Created
November 19, 2019 07:41
-
-
Save agnivesh/14e67cf3b82c7c3017d62c52dc37f0fe to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .NOTES | |
| https://go.microsoft.com/fwlink/p/?LinkId=286152 | |
| Requirements (Powershell Gallery): | |
| - Install-Module MSOnline | |
| - Install-Module ReportHTML | |
| - Install-Module Microsoft.Online.SharePoint.PowerShell | |
| or Download | |
| - Microsoft SharePoint Online Services Module for Windows PowerShell | |
| - https://www.microsoft.com/en-us/download/details.aspx?id=35588 | |
| Nice to have: | |
| - Install-Module -Name Az | |
| #> | |
| #Requires -Version 5.0 | |
| #Requires -Modules MSOnline, ReportHTML, Microsoft.Online.SharePoint.PowerShell | |
| #Requires -RunAsAdministrator | |
| ##############[Connect O365]##################### | |
| Get-PSSession | Remove-PSSession | |
| Import-Module MSOnline | |
| $Creds = Get-Credential | |
| try | |
| { | |
| Write-Verbose "Connecting to Office365" -Verbose | |
| Connect-MsolService -Credential $Creds -ErrorAction SilentlyContinue | |
| $SessionParams = @{ | |
| ConfigurationName = "Microsoft.Exchange" | |
| ConnectionUri = "https://outlook.office365.com/powershell-liveid/" | |
| Credential = $Creds | |
| Authentication = "Basic" | |
| AllowRedirection = $true | |
| } | |
| try | |
| { | |
| $Session = New-PSSession @SessionParams -ErrorAction Stop | |
| Import-PSSession -Session $Session -DisableNameChecking:$true -AllowClobber:$true | Out-Null | |
| } | |
| catch | |
| { | |
| Write-Warning $Error[0].Exception | |
| } | |
| } | |
| catch | |
| { | |
| Write-Warning $Error[0].Exception | |
| } | |
| ##############[Connect Sharepoint]##################### | |
| try | |
| { | |
| Write-Verbose "Connecting to SharePoint Shell" -Verbose | |
| $a = Get-MsolAccountSku | |
| $tenantName = (($a | Select-Object -First 1).AccountSkuId -split ":")[0] | |
| Connect-SPOService -Url ("https://" + $tenantName + "-admin.sharepoint.com/") -Credential $Creds | |
| $SharePointTable = @() | |
| $sc = Get-SPOSite -Limit All | Select-Object Title, URL,StorageUsageCurrent | |
| foreach ($item in $sc) | |
| { | |
| if ([string]::IsNullOrEmpty($item.Title)) | |
| { | |
| $title = '<empty>' | |
| } | |
| else | |
| { | |
| $title = $item.Title | |
| } | |
| $usage = $item.StorageUsageCurrent / 1024 | |
| $SharePointTable += [pscustomobject]@{ | |
| Title = $title | |
| Url = $item.URL | |
| Usage = $usage | |
| } | |
| } | |
| } | |
| catch | |
| { | |
| Write-Warning $Error[0].Exception.Message | |
| } | |
| ################[Info Collecting]##################### | |
| if (-not(Get-MsolCompanyInformation -ErrorAction SilentlyContinue)) | |
| { | |
| Write-Warning 'No Company Found' | |
| return | |
| } | |
| Write-Verbose '--- Gathering Company info' -Verbose | |
| $compInfo = Get-MsolCompanyInformation | |
| Write-Verbose "--- Found : $($compInfo.DisplayName)" -Verbose | |
| $OutName = $compInfo.DisplayName -replace " ", "_" | |
| if ($OutName -match ":") | |
| { | |
| $OutName = $OutName -replace ":", "" | |
| } | |
| Write-Verbose '--- Account/Authentication Controls' -Verbose | |
| $ExoModernAuth = Get-OrganizationConfig | Select-Object OAuth2ClientProfileEnabled | |
| If ($ExoModernAuth.OAuth2ClientProfileEnabled) { | |
| Write-Host "Modern authentication for Exchange Online is enabled" -Foregroundcolor Green | |
| } Else { | |
| Write-Host "Modern authentication for Exchange Online is enabled" -Foregroundcolor Red | |
| } | |
| $SpoModernAuth = Get-SPOTenant | Select-Object LegacyAuthProtocolsEnabled | |
| If ($SpoModernAuth.LegacyAuthProtocolsEnabled) { | |
| Write-Host "Modern authentication for SharePoint applications is enabled" -Foregroundcolor Green | |
| } Else { | |
| Write-Host "Modern authentication for SharePoint applications is enabled" -Foregroundcolor Red | |
| } | |
| $domain = Get-MsolDomain | where {$_.IsDefault -eq $true} | |
| $validityPeriod = (Get-MsolPasswordPolicy -DomainName $domain.Name).ValidityPeriod | |
| If($validityPeriod -eq 2147483647){ | |
| Write-Host "Office 365 passwords are not set to Expire" -Foregroundcolor Green | |
| }Else{ | |
| Write-Host "Office 365 passwords are set to Expire" -Foregroundcolor Red | |
| } | |
| Write-Verbose '---Application Permissions' -Verbose | |
| $sharingPolicy = Get-SharingPolicy | Where-Object { $_.Domains -like '*CalendarSharing*' } | |
| If (!$sharingPolicy.Enabled) { | |
| Write-Host "Calendar details sharing with external users is disabled" -Foregroundcolor Green | |
| } Else { | |
| Write-Host "Calendar details sharing with external users is enabled" -Foregroundcolor Red | |
| } | |
| $ATPPolicy = Get-AtpPolicyForO365 | Select-Object Name,AllowClickThrough,EnableSafeLinksForClients,EnableSafeLinksForWebAccessCompanion,EnableSafeLinksForO365Clients | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment