-Module ExchangeOnlineManagement -ErrorAction Stop
Connect-ExchangeOnline -ShowBanner:$false -ErrorAction Stop
Get-MailboxPermission -Identity $Identity | Select-Object User,AccessRights,IsInherited | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch { Write-Error "Script failed: $($_.Exception.Message)"; throw }
finally { Disconnect-ExchangeOnline -Confirm:$false -ErrorAction SilentlyContinue }
Expected output:Expected output: CSV mit Usern und AccessRights.CSV with users and access rights.
Mail Forwarding ReportMail Forwarding Report
Zeigt konfigurierte Mailweiterleitungen.Shows configured mail forwarding.
- ExchangeOnlineManagementExchangeOnlineManagement
- Exchange AdminExchange admin
- Forwarding reviewForwarding review
param([string]$OutputPath = ".\mail-forwarding-report.csv")
try {
Import-Module ExchangeOnlineManagement -ErrorAction Stop
Connect-ExchangeOnline -ShowBanner:$false -ErrorAction Stop
$items = Get-Mailbox -ResultSize Unlimited
$items | Where-Object { $_.ForwardingAddress -or $_.ForwardingSmtpAddress } | Select-Object DisplayName,PrimarySmtpAddress,ForwardingAddress,ForwardingSmtpAddress,DeliverToMailboxAndForward | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-ExchangeOnline -Confirm:$false -ErrorAction SilentlyContinue
}
Expected output:Expected output: CSV mit ForwardingAddress und DeliverToMailboxAndForward.CSV with forwarding address and deliver-to-mailbox-and-forward.
Transport Rules ExportTransport Rules Export
Exportiert alle Mailflow-Regeln.Exports all mail flow rules.
- ExchangeOnlineManagementExchangeOnlineManagement
- Exchange AdminExchange admin
- Transport reviewTransport review
param([string]$OutputPath = ".\transport-rules.csv")
try {
Import-Module ExchangeOnlineManagement -ErrorAction Stop
Connect-ExchangeOnline -ShowBanner:$false -ErrorAction Stop
$items = Get-TransportRule
$items | Select-Object Name,Mode,Priority,State | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-ExchangeOnline -Confirm:$false -ErrorAction SilentlyContinue
}
Expected output:Expected output: CSV mit Regelname, Mode und Priority.CSV with rule name, mode, and priority.
Shared Mailbox InventoryShared Mailbox Inventory
Listet alle Shared Mailboxes.Lists all shared mailboxes.
- ExchangeOnlineManagementExchangeOnlineManagement
- Exchange AdminExchange admin
- Shared mailbox overviewShared mailbox overview
param([string]$OutputPath = ".\shared-mailboxes.csv")
try {
Import-Module ExchangeOnlineManagement -ErrorAction Stop
Connect-ExchangeOnline -ShowBanner:$false -ErrorAction Stop
$items = Get-EXOMailbox -ResultSize Unlimited -RecipientTypeDetails SharedMailbox
$items | Select-Object DisplayName,PrimarySmtpAddress,WhenCreated | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-ExchangeOnline -Confirm:$false -ErrorAction SilentlyContinue
}
Expected output:Expected output: CSV mit Shared Mailboxes.CSV with shared mailboxes.
Distribution Groups ExportDistribution Groups Export
Exportiert klassische Distribution Groups.Exports classic distribution groups.
- ExchangeOnlineManagementExchangeOnlineManagement
- Exchange AdminExchange admin
- DL reviewDL review
param([string]$OutputPath = ".\distribution-groups.csv")
try {
Import-Module ExchangeOnlineManagement -ErrorAction Stop
Connect-ExchangeOnline -ShowBanner:$false -ErrorAction Stop
$items = Get-DistributionGroup -ResultSize Unlimited
$items | Select-Object DisplayName,Alias,PrimarySmtpAddress,ManagedBy | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-ExchangeOnline -Confirm:$false -ErrorAction SilentlyContinue
}
Expected output:Expected output: CSV mit Alias und Primary SMTP.CSV with alias and primary SMTP.
Mailbox Size SummaryMailbox Size Summary
Kurzzusammenfassung der Postfachgrößen.Quick summary of mailbox sizes.
