Gathering details from source tenant
As part of the assessment phase, Its required to collect the details from source tenant. Here is a quick guide on how we can export the required details from source tenant quickly.
Azure ActiveDirectory
- User Objects
- Use Get-AzuerADUser for exporting User Details
- Use Get-AzureADUserManager for exporting user manager
- Use Get-AzureADUserThumbnails for exporting user thumbnails
Here is a sample script which can be used for exporting the user details. As a prerequisite, Please install AzureAD module before executing the script.
Connect-AzureAD
If ((Test-Path C:\GoDaddyTenant\Export\AADUsers\Thumbs) -like "False") {New-Item -ItemType Directory -Path "C:\GoDaddyTenant\Export\AADUsers\Thumbs"}
Get-AzureADUser -All $True |Export-Csv -Path "C:\GoDaddyTenant\Export\AADUsers\AllUsers.CSV"
[Array] $UserArray = Import-Csv "C:\GoDaddyTenant\Export\AADUsers\AllUsers.CSV"
[string] $UserManagerFile = "C:\GoDaddyTenant\Export\AADUsers\UserManager.CSV"
$Len = $UserArray.Count
For ($i = 0; $i -lt $Len ; $i++)
{
$oID = $UserArray.ObjectId[$i]
Get-AzureADUserManager -ObjectId $oID |Select-Object @{Label="User"; Expression={$UserArray.UserPrincipalName[$i]}}, @{Label="Manager"; Expression={$_.UserPrincipalName}} |Export-Csv -LiteralPath $UserManagerFile -Append
IF ($UserArray[$i].UserType -eq "Member")
{
[string] $FN = $UserArray[$i].UserPrincipalName
[string] $FP = "C:\GoDaddyTenant\Export\AADUsers\Thumbs"
Get-AzureADUserThumbnailPhoto -ObjectId $UserArray[$i].ObjectId -FilePath $FP -FileName $FN -ErrorAction SilentlyContinue
}
}
- Groups and Group Membership
- User Get-AzureADGroup for exporting groups
- Use Get-AzureADGroupMember for exporting group members
- Use Get-AzureADGroupOwner for exporting group owners
Here is a sample script which can be used for exporting the group details. As a prerequisite, Please install AzureAD module before executing the script.
Connect-AzureAD
If ((Test-Path C:\GoDaddyTenant\Export\AADGroups) -like "False") {New-Item -ItemType Directory -Path "C:\GoDaddyTenant\Export\AADGroups"}
Get-AzureADGroup -All $True |Export-Csv -Path "C:\GoDaddyTenant\Export\AADGroups\AllGroups.CSV"
[Array] $GroupArray = Import-Csv "C:\GoDaddyTenant\Export\AADGroups\AllGroups.CSV"
[string] $GroupOwnerShip = "C:\GoDaddyTenant\Export\AADGroups\GroupOwnership.csv"
$Len = $GroupArray.Count
For ($i = 0; $i -lt $Len ; $i++)
{
$oID = $GroupArray.ObjectId[$i]
[string] $TrimmedGroupName = $GroupArray[$i].DisplayName.Trim()
[string] $FP = "C:\GoDaddyTenant\Export\AADGroups\"+$TrimmedGroupName+"_"+$GroupArray.ObjectId[$i]+".csv"
$FP
Get-AzureADGroupMember -ObjectId $GroupArray[$i].ObjectId |Export-Csv -LiteralPath $FP
Get-AzureADGroupOwner -ObjectId $GroupArray[$i].ObjectId |Select-Object @{Label="GroupName"; Expression={$GroupArray.DisplayName[$i]}}, UserPrincipalName | Export-Csv -LiteralPath $GroupOwnerShip -Append
}
- Devices
- Get-AzureADDevice to export Azure AD registered / AAD joined devices
Here is a sample script which can be used for exporting the device details. As a prerequisite, Please install AzureAD module before executing the oneliner.
Get-AzureADDevice -All $true |Export-Csv -Path "C:\GoDaddyTenant\Export\AADDevices\AllDevices.csv"
Exchange Online
- Use Get-Mailbox for exporting mailbox details
- Use Get-EXORecipient for exporting all recipients
- Use Get-MailContact for exporting all mail contacts
- Use Get-Group for exporting all distribution groups
- Use Get-UnifiedGroup for exporting all unified groups
- Use Get-DynamicDistributionGroup for exporting Dynamic Distribution Groups
Here is a sample script which can be used for exporting the user details. As a prerequisite, Please install ExchangeOnline module before executing the script.
