Exchange Reporting Script

05/09/2025

Microsoft 365, MS Exchange, MS Graph, PowerShell

Introduction & Overview
What Does This Script Do?
Prerequisites & Requirements
Installation Guide
Understanding Parameters
Step-by-Step Usage Guide
Real-World Examples
Understanding the Output
Troubleshooting Guide
Security Considerations
Automation & Scheduling
Best Practices

Introduction & Overview

Managing Exchange infrastructure can be complex, whether you’re dealing with on-premises Exchange servers, Exchange Online, or hybrid environments. Documentation is crucial for compliance, troubleshooting, and planning, but manually gathering all the configuration details is time-consuming and error-prone.

Meet Your New Best Friend

Our comprehensive Exchange Documentation Script automates the entire process, collecting detailed information about your Exchange environment and generating professional reports that you can use for:

Compliance audits and regulatory requirements
Infrastructure planning and capacity management
Troubleshooting and problem resolution
Migration planning and validation
Security assessments and reviews

✨ Why This Script is Special

Unlike basic documentation tools, this script provides comprehensive coverage of your Exchange environment, including critical components that are often overlooked:

SMTP Relay Configuration – Complete send/receive connector documentation
Certificate Management – All Exchange certificates with expiration tracking
EWS & Client Access – Virtual directory configurations and authentication
Security Settings – TLS, authentication methods, and protection policies
Transport Rules – Complete mail flow rule documentation

What Does This Script Do?

The Exchange Documentation Script is like having a dedicated Exchange consultant that never sleeps. It systematically examines your Exchange environment and creates detailed reports covering every aspect of your messaging infrastructure.

On-Premises Exchange

Exchange server inventory and roles
Database configurations and DAG settings
All certificates with expiration alerts
SMTP connectors and relay configuration
Virtual directories (OWA, EWS, ActiveSync)
Transport rules and mail flow policies
Hybrid configuration details

☁️ Exchange Online

Tenant configuration and accepted domains
Mailbox plans and policies
Exchange Online Protection settings
Defender for Office 365 policies
SMTP connectors for hybrid scenarios
DLP and compliance policies
Mobile device management

Security & Compliance

Certificate expiration monitoring
TLS and authentication settings
Anti-spam and anti-malware policies
Transport security configuration
Audit and logging settings
Role-based access control
Data loss prevention policies

Professional Reports

Interactive HTML reports with navigation
CSV exports for data analysis
Critical alert notifications
Summary statistics dashboards
Environment-specific color coding
Print-friendly formatting
Mobile-responsive design

Critical Monitoring Features

The script automatically identifies potential issues and highlights them in the reports:

Expired Certificates – Immediate alerts for expired SSL/TLS certificates
Expiring Soon – Warnings for certificates expiring within 30 days
Security Misconfigurations – Identification of potential security gaps
Transport Issues – SMTP relay and connector problems

Prerequisites & Requirements

Before diving in, let’s make sure you have everything needed to run the script successfully. Don’t worry – the script will help you install missing components!

️ System Requirements

PowerShell 5.1 or later (PowerShell 7+ recommended)
Windows 10/11 or Windows Server 2016+
Internet connectivity for Exchange Online and module downloads
Administrative privileges on the machine running the script

PowerShell Modules

The script requires specific PowerShell modules depending on your environment. Good news: The script will automatically detect missing modules and offer to install them for you!

✨ Automatic Module Installation

When you run the script, it will:

Check for required modules
Display a list of missing modules
Ask if you want to install them automatically
Install modules with proper permissions

Recommended: Let the script handle module installation for you!

Manual Module Installation

If you prefer to install modules manually:

For Exchange Online:

Install-Module -Name ExchangeOnlineManagement -Scope CurrentUser

For Microsoft Graph (Optional but recommended):

Install-Module -Name Microsoft.Graph -Scope CurrentUser

Required Permissions

The script needs appropriate permissions to access Exchange configuration data:

Environment	Required Roles	Additional Notes
On-Premises Exchange	• Exchange Organization Management • Local Administrator (for PowerShell remoting)	Must be able to connect to Exchange Management Shell
Exchange Online	• Exchange Administrator • Global Administrator (recommended) • Security Administrator (for Defender features)	Modern authentication supported
Hybrid Environment	Both sets of permissions above	Can run with partial permissions if needed

⚠️ Important Security Note

The script uses read-only operations and does not make any changes to your Exchange environment. However, it does collect detailed configuration information, so ensure you:

Store generated reports securely
Review reports before sharing
Follow your organization’s data handling policies

Installation Guide

Getting started with the Exchange Documentation Script is straightforward. Follow these simple steps:

1Download the Script

You can obtain the script from GitHub or your preferred source:

# Option 1: Clone from GitHub

git clone https://github.com/yourusername/exchange-documentation-script.git

cd exchange-documentation-script# Option 2: Download directly

# Download the .ps1 file to your preferred location

2Set PowerShell Execution Policy

If you haven’t already, you may need to adjust the PowerShell execution policy:

# Check current execution policy

Get-ExecutionPolicy# Set execution policy (if needed)

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser

Understanding Execution Policies
RemoteSigned: Allows local scripts and signed remote scripts
CurrentUser: Only affects the current user account
Safe Choice: This setting provides security while allowing the script to run

3Verify Script Location

Make sure the script is in an accessible location:

# Navigate to script directory

cd C:\Scripts\Exchange-Documentation# Verify script exists

Get-ChildItem *.ps1

4Test Basic Functionality

Before running the full documentation, test the script’s help system:

# Display script help

Get-Help .\Exchange-Documentation-Script-Enhanced.ps1 -Full# Show available parameters

Get-Help .\Exchange-Documentation-Script-Enhanced.ps1 -Parameter *

✅ Installation Complete!

