PowerShell Scripts Archives - Office 365 Reports

Browse Categories

Set Up Automated Microsoft 365 User Sign-in Summary Email Using PowerShell

Every organization’s ultimate goal is to keep its Microsoft 365 environment secure. Among the many security measures, monitoring user sign-ins keeps you stay one step ahead of potential attacks. For example, repeated occurrence of sign-in failures may indicate attempts to compromise user accounts or result from Conditional Access policies blocking sign-ins. …

5 min read

Get OneDrive Usage Report in Microsoft 365

In large organizations, every employee has a personal OneDrive for Business account. Some accounts are approaching storage limits, some are inactive, and a few consume more storage than expected. Without proper monitoring, this can lead to inefficiencies, increased costs for storage, and compliance risks. So, it is essential to monitor storage consumption of users in OneDrive to proactively manage…

3 min read

Find Unused Licenses in Microsoft 365 Using PowerShell

When users leave the organization, switch to new roles, or become inactive, their Microsoft 365 licenses often remain assigned unnecessarily. These unused licenses not only increase your subscription costs but also create unnecessary security risks if left unmanaged. 😕 That’s why finding inactive licenses is crucial. Since Microsoft 365 doesn’t provide…

7 min read

Audit User Account Status Changes in M365 Using PowerShell

In Microsoft 365, enabling or disabling a user account isn’t just a routine admin task; it’s a critical security event. Every change to a user account’s status can affect both access to sensitive data and the organization’s overall productivity. A compromised account, for example, can disrupt workflows and create security risks…

7 min read

Audit PIM Role Activations in Microsoft Entra

Ever wondered who activated a privileged role at 2 AM last night? Or why someone deactivated a critical admin role right before a deployment? If you’re managing Microsoft 365 environments, questions like these are part of the job. That’s where Privileged Identity Management (PIM) auditing comes into play. Auditing PIM…

7 min read

Send Email Alert for Break Glass Account Activity

Break glass accounts in Microsoft 365 are used for emergency access when admin accounts get locked out. 🔒 But since they hold global admin privileges, they’re a prime target for attackers. Imagine an attacker target one of these? If it happens, it can pose a serious risk like account compromise,…

5 min read

How to Remove SharePoint Sharing Links using PowerShell

In our earlier blog we explored how to export all sharing links to track and audit file sharing across your SharePoint Online environment. The post helped admins identify various link types, spot risky shares, and gain visibility into shared content across sites. After receiving several requests from our readers, we’re…

10 min read

How to Trace Emails Sent to External Domains in Exchange Online

Email remains at the heart of business communication, and a good chunk of your email traffic is probably heading out of your tenant. Whether it’s reaching out to clients, collaborating with partners, or sending updates to vendors, external communication is nonstop. But here’s the catch: Are those outbound emails actually…

7 min read

Automate Compromised Account Remediation in Microsoft 365

Microsoft 365 accounts are among the most common targets for attackers. Just one compromised identity can expose access to sensitive emails, files, Teams chats, SharePoint content, and much more. As attack methods grow more sophisticated, including phishing, password spray attacks, token theft, and MFA fatigue, it’s critical to respond quickly…

6 min read

Find All Sharing Links in SharePoint Online

Businesses relying on Microsoft 365 often share files and folders in SharePoint Online to collaborate with internal and external stakeholders. Users create different types of sharing links depending on how much access they want to give others. Over time, these links can become difficult to track, increasing the risk of…

9 min read