Connect-ExchangeOnline
If ((Test-Path C:\GoDaddyTenant\Export\ExchangeOnline) -like "False") {New-Item -ItemType Directory -Path "C:\GoDaddyTenant\Export\ExchangeOnline"}
Get-Mailbox -ResultSize Unlimited|Export-Csv -Path "C:\GoDaddyTenant\Export\ExchangeOnline\AllMailboxes.csv"
Get-EXORecipient -ResultSize Unlimited |Export-CSv -Path "C:\GoDaddyTenant\Export\ExchangeOnline\AllRecipients.csv"
Get-MailContact -ResultSize Unlimited |Export-CSv -Path "C:\GoDaddyTenant\Export\ExchangeOnline\AllContacts.csv"
Get-Group -RecipientTypeDetails MailUniversalDistributionGroup, MailUniversalSecurityGroup |Export-CSv -Path "C:\GoDaddyTenant\Export\ExchangeOnline\AllDistributionGroups.csv"
Get-UnifiedGroup -IncludeAllProperties -ResultSize Unlimited|Export-CSv -Path "C:\GoDaddyTenant\Export\ExchangeOnline\AllUnifiedGroups.csv"
Get-DynamicDistributionGroup -ResultSize Unlimited |Export-CSv -Path "C:\GoDaddyTenant\Export\ExchangeOnline\AllDynamicDistributionGroups.csv"
[Array] $MailboxArray = Import-Csv "C:\GoDaddyTenant\Export\ExchangeOnline\AllMailboxes.csv"
[string] $MailboxUsageStatistics = "C:\GoDaddyTenant\Export\ExchangeOnline\MailboxUsageStatistics.csv"
$Len = $MailboxArray.Count
For ($i = 0; $i -lt $Len ; $i++)
{
[string] $MailboxFolderStatistics = "C:\GoDaddyTenant\Export\ExchangeOnline\"+$MailboxArray.UserPrincipalName[$i]+"_MailboxUsageStatistics.CSV"
Get-EXOMailboxStatistics -Identity $MailboxArray.UserPrincipalName[$i] |Export-Csv -LiteralPath $MailboxUsageStatistics -Append
Get-EXOMailboxFolderStatistics -Identity $MailboxArray.UserPrincipalName[$i] |Export-Csv -LiteralPath $MailboxFolderStatistics
}
Get-AcceptedDomain |Export-CSv -Path "C:\GoDaddyTenant\Export\ExchangeOnline\ExchangeOnlineConfiguration_AcceptedDomains.csv"
Get-TransportRule -ResultSize Unlimited |Export-CSv -Path "C:\GoDaddyTenant\Export\ExchangeOnline\ExchangeOnlineConfiguration_AllTransportRules.csv"
Teams
- Use Get-Teams for exporting Teams details
- Use Get-TeamUser for exporting Team Users
- Use Get-TeamChannel for exporting Team Channels
- Use Get-TeamChannelUser for exporting private channel users
Here is a sample script which can be used for exporting the user details. As a prerequisite, Please install MicrosoftTeams module before executing the script.