- ExchangeOnlineManagementExchangeOnlineManagement
- Exchange AdminExchange admin
- Mailbox statisticsMailbox statistics
param([string]$OutputPath = ".\mailbox-size-summary.csv")
try {
Import-Module ExchangeOnlineManagement -ErrorAction Stop
Connect-ExchangeOnline -ShowBanner:$false -ErrorAction Stop
$report = foreach ($mb in (Get-EXOMailbox -ResultSize Unlimited -RecipientTypeDetails UserMailbox)) {
$stats = Get-EXOMailboxStatistics -Identity $mb.UserPrincipalName
[pscustomobject]@{ UserPrincipalName = $mb.UserPrincipalName; TotalItemSize = $stats.TotalItemSize; ItemCount = $stats.ItemCount }
}
$report | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch { Write-Error "Script failed: $($_.Exception.Message)"; throw }
finally { Disconnect-ExchangeOnline -Confirm:$false -ErrorAction SilentlyContinue }
Expected output:Expected output: CSV mit Größe und ItemCount je Mailbox.CSV with size and item count per mailbox.
Inbox Rules ExportInbox Rules Export
Exportiert Posteingangsregeln für ein Benutzerpostfach.Exports inbox rules for a user mailbox.
- ExchangeOnlineManagementExchangeOnlineManagement
- Mailbox IdentityMailbox identity
- Rule reviewRule review
param(
[Parameter(Mandatory)]
[string]$Mailbox,
[string]$OutputPath = ".\inbox-rules.csv"
)
try {
Import-Module ExchangeOnlineManagement -ErrorAction Stop
Connect-ExchangeOnline -ShowBanner:$false -ErrorAction Stop
Get-InboxRule -Mailbox $Mailbox | Select-Object Name,Enabled,ForwardTo,RedirectTo,DeleteMessage | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch { Write-Error "Script failed: $($_.Exception.Message)"; throw }
finally { Disconnect-ExchangeOnline -Confirm:$false -ErrorAction SilentlyContinue }
Expected output:Expected output: CSV mit RuleName, Enabled und Forwarding-Aktionen.CSV with rule name, enabled state, and forwarding actions.
SharePoint & OneDrive ScriptsSharePoint & OneDrive Scripts
Jeder Eintrag enthält eine kurze Beschreibung, Voraussetzungen, kopierbaren PowerShell-Code und die erwartete Ausgabe.Each entry contains a short description, prerequisites, copyable PowerShell code, and the expected output.
SharePoint Sites InventorySharePoint Sites Inventory
Inventur aller SharePoint-Sites.Inventory of all SharePoint sites.
- Microsoft.Online.SharePoint.PowerShellMicrosoft.Online.SharePoint.PowerShell
- Admin URLAdmin URL
- SharePoint AdminSharePoint admin
param(
[Parameter(Mandatory)]
[string]$AdminUrl,
[string]$OutputPath = ".\sharepoint-sites.csv"
)
try {
Import-Module Microsoft.Online.SharePoint.PowerShell -ErrorAction Stop
Connect-SPOService -Url $AdminUrl -ErrorAction Stop
$items = Get-SPOSite -Limit All
$items | Select-Object Url,Title,Template,Owner | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
Expected output:Expected output: CSV mit URL, Titel und Template.CSV with URL, title, and template.
Site Storage ExportSite Storage Export
Exportiert Speicherverbrauch pro Site.Exports storage consumption per site.
- Microsoft.Online.SharePoint.PowerShellMicrosoft.Online.SharePoint.PowerShell
- Admin URLAdmin URL
- Storage reviewStorage review
param(
[Parameter(Mandatory)]
[string]$AdminUrl,
[string]$OutputPath = ".\sharepoint-storage.csv"
)
try {
Import-Module Microsoft.Online.SharePoint.PowerShell -ErrorAction Stop
Connect-SPOService -Url $AdminUrl -ErrorAction Stop
$items = Get-SPOSite -Limit All -Detailed
$items | Select-Object Url,Title,StorageUsageCurrent,StorageQuota | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
Expected output:Expected output: CSV mit StorageUsageCurrent und StorageQuota.CSV with storage usage and quota.
