A question about how best to set auto-replies for Exchange Online shared mailboxes to respond to messages arriving during a public holiday gives another chance for PowerShell to show how useful it is. You could do the work with Flow, but PowerShell is more flexible and capable when dealing with multiple shared mailboxes.
Exchange Online writes audit records into the Office 365 audit log when messages are deleted by delegates and administrative action. We can analyze the audit records to find out who deleted a specific message. Some challenges exist to interpret the audit records for admin-generated deletions (for example, when you run Search-Mailbox), but it’s easy enough to code the necessary checks in PowerShell.
Microsoft makes a strong case that all Azure Active Directory accounts should be protected with multi-factor authentication (MFA). That’s a great aspiration, but the immediate priority is to check accounts holding admin roles. This post explains how to use a PowerShell script to find and report those accounts.
The ability to see the PowerShell commands executed by Exchange administrative centers has existed since Exchange 2007. Now something has changed in Exchange Online and the command log is blank. It’s sad because many administrators learned to use PowerShell by examining how Microsoft used it to manage Exchange. Let’s hope that Microsoft fixes this bug soon.
Teams does a good job of storing compliance records in Exchange Online mailboxes so that the data is available for Office 365 eDiscovery. But the number of records can impact the mailbox quotas of frontline workers, especially if they send graphics in personal and group chats. Here’s some PowerShell to help discover how much mailbox quota is being absorbed by compliance records.