-
Notifications
You must be signed in to change notification settings - Fork 1
/
ExchangeOnlineExclaimerCheck.ps1
229 lines (205 loc) · 11.4 KB
/
ExchangeOnlineExclaimerCheck.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
#<#
#.SYNOPSIS
# Checks and outputs the configuration of Transport Rule and Connectors that may affected routing of emails to Exclaimer.
#
#.DESCRIPTION
# It will first prompt to login with Microsoft, then it will check and outputs the configuration of Transport Rule and Connectors that may affected routing of emails to Exclaimer.
# Output filename is "ExchangeOnlineExclaimerCheck.txt"
#
#.NOTES
# Email: [email protected]
# Date: 27th June 2021
# Updated: 20th June 2024
#
#.PRODUCTS
# Exclaimer Signature Management - Microsoft 365
#
#.REQUIREMENTS
# - Global Administrator access to the Microsoft Tenant
# - Requires path "C:\Temp\"
# - ExchangeOnlineManagement - https://www.powershellgallery.com/packages/ExchangeOnlineManagement/0.4578.0
#
#.VERSION
#
#
# 1.0.1
# - Added call to get other transport rules
# - Added check for Out of Office Transport Rule
# - Added "Priority" to info collected from Transport Rules
# - Conditioned getting of Transport Rules output by pre-checking for its existence (avoiding errors)
#
# 1.0.0
# - Check if the required Module is installed, installs if not present
# - Calls for Login with Microsoft using Modern-Auth
# - Checks if "C:\Temp" exists, creates it if not found
# - Stamps Date/Time when ran
# - Gets Mail Flow Configuration relevant to Exclaimer
# - Gets an Output of all Distribution Groups with "ReportToOriginatorEnabled" not set to "True"
# - Gets "JournalingReportNdrTo" mailbox
# - Gets all AcceptedDomains
# - Gets Default IPAllowList settings
# - Gets Remote Domain settings relevant to Exlcaimer (based on previous tickets)
# - Displays a Message pop-up asking that the file/output is sent back to Support
# - Opens Directory where the Output file was saved
#
#.INSTRUCTIONS
# - Open PowerShell as Administrator
# - Run: set-executionpolicy unrestricted
# - Go to directory where the Script is saved (i.e 'cd "C:\Users\ReplaceWithUserName\Downloads"')
# - Run the Script (i.e '.\ExchangeOnlineExclaimerCheck.ps1')
##>
#Setting variables to use later
$Path = "C:\Temp"
$LogFile = "C:\Temp\ExchangeOnlineExclaimerCheck.txt"
$TransportRuleIdentity = "Identify messages to send to Exclaimer Cloud"
$TransportRuleOOOExclaimer = "Prevent Out of Office messages being sent to Exclaimer Cloud"
$OutboundConnector = "Send to Exclaimer Cloud"
$InboundConnector = "Receive from Exclaimer Cloud*"
$DateTimeRun = Get-Date -Format "ddd dd MMMM yyyy, HH:MM 'UTC' K"
Add-Type -AssemblyName PresentationFramework
#Getting Exchange Online Module
function checkExchangeOnlineModule {
if (Get-Module -ListAvailable -Name ExchangeOnlineManagement) {
#[System.Reflection.Assembly]::LoadWithPartialName('System.Windows.Forms')
#[System.Windows.MessageBox]::Show('ExchangeOnlineManagement module already installed, will continue..."', 'ExchangeOnlineExclaimerCheck', 'OK', 'Information')
}
else {
[System.Reflection.Assembly]::LoadWithPartialName('System.Windows.Forms')
[System.Windows.MessageBox]::Show('ExchangeOnlineManagement module not installed, will attempt to install it now...', 'ExchangeOnlineExclaimerCheck', 'OK', 'Information')
Install-Module ExchangeOnlineManagement
}
}
#Connecting to Exchange Online
function modernAuthConnect {
Connect-ExchangeOnline
}
#Check "C:\Temp"
function pathCheckTemp {
if (Test-Path -Path $Path){
Write-Output ("Temp folder exists") | Out-File $LogFile
}
Else {
New-Item $Path -ItemType Directory