OneDrive Sites ExportOneDrive Sites Export
Listet OneDrive-Personal-Sites.Lists OneDrive personal sites.
- Microsoft.Online.SharePoint.PowerShellMicrosoft.Online.SharePoint.PowerShell
- Admin URLAdmin URL
- OneDrive reviewOneDrive review
param(
[Parameter(Mandatory)]
[string]$AdminUrl,
[string]$OutputPath = ".\onedrive-sites.csv"
)
try {
Import-Module Microsoft.Online.SharePoint.PowerShell -ErrorAction Stop
Connect-SPOService -Url $AdminUrl -ErrorAction Stop
$items = Get-SPOSite -IncludePersonalSite $true -Limit All
$items | Where-Object { $_.Url -like '*-my.sharepoint.com/personal/*' } | Select-Object Url,Owner,StorageUsageCurrent | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
Expected output:Expected output: CSV mit Owner und URL der Personal Sites.CSV with owner and URL of personal sites.
External Users ExportExternal Users Export
Exportiert externe SharePoint-Benutzer.Exports external SharePoint users.
- Microsoft.Online.SharePoint.PowerShellMicrosoft.Online.SharePoint.PowerShell
- Admin URLAdmin URL
- External sharing reviewExternal sharing review
param(
[Parameter(Mandatory)]
[string]$AdminUrl,
[string]$OutputPath = ".\sharepoint-external-users.csv"
)
try {
Import-Module Microsoft.Online.SharePoint.PowerShell -ErrorAction Stop
Connect-SPOService -Url $AdminUrl -ErrorAction Stop
Get-SPOExternalUser -Position 0 -PageSize 500 |
Select-Object DisplayName,Email,AcceptedAs,InvitedBy |
Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch { Write-Error "Script failed: $($_.Exception.Message)"; throw }
Expected output:Expected output: CSV mit AcceptedAs und InvitedBy.CSV with accepted-as and invited-by data.
Site Owners ExportSite Owners Export
Exportiert Site-Owner-Zuordnungen.Exports site owner assignments.
- Microsoft.Online.SharePoint.PowerShellMicrosoft.Online.SharePoint.PowerShell
- Admin URLAdmin URL
- Owner reviewOwner review
param(
[Parameter(Mandatory)]
[string]$AdminUrl,
[string]$OutputPath = ".\site-owners.csv"
)
try {
Import-Module Microsoft.Online.SharePoint.PowerShell -ErrorAction Stop
Connect-SPOService -Url $AdminUrl -ErrorAction Stop
$items = Get-SPOSite -Limit All
$items | Select-Object Url,Title,Owner | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
Expected output:Expected output: CSV mit URL und Owner.CSV with URL and owner.
Teams ScriptsTeams Scripts
Jeder Eintrag enthält eine kurze Beschreibung, Voraussetzungen, kopierbaren PowerShell-Code und die erwartete Ausgabe.Each entry contains a short description, prerequisites, copyable PowerShell code, and the expected output.
Teams InventoryTeams Inventory
Inventur aller Teams.Inventory of all teams.
- MicrosoftTeamsMicrosoftTeams
- Teams AdministratorTeams administrator
- Teams listTeams list
param([string]$OutputPath = ".\teams-inventory.csv")
try {
Import-Module MicrosoftTeams -ErrorAction Stop
Connect-MicrosoftTeams -ErrorAction Stop
Get-Team | Select-Object DisplayName,GroupId,Visibility,Archived | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch { Write-Error "Script failed: $($_.Exception.Message)"; throw }
Expected output:Expected output: CSV mit Teamname, GroupId und Visibility.CSV with team name, group ID, and visibility.
Team Owners ExportTeam Owners Export
Exportiert Owner je Team.Exports owners per team.
