Powershell - compare two mailboxes in hash table and export to CSV

 

I thought I’d share a useful little powershell trick I used today which allowed me to easily compare two very similar mailboxes in Office 365.  I had a user who had a duplicate mailbox which had been inadvertently created through an issue with AAD Sync.  I knew all the fields I would be comparing would be identical so I used a hash table with embedded arrays to compare the information I was interested in.    First create a variable for each mailbox which will contain all the information we will be comparing.  Then create the hashtable.

$user1 =  get-mailbox -identity user.name@contoso.com $user2 =  get-mailbox -identity user.name@contoso-corp.com $combined = @{}

Next pipe the fields from the variable into the hash table, creating an array for each one.  Then pipe the variables containing our mailbox data into the nested arrays in the hashtable.

$user1.psobject.properties | Foreach { $combined[$_.Name] = @() } $user1.psobject.properties | Foreach { $combined[$_.Name] += $_.Value } $user2.psobject.properties | Foreach { $combined[$_.Name] += $_.Value }

Finally I converted the hashtable back to a PSObject so that I could export it to a csv file and analyse the output in Excel.

$combined.getenumerator() | ForEach-Object {     New-Object -Type PSObject -Property @   {         'Field' = $_.Name         'contoso.com' = $_.Value[0]         'contoso-corp.com' = $_.Value[1]                                             }     } | Select-Object Field, contoso.com, contoso-corp.com | Export-Csv C:\cloudwyse\comparison.csv -NoType

The whole (short) script is available in the Gist below.

Powershell LDAP query to find Azure / O365 users synchronised with AD Sync

 

Recently I needed to create a quick report that would allow me to see at a glance which accounts in that domain had been synchronised with AD Sync into Azure AD.  It wasn’t possible using Get-ADuser and I knew an LDAP query would do the trick.  First I had to download a powershell module called System.DirectoryServices.Protocols.  Once the module is downloaded run:

Add-Type -AssemblyName System.DirectoryServices.Protocols Import-Module C:\Cloudwyse\Tools\S.DS.P.psm1

Then to query the information I required I ran:

$MigratedUsers=Find-LdapObject -SearchFilter:"(msDS-ExternalDirectoryObjectId=*)" -SearchBase:"DC=contoso,DC=com" -LdapConnection:"server01.contoso.com" -PageSize 500

Conversely, if you wanted to find all users that HADN’T been synchronised you could run the following:

$MigratedUsers=Find-LdapObject -SearchFilter:"(!msDS-ExternalDirectoryObjectId=*)" -SearchBase:"DC=contoso,DC=com" -LdapConnection:"server01.contoso.com" -PageSize 500

I still had a few service accounts showing so I just filtered these in Excel based on the DN.  To export the fil just run…

Export-CSV C:\Cloudwyse\User_report.csv

 

 

Powershell Script to Create Random Complex Passwords suitable for O365

 

This script enables you to generate a set of random complex passwords for a list of users which is imported as a CSV file.  The password will contain upper and lowercase letters, symbols, numbers and will always be between 8-16 characters in length (meeting the O365 requirements).  Obviously the functions can be tweaked to make the passords more or less secure and the script could be altered to add more sections to the password.  Remember each time a function is called within the foreach, the variable name will need to be different in order to stop the same part of the password repeating.  That’s why there are multiple random symbol and random numbers.

$JobStart = Get-Date $userlistpath = "C:\cloudwyse\users_requiring_passwords.csv" $wordlistpath = "C:\cloudwyse\dictionary.csv" $DateTime = (Get-Date -Format "ddMMyyyy-HHmmss") $exportpath = "C:\Cloudwyse\users_with_passwords$DateTime.csv" Write-Host  -ForegroundColor Magenta "Importing lists from $userlistpath and $wordlistpath..." $userlist = import-csv $userlistpath $wordlist = import-csv $wordlistpath $JobEnd = Get-Date $JobSecondsTaken = ($JobEnd - $JobStart) Write-Host -ForegroundColor Yellow "Lists imported taking" $JobSecondsTaken.Minutes "minute(s) and" $JobSecondsTaken.Seconds "second(s)." $symbollist = @("`^","`!","`%","`&") function RandomWord {$wordlist[(get-random -maximum 716)] | select-object -ExpandProperty Word} function RandomNumber {get-random -minimum 10 -maximum 99} function RandomSymbol {$symbollist[(get-random -maximum 4)]} $total = $null $Job2Start = Get-Date $pwList = @() foreach ($user in $userlist)     {        $pwPart1 = RandomSymbol        $pwPart2a = RandomWord        $pwPart2 = (Get-Culture).TextInfo.ToTitleCase($pwPart2a.ToLower())        $pwPart3 = RandomSymbol        $pwPart4 = RandomNumber        $pwPart5 = RandomNumber        $longpass = "$pwPart1$pwPart2$pwPart3$pwPart4"        if ($longpass.length -lt 8) {                  do {              $longpass += $pwPart5              }              until ($longpass.length -ge 8)              }        $password = $longpass.substring(0, [System.Math]::Min(16, $longpass.Length))        $username = $user | Select-Object -ExpandProperty User        $pw = New-Object PSObject        $pw | Add-Member -type NoteProperty -Name 'User' -Value $username        $pw | Add-Member -type NoteProperty -Name 'Password' -Value $password        Write-Host  -ForegroundColor Magenta "Processed password for user" $username        $pwlist += $pw        $total = $total +1        } $Job2End = Get-Date $Job2SecondsTaken = ($Job2End - $Job2Start) Write-Host -ForegroundColor Yellow "Processed $total passwords in" $Job2SecondsTaken.Minutes "minute(s) and" $Job2SecondsTaken.Seconds "second(s)." Write-Host  -ForegroundColor Magenta "Exporting list..." $pwList | Export-csv -Path $exportpath Write-Host -ForegroundColor Yellow "Finished exporting list to $exportpath"

The CSV file I used for the dictionary can be downloaded here.