Write-Output "Folder Created successfully" | Out-File $LogFile
}
}
function stampIt {
Write-Output ("Starting all required checks: $DateTimeRun") | Out-File $LogFile -Append
}
#Collecting configuration
function get-ConfigOutput {
Write-Output ("`n###########---Getting Mail Flow configuration.....---###########") | Out-File $LogFile -Append
# Getting variables count
$CountTransportRuleOOOExclaimer = Get-TransportRule | Where {$_.Name -like $TransportRuleOOOExclaimer} | Measure-Object
$CountTransportRuleIdentity = Get-TransportRule | Where {$_.Name -like $TransportRuleIdentity} | Measure-Object
$CountTransportRules = Get-TransportRule | Measure-Object
$CountExclaimerOutboundConnector = Get-OutboundConnector | Where {$_.Name -like $OutboundConnector} | Measure-Object
$CountExclaimerInboundConnector = Get-InboundConnector | Where {$_.Name -like $InboundConnector} | Measure-Object
$CountOtherOutConnectors = Get-OutboundConnector | Where {$_.Name -ne $OutboundConnector} | Measure-Object
Write-Output ("`n----------- Exclaimer Transport Rules..... -----------") | Out-File $LogFile -Append
#Checking Transport Rule "Prevent Out of Office messages being sent to Exclaimer Cloud"
if ($CountTransportRuleOOOExclaimer.Count -ne "0") {
Get-TransportRule | Where {$_.Name -like $TransportRuleOOOExclaimer} | Select-Object Name, State, Priority | Out-File $LogFile -Append
}else{
Write-Output ("`n##### NOTE #####`nThe 'Prevent Out of Office messages being sent to Exclaimer Cloud' Transport Rule was NOT Found`
Issues expected with Automated emails, see article below section 'The email was an out of office email':`
'https://support.exclaimer.com/hc/en-gb/articles/4406732893457'") | Out-File $LogFile -Append
}
#Checking Transport Rule "Identify messages to send to Exclaimer"
if ($CountTransportRuleIdentity.Count -ne "0") {
Get-TransportRule | Where {$_.Name -like $TransportRuleIdentity} | Select-Object Name, State, Priority | Out-File $LogFile -Append
Get-TransportRule | Where {$_.Name -like $TransportRuleIdentity} | Select-Object -ExpandProperty Description | Out-File $LogFile -Append
}else{
Write-Output ("`nNo Transport Rule 'Identify messages to send to Exclaimer' Found") | Out-File $LogFile -Append
}
Write-Output ("`n----------- Exclaimer Connectors..... -----------") | Out-File $LogFile -Append
#Checking for the Exclaimer Outbound Connector
if ($CountExclaimerOutboundConnector.Count -ne "0") {
Get-OutboundConnector | Where {$_.Name -like $OutboundConnector} | Select-Object Identity, Enabled, SmartHosts | Out-File $LogFile -Append
}else{
Write-Output ("`nNo Exclaimer Outbound Connector Found") | Out-File $LogFile -Append
}
#Checking for the Exclaimer Inbound Connector
if ($CountExclaimerInboundConnector.Count -ne "0") {
Get-InboundConnector | Where {$_.Name -like $InboundConnector} | Select-Object Identity, Enabled, TlsSenderCertificateName | Out-File $LogFile -Append
}else{
Write-Output ("`nNo Exclaimer Inbound Connector Found") | Out-File $LogFile -Append
}
Write-Output ("`n----------- Other Outbound Connectors..... -----------") | Out-File $LogFile -Append
#Checking for Other Outbound Connectors
if ($CountOtherOutConnectors.Count -ne "0") {
Get-OutboundConnector | Where {$_.Name -ne $OutboundConnector} | Select-Object Identity, Enabled, IsTransportRuleScoped, SmartHosts | Out-File $LogFile -Append
}else{
Write-Output ("`nNo Other Outbound Connectors Found") | Out-File $LogFile -Append
}
Write-Output ("`n----------- All Transport Rules..... -----------") | Out-File $LogFile -Append
#Checking for Other Outbound Connectors
if ($CountTransportRules.Count -gt "0") {