- MicrosoftTeamsMicrosoftTeams
- Teams AdministratorTeams administrator
- Owner reviewOwner review
param([string]$OutputPath = ".\team-owners.csv")
try {
Import-Module MicrosoftTeams -ErrorAction Stop
Connect-MicrosoftTeams -ErrorAction Stop
$report = foreach ($team in (Get-Team)) {
Get-TeamUser -GroupId $team.GroupId | Where-Object Role -eq 'Owner' | ForEach-Object {
[pscustomobject]@{ Team = $team.DisplayName; User = $_.User; Role = $_.Role }
}
}
$report | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch { Write-Error "Script failed: $($_.Exception.Message)"; throw }
Expected output:Expected output: CSV mit Teamname und Owner-UPNs.CSV with team name and owner UPNs.
Team Guests ExportTeam Guests Export
Zeigt Gastbenutzer in Teams.Shows guest users in Teams.
- MicrosoftTeamsMicrosoftTeams
- Teams AdministratorTeams administrator
- Guest reviewGuest review
param([string]$OutputPath = ".\team-guests.csv")
try {
Import-Module MicrosoftTeams -ErrorAction Stop
Connect-MicrosoftTeams -ErrorAction Stop
$report = foreach ($team in (Get-Team)) {
Get-TeamUser -GroupId $team.GroupId | Where-Object User -like '*#EXT#*' | ForEach-Object {
[pscustomobject]@{ Team = $team.DisplayName; Guest = $_.User }
}
}
$report | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch { Write-Error "Script failed: $($_.Exception.Message)"; throw }
Expected output:Expected output: CSV mit Teamname und Gastkonto.CSV with team name and guest account.
Channels ExportChannels Export
Exportiert Kanäle aller Teams.Exports channels from all teams.
- MicrosoftTeamsMicrosoftTeams
- Teams AdministratorTeams administrator
- Channel reviewChannel review
param([string]$OutputPath = ".\team-channels.csv")
try {
Import-Module MicrosoftTeams -ErrorAction Stop
Connect-MicrosoftTeams -ErrorAction Stop
$report = foreach ($team in (Get-Team)) {
Get-TeamChannel -GroupId $team.GroupId | ForEach-Object {
[pscustomobject]@{ Team = $team.DisplayName; Channel = $_.DisplayName; MembershipType = $_.MembershipType }
}
}
$report | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch { Write-Error "Script failed: $($_.Exception.Message)"; throw }
Expected output:Expected output: CSV mit Teamname, Kanalname und MembershipType.CSV with team name, channel name, and membership type.
Meeting Policies ExportMeeting Policies Export
Exportiert Teams Meeting Policies.Exports Teams meeting policies.
- MicrosoftTeamsMicrosoftTeams
- Teams AdministratorTeams administrator
- Policy reviewPolicy review
param([string]$OutputPath = ".\teams-meeting-policies.csv")
try {
Import-Module MicrosoftTeams -ErrorAction Stop
Connect-MicrosoftTeams -ErrorAction Stop
Get-CsTeamsMeetingPolicy | Select-Object Identity,AllowAnonymousUsersToStartMeeting,AllowCloudRecording,MediaBitRateKb | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch { Write-Error "Script failed: $($_.Exception.Message)"; throw }
Expected output:Expected output: CSV mit Policyname und wichtigen Flags.CSV with policy name and key flags.
Reporting ScriptsReporting Scripts
Jeder Eintrag enthält eine kurze Beschreibung, Voraussetzungen, kopierbaren PowerShell-Code und die erwartete Ausgabe.Each entry contains a short description, prerequisites, copyable PowerShell code, and the expected output.
License SummaryLicense Summary
Zusammenfassung belegter SKUs.Summary of consumed SKUs.
- Microsoft.Graph.Identity.DirectoryManagementMicrosoft.Graph.Identity.DirectoryManagement
- Scopes: Organization.Read.AllScopes: Organization.Read.All
- SKU summarySKU summary
param([string]$OutputPath = ".\license-summary.csv")
try {
Import-Module Microsoft.Graph.Identity.DirectoryManagement -ErrorAction Stop
Connect-MgGraph -Scopes "Organization.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgSubscribedSku -All
$items | Select-Object SkuPartNumber,ConsumedUnits,PrepaidUnits | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit SKU und ConsumedUnits.CSV with SKU and consumed units.
Sign-In Heatmap ExportSign-In Heatmap Export
Aggregiert Sign-Ins nach Stunde.Aggregates sign-ins by hour.
- Microsoft.Graph.Identity.SignInsMicrosoft.Graph.Identity.SignIns
- Scopes: AuditLog.Read.AllScopes: AuditLog.Read.All
- Heatmap sourceHeatmap source
param([string]$OutputPath = ".\signin-heatmap-export.csv")
try {
Import-Module Microsoft.Graph.Identity.SignIns -ErrorAction Stop
Connect-MgGraph -Scopes "AuditLog.Read.All" -NoWelcome -ErrorAction Stop
Get-MgAuditLogSignIn -Top 1000 |
Group-Object { $_.CreatedDateTime.Hour } |
Select-Object @{Name='Hour';Expression={[int]$_.Name}},Count |
Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch { Write-Error "Script failed: $($_.Exception.Message)"; throw }
finally { Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null }
Expected output:Expected output: CSV mit Stunde und Anzahl.CSV with hour and count.
Inactive Licensed UsersInactive Licensed Users
Findet lizenzierte Benutzer ohne aktuelle Aktivität.Finds licensed users without recent activity.
- Microsoft.Graph.UsersMicrosoft.Graph.Users
- Scopes: User.Read.AllScopes: User.Read.All
- License cleanupLicense cleanup
param([string]$OutputPath = ".\inactive-licensed-users.csv")
try {
Import-Module Microsoft.Graph.Users -ErrorAction Stop
Connect-MgGraph -Scopes "User.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgUser -All -Property DisplayName,UserPrincipalName,AssignedLicenses,SignInActivity
$items | Where-Object { $_.AssignedLicenses.Count -gt 0 } | Select-Object DisplayName,UserPrincipalName,@{Name='LicenseCount';Expression={$_.AssignedLicenses.Count}},@{Name='LastSignIn';Expression={$_.SignInActivity.LastSuccessfulSignInDateTime}} | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit Lizenzanzahl und letzter Anmeldung.CSV with license count and last sign-in.
Managed Devices InventoryManaged Devices Inventory
Inventur verwalteter Intune-Geräte.Inventory of managed Intune devices.
- Microsoft.Graph.DeviceManagementMicrosoft.Graph.DeviceManagement
- Scopes: DeviceManagementManagedDevices.Read.AllScopes: DeviceManagementManagedDevices.Read.All
- Intune accessIntune access
param([string]$OutputPath = ".\managed-devices.csv")
try {
Import-Module Microsoft.Graph.DeviceManagement -ErrorAction Stop
Connect-MgGraph -Scopes "DeviceManagementManagedDevices.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgDeviceManagementManagedDevice -All
$items | Select-Object DeviceName,UserPrincipalName,OperatingSystem,ComplianceState | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit Gerät, Benutzer und Compliance-Status.CSV with device, user, and compliance state.
Applications InventoryApplications Inventory
Inventur aller App-Registrierungen.Inventory of all app registrations.
- Microsoft.Graph.ApplicationsMicrosoft.Graph.Applications
- Scopes: Application.Read.AllScopes: Application.Read.All
- App inventoryApp inventory
param([string]$OutputPath = ".\applications-inventory.csv")
try {
Import-Module Microsoft.Graph.Applications -ErrorAction Stop
Connect-MgGraph -Scopes "Application.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgApplication -All
$items | Select-Object DisplayName,AppId,SignInAudience,PublisherDomain | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit DisplayName, AppId und SignInAudience.CSV with display name, app ID, and sign-in audience.
Service Principals InventoryService Principals Inventory
Inventur aller Service Principals.Inventory of all service principals.
- Microsoft.Graph.ApplicationsMicrosoft.Graph.Applications
- Scopes: Application.Read.AllScopes: Application.Read.All
- Service principal reviewService principal review
param([string]$OutputPath = ".\service-principals-inventory.csv")
try {
Import-Module Microsoft.Graph.Applications -ErrorAction Stop
Connect-MgGraph -Scopes "Application.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgServicePrincipal -All
$items | Select-Object DisplayName,AppId,ServicePrincipalType,AccountEnabled | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit SPN, AppId und ServicePrincipalType.CSV with SPN, app ID, and service principal type.