Connect-MicrosoftTeams
[array] $TeamChannelsDetails = $()
If ((Test-Path C:\GoDaddyTenant\Export\Teams\Permissions) -like "False") {New-Item -ItemType Directory -Path "C:\GoDaddyTenant\Export\Teams\Permissions"}
$TeamsDetails = Get-Team
$TeamsDetails |Export-Csv -path "C:\GoDaddyTenant\Export\Teams\TeamsDetails.csv"
$TeamsCount = $TeamsDetails.Count
For ($i=0; $i -lt $TeamsCount; $i++)
{
[int] $tempCount = $i+1
[array] $tn = $TeamsDetails[$i]
Write-Host "Processing $tempcount out of $TeamsCount Teams... Now processing" $Tn.DisplayName -ForegroundColor DarkYellow
[string] $PermissionGID = "C:\GoDaddyTenant\Export\Teams\Permissions\TeamPermission_"+$TeamsDetails.GroupID[$i]+".csv"
[string] $PermissionFriendlyName = "C:\GoDaddyTenant\Export\Teams\TeamPermission_"+$tn.displayname+".csv"
$TeamChannelsDetails += Get-TeamChannel -GroupId $TeamsDetails[$i].GroupID |Select-Object @{Label="TeamName"; Expression={$tn.DisplayName}}, @{Label="TeamGroupID"; Expression={$tn.groupid}}, ID, DisplayName, MembershipType, Description
$TeamsUserPermission = Get-TeamUser -GroupId $TeamsDetails[$i].GroupID |Select-Object User, UserID, Name, Role, @{Label="MailID"; Expression={$_.User}}
IF ($TeamsUserPermission.Role.Contains("guest") -eq "True")
{
Write-Host "Guest User Detected in Team Permission"
$TLenght = $TeamsUserPermission.Length
For ($j=0; $j -lt $TLenght; $j++)
{
IF ($TeamsUserPermission.Role[$j] -like "Guest")
{
$extractedMail = $TeamsUserPermission.user[$j].Split("#")[0]
$indexofdash = $extractedMail.LastIndexOf("_")
$TeamsUserPermission[$j].MailID = $extractedMail.Remove($indexofdash,1).Insert($indexofdash,"@")
}
}
}
$TeamsUserPermission | Export-Csv $PermissionFriendlyName
Get-TeamUser -GroupId $TeamsDetails[$i].GroupID |Export-Csv $PermissionGID
Write-Host Checking for Private Channels -ForegroundColor Red
$TeamPriviateChannels = Get-TeamChannel -GroupId $tn.GroupID -MembershipType "Private"
If ($TeamPriviateChannels.Count -gt 0)
{
Write-Host $TeamPriviateChannels.Count "Priviate Channels Identified" -ForegroundColor Magenta
Foreach ($PriviateChannel in $TeamPriviateChannels)
{
Write-Host "Exporting Priviate Channel Permission - " $PriviateChannel.DisplayName -ForegroundColor DarkYellow
[string] $TeamPriviateChannelPermissionFile = "C:\GoDaddyTenant\Export\Teams\TeamsPrivateChannelPermission_"+$tn.DisplayName+"_"+$PriviateChannel.DisplayName+".csv"
[string] $TeamPriviateChannelPermissionFileGID = "C:\GoDaddyTenant\Export\Teams\Permissions\TeamsPrivateChannelPermission_"+$tn.GroupID+"_"+$PriviateChannel.DisplayName+".csv"
[array] $priviateChannelPermission = Get-TeamChannelUser -GroupId $TeamsDetails[$i].GroupID -DisplayName $PriviateChannel.DisplayName |Select-Object User, UserID, Name, Role, @{Label="MailID"; Expression={$_.User}}
IF ($priviateChannelPermission.Role.Contains("Guest") -eq "True")
{
Write-Host "Guest User Detected"
[int] $PCPCount = $priviateChannelPermission.length
For ($k=0; $k -lt $PCPCount; $k++)
{
IF ($priviateChannelPermission.Role[$k] -like "Guest")
{
$extractedUname = $priviateChannelPermission.user[$k].Split("#")[0]
$indexofdash = $extracteduname.LastIndexOf("_")
$priviateChannelPermission[$k].MailID = $extractedUname.Remove($indexofdash,1).Insert($indexofdash,"@")
}
}
}
Else
{
Write-Host "Guest User Not Detected"
}
$priviateChannelPermission |Export-CSV $TeamPriviateChannelPermissionFile
Get-TeamChannelUser -GroupId $TeamsDetails[$i].GroupID -DisplayName $PriviateChannel.DisplayName |Export-Csv $TeamPriviateChannelPermissionFileGID
}
}
Else
{
Write-Host "No Priviate Group Identified" -ForegroundColor Green
}
}
Write-Host "Exiting For Loop" -BackgroundColor White -ForegroundColor Gray
$TeamChannelsDetails |Export-Csv "C:\GoDaddyTenant\Export\Teams\TeamChannelDetails.csv"
SharePoint Online
- Use Get-SPOSite for exporting SharePoint Online sites
Get started with the SharePoint Online Management Shell | Microsoft Docs
As a prerequisite, Please install SharePointOnline module before executing the script.