Get-TransportRule | Select-Object Name, State, Priority | Out-File $LogFile -Append
}else{
Write-Output ("`nNo Other Transport Rules Found") | Out-File $LogFile -Append
}
}
function get-DistributionGroups {
$groups = Get-DistributionGroup -Filter ('ReportToOriginatorEnabled -ne $True -and IsDirSynced -eq $False')
$dirsync = Get-DistributionGroup -Filter ('ReportToOriginatorEnabled -ne $True -and IsDirSynced -eq $true')
$dynamicgroups = Get-DynamicDistributionGroup -Filter ('ReportToOriginatorEnabled -ne $True')
Write-Output ("###########---Getting Distribution Groups with where 'ReportToOriginatorEnabled' is not 'TRUE'.....---###########") | Out-File $LogFile -Append
If ($groups -ne $null) {
Write-Output ("`nBelow are the Office 365 Distribution Groups where 'ReportToOriginatorEnabled' is not 'True'") | Out-File $LogFile -Append
Write-Output $groups | Select DisplayName,PrimarySmtpAddress,ReportToOriginatorEnabled | Format-Table | Out-File $LogFile -Append
}
If ($dirsync -ne $null) {
Write-Output ("`nBelow are the Distribution Groups sync'd from AD where 'ReportToOriginator' is not 'True'") | Out-File $LogFile -Append
Write-Output $dirsync | Select DisplayName,PrimarySmtpAddress,ReportToOriginatorEnabled | Format-Table | Out-File $LogFile -Append
}
If ($dynamicgroups -ne $null) {
Write-Output ("`nBelow are the Office 365 Dynamic Groups where 'ReportToOriginatorEnabled' is not 'True'") | Out-File $LogFile -Append
Write-Output $dynamicgroups | Select DisplayName,PrimarySmtpAddress,ReportToOriginatorEnabled | Format-Table | Out-File $LogFile -Append
}
If ($groups -ne $null -OR $dirsync -ne $null -OR $dynamicgroups -ne $null) {
Write-Output ("##### NOTE #####`nAny Groups that emails are sent to should have 'ReportToOriginatorEnabled' set to 'True' or`
some emails may not be delivered due to 'No Mail From' see article below:`
'https://support.exclaimer.com/hc/en-gb/articles/4406732893457'") | Out-File $LogFile -Append
}
Else {
Write-Output ("`nThere are no Distribution Groups for which 'ReportToOriginatorEnabled' is not set to 'True'") | Out-File $LogFile -Append
}
}
function get-JournalingReportNdrTo {
Write-Output ("`n###########---Getting the mailbox configured as JournalingReportNdrTo.....---###########") | Out-File $LogFile -Append
Get-TransportConfig | Select-Object JournalingReportNdrTo | Out-File $LogFile -Append
}
function get-AcceptedDomains {
Write-Output ("###########---Getting all Accepted Domains.....---###########") | Out-File $LogFile -Append
Get-AcceptedDomain | Select-Object DomainName, DomainType, Default | Out-File $LogFile -Append
}
function get-IPAllowList {
Write-Output ("###########---Getting IPAllowList.....---###########") | Out-File $LogFile -Append
Get-HostedConnectionFilterPolicy -Identity Default | Select-Object Identity, IPAllowList | Out-File $LogFile -Append
}
function get-RemoteDomainOutput {
Write-Output ("###########---Getting Remote Domain Configuration.....---###########") | Out-File $LogFile -Append
Get-RemoteDomain | Select-Object Name, DomainName, CharacterSet, ContentType, TNEFEnabled | Out-File $LogFile -Append
}
#Open Ouput directory
function open-OutputDir {
Start "C:\Temp"
}
#Message
function userMessage {
[System.Reflection.Assembly]::LoadWithPartialName('System.Windows.Forms')
[System.Windows.MessageBox]::Show('Please provide Support the output file named "ExchangeOnlineExclaimerCheck.txt"', 'ExchangeOnlineExclaimerCheck', 'OK', 'Information')
}
checkExchangeOnlineModule
modernAuthConnect
pathCheckTemp
stampIt
get-ConfigOutput
get-DistributionGroups
get-JournalingReportNdrTo
get-AcceptedDomains
get-IPAllowList
get-RemoteDomainOutput
userMessage
open-OutputDir