Admin Role AssignmentsAdmin Role Assignments
Exportiert Rollenzuweisungen für Adminrollen.Exports role assignments for admin roles.
- Microsoft.Graph.Identity.GovernanceMicrosoft.Graph.Identity.Governance
- Scopes: RoleManagement.Read.AllScopes: RoleManagement.Read.All
- Role governanceRole governance
param([string]$OutputPath = ".\admin-role-assignments.csv")
try {
Import-Module Microsoft.Graph.Identity.Governance -ErrorAction Stop
Connect-MgGraph -Scopes "RoleManagement.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgRoleManagementDirectoryRoleAssignmentSchedule -All
$items | Select-Object PrincipalId,RoleDefinitionId,StartDateTime,EndDateTime | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit PrincipalId und RoleDefinitionId.CSV with principal and role definition IDs.
Verified Domains ExportVerified Domains Export
Exportiert Domänenstatus und Authentifizierungstyp.Exports domain state and authentication type.
- Microsoft.Graph.Identity.DirectoryManagementMicrosoft.Graph.Identity.DirectoryManagement
- Scopes: Directory.Read.AllScopes: Directory.Read.All
- Domain inventoryDomain inventory
param([string]$OutputPath = ".\verified-domains.csv")
try {
Import-Module Microsoft.Graph.Identity.DirectoryManagement -ErrorAction Stop
Connect-MgGraph -Scopes "Directory.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgDomain -All
$items | Select-Object Id,IsVerified,AuthenticationType,IsDefault | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit Id, IsVerified und AuthenticationType.CSV with ID, verified state, and authentication type.
Mailbox Activity ReportMailbox Activity Report
Exportiert Mailbox Activity aus Microsoft 365 Reports.Exports mailbox activity from Microsoft 365 reports.
- Microsoft.Graph.ReportsMicrosoft.Graph.Reports
- Scopes: Reports.Read.AllScopes: Reports.Read.All
- Usage reportingUsage reporting
param([string]$OutputPath = ".\mailbox-activity-report.csv")
try {
Import-Module Microsoft.Graph.Reports -ErrorAction Stop
Connect-MgGraph -Scopes "Reports.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgReportMailboxUsageDetail -Period D30
$items | Select-Object * | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit Aktivitätswerten pro Benutzerpostfach.CSV with activity values per mailbox user.
M365 Usage SnapshotM365 Usage Snapshot
Sammelt einen schnellen Usage-Snapshot für OneDrive und Teams.Collects a quick usage snapshot for OneDrive and Teams.
- Microsoft.Graph.ReportsMicrosoft.Graph.Reports
- Scopes: Reports.Read.AllScopes: Reports.Read.All
- Usage reportingUsage reporting
param([string]$OutputPath = ".\m365-usage-snapshot.csv")
try {
Import-Module Microsoft.Graph.Reports -ErrorAction Stop
Connect-MgGraph -Scopes "Reports.Read.All" -NoWelcome -ErrorAction Stop
$items = Get-MgReportTeamUserActivityUserDetail -Period D7
$items | Select-Object * | Export-Csv $OutputPath -NoTypeInformation -Encoding UTF8
}
catch {
Write-Error "Script failed: $($_.Exception.Message)"
throw
}
finally {
Disconnect-MgGraph -ErrorAction SilentlyContinue | Out-Null
}
Expected output:Expected output: CSV mit Kennzahlen aus Teams- und OneDrive-Reports.CSV with metrics from Teams and OneDrive reports.
Automation & Scheduled TasksAutomation & Scheduled Tasks
Jeder Eintrag enthält eine kurze Beschreibung, Voraussetzungen, kopierbaren PowerShell-Code und die erwartete Ausgabe.Each entry contains a short description, prerequisites, copyable PowerShell code, and the expected output.
Register Daily User Report TaskRegister Daily User Report Task
Registriert eine tägliche geplante Aufgabe für einen User-Report.Registers a daily scheduled task for a user report.
- Lokaler Windows Task SchedulerLocal Windows Task Scheduler
- Pfad zum ReportskriptPath to the report script
- Adminrechte auf dem HostAdmin rights on the host
param(
[Parameter(Mandatory)]
[string]$ScriptPath
)
$action = New-ScheduledTaskAction -Execute "powershell.exe" -Argument "-NoProfile -ExecutionPolicy Bypass -File `"$ScriptPath`""
$trigger = New-ScheduledTaskTrigger -Daily -At 06:00
$principal = New-ScheduledTaskPrincipal -UserId "SYSTEM" -LogonType ServiceAccount -RunLevel Highest
Register-ScheduledTask -TaskName "Daily-User-Inventory" -Action $action -Trigger $trigger -Principal $principal
Expected output:Expected output: Registrierte Scheduled Task mit täglichem Trigger.Registered scheduled task with a daily trigger.
Retry Wrapper TemplateRetry Wrapper Template
Generischer Retry-Wrapper für instabile API-Aufrufe.Generic retry wrapper for unstable API calls.
- Lokales PowerShellLocal PowerShell
- Für API-/REST-WorkflowsFor API/REST workflows
- Wiederverwendbare FunktionReusable function
function Invoke-WithRetry {
param([scriptblock]$ScriptBlock,[int]$MaxAttempts = 5)
for ($attempt = 1; $attempt -le $MaxAttempts; $attempt++) {
try { return & $ScriptBlock }
catch {
if ($attempt -eq $MaxAttempts) { throw }
Start-Sleep -Seconds ([math]::Pow(2,$attempt))
}
}
}
Invoke-WithRetry -ScriptBlock { Invoke-RestMethod -Uri "https://graph.microsoft.com/v1.0/organization" }
Expected output:Expected output: Wiederverwendbare Funktion mit Exponential Backoff.Reusable function with exponential backoff.
Webhook Notification SenderWebhook Notification Sender
Sendet eine JSON-Nachricht an einen Webhook nach einem Lauf.Sends a JSON message to a webhook after a run.
- Webhook URLWebhook URL
- Lokales PowerShellLocal PowerShell
- JSON payloadJSON payload
param(
[Parameter(Mandatory)]
[string]$WebhookUrl,
[string]$Message = "Report completed"
)
$payload = @{ text = $Message; generatedAt = (Get-Date) } | ConvertTo-Json
Invoke-RestMethod -Method Post -Uri $WebhookUrl -Body $payload -ContentType "application/json"
Expected output:Expected output: HTTP POST an den angegebenen Webhook.HTTP POST to the specified webhook.
Archive CSV ReportsArchive CSV Reports
Verschiebt ältere CSV-Reports in ein Archivverzeichnis.Moves older CSV reports into an archive directory.
- Lokales DateisystemLocal file system
- Report-OrdnerReport folder
- ArchivpfadArchive path
param(
[string]$SourceFolder = ".",
[string]$ArchiveFolder = ".\archive",
[int]$OlderThanDays = 7
)
if (-not (Test-Path $ArchiveFolder)) { New-Item -ItemType Directory -Path $ArchiveFolder | Out-Null }
Get-ChildItem $SourceFolder -Filter *.csv |
Where-Object LastWriteTime -lt (Get-Date).AddDays(-$OlderThanDays) |
Move-Item -Destination $ArchiveFolder
Expected output:Expected output: Archivierte CSV-Dateien mit Erstellungsdatum.Archived CSV files with creation date.
Start Transcript Job WrapperStart Transcript Job Wrapper
Startet einen Lauf mit Transcript und Fehlerprotokollierung.Starts a run with transcript and error logging.
- Lokales PowerShellLocal PowerShell
- Pfad zum ZielsriptPath to the target script
- Logging-VerzeichnisLogging folder
param(
[Parameter(Mandatory)]
[string]$ScriptPath,
[string]$LogFolder = ".\logs"
)
if (-not (Test-Path $LogFolder)) { New-Item -ItemType Directory -Path $LogFolder | Out-Null }
$log = Join-Path $LogFolder ("run-" + (Get-Date -Format "yyyyMMdd-HHmmss") + ".log")
Start-Transcript -Path $log
try { & $ScriptPath }
finally { Stop-Transcript }
Expected output:Expected output: Transcript-Datei und Fehlerlog pro Lauf.Transcript file and error log per run.