If you can see the script help information, you’re ready to proceed. The script will handle module installation and other requirements automatically when you run it.

⚙️ Understanding Parameters

The script uses several parameters to control its behavior. Understanding these parameters will help you get exactly the information you need.

Parameter Reference

Parameter	Type	Required	Description	Example
`Environment`	String	✅ Yes	Specifies which environment to document	OnPremises, Online, Both
`OutputPath`	String	❌ No	Directory for output files	C:\Reports
`ExchangeServer`	String	⚠️ Conditional	FQDN of Exchange server (required for on-premises)	exchange01.contoso.com
`TenantId`	String	❌ No	Azure AD Tenant ID for Exchange Online	contoso.onmicrosoft.com
`Credential`	PSCredential	❌ No	Credentials for authentication	Get-Credential
`IncludeDetailedStats`	Switch	❌ No	Include detailed mailbox statistics	-IncludeDetailedStats

Choosing the Right Environment Parameter

OnPremises

Use when: You have only on-premises Exchange servers

Exchange 2013, 2016, or 2019
No Office 365 integration
Pure on-premises environment

-Environment OnPremises

☁️ Online

Use when: You have only Exchange Online (Office 365)

Microsoft 365 tenant
No on-premises Exchange
Cloud-only environment

-Environment Online

Both

Use when: You have a hybrid environment

On-premises + Exchange Online
Hybrid configuration
Migration scenarios

-Environment Both

Pro Tip: Start Simple

If you’re unsure about your environment, start with the basic required parameter and let the script guide you through the process. It will prompt for additional information as needed.

Step-by-Step Usage Guide

Let’s walk through using the script step by step. We’ll cover the most common scenarios you’ll encounter.

Your First Run: Exchange Online

Let’s start with the simplest scenario – documenting Exchange Online:

1Open PowerShell as Administrator

Right-click on PowerShell and select “Run as Administrator” to ensure proper permissions.

2Navigate to Script Directorycd C:\Scripts\Exchange-Documentation

3Run the Script.\Exchange-Documentation-Script-Enhanced.ps1 -Environment Online -OutputPath “C:\Reports”

4Follow the Prompts

The script will:

Check for required modules
Offer to install missing modules
Prompt for Exchange Online authentication
Begin data collection

On-Premises Exchange Documentation

For on-premises environments, you’ll need to specify your Exchange server:

# Basic on-premises documentation

.\Exchange-Documentation-Script-Enhanced.ps1 -Environment OnPremises -ExchangeServer “exchange01.contoso.com” -OutputPath “C:\Reports”# With specific credentials

$cred = Get-Credential

.\Exchange-Documentation-Script-Enhanced.ps1 -Environment OnPremises -ExchangeServer “exchange01.contoso.com” -Credential $cred -OutputPath “C:\Reports”

Hybrid Environment Documentation

For hybrid environments, the script will collect data from both on-premises and online:

# Hybrid environment with detailed statistics

.\Exchange-Documentation-Script-Enhanced.ps1 -Environment Both -ExchangeServer “exchange01.contoso.com” -OutputPath “C:\Reports” -IncludeDetailedStats

What Happens During Execution

Here’s what you’ll see when the script runs:

Script Initialization

2024-01-15 10:30:00: Starting Comprehensive Exchange Infrastructure Documentation

2024-01-15 10:30:01: Checking required modules…

2024-01-15 10:30:02: ExchangeOnlineManagement module found

2024-01-15 10:30:03: Connecting to Exchange Online…

The script will show progress messages and prompt for authentication when needed.

Data Collection Phase

2024-01-15 10:31:00: Collecting Organization Configuration

2024-01-15 10:31:15: Collecting Tenant Information

2024-01-15 10:31:30: Collecting Mailbox Plans

2024-01-15 10:31:45: Collecting Transport Rules

2024-01-15 10:32:00: Collecting Anti-Spam Policies

…

You’ll see detailed progress as the script collects each category of information.

✅ Script Completion

========================================

COMPREHENSIVE EXCHANGE DOCUMENTATION COMPLETED

========================================

Environment: Online

CSV Report: C:\Reports\Exchange_Comprehensive_Documentation_20240115_103000.csv

HTML Report: C:\Reports\Exchange_Comprehensive_Documentation_20240115_103000.html

Total Categories Documented: 25

Exchange Online Connected: True

Microsoft Graph Connected: True

========================================

Your security team needs a comprehensive audit of Exchange security settings, including transport security and authentication methods.

Solution:

# Security-focused audit

.\Exchange-Documentation-Script-Enhanced.ps1 `

-Environment Both `

-ExchangeServer “exchange01.contoso.com” `

-OutputPath “C:\SecurityAudit\$(Get-Date -Format ‘yyyy-MM-dd-HHmm’)” `

-IncludeDetailedStats

Result:

Detailed security configuration report including certificates, TLS settings, authentication methods, and protection policies with critical security alerts.

⚠️ Important Notes for Production Environments

Test First: Always test the script in a non-production environment first
Maintenance Windows: Consider running during maintenance windows for on-premises environments
Network Impact: The script performs read-only operations but may generate network traffic
Permissions: Ensure you have appropriate permissions before running in production

Understanding the Output

The script generates two types of reports, each designed for different purposes. Let’s explore what you’ll find in each report.

HTML Report – Your Interactive Dashboard

The HTML report is designed for human consumption and provides an interactive, professional interface:

Visual Design

Professional, clean interface
Color-coded sections by environment
Responsive design for all devices
Print-friendly formatting

Critical Alerts

Expired certificate warnings
Certificates expiring soon
Security configuration issues
Transport problems

Summary Dashboard

Total mailbox counts
Server inventory
Certificate status overview
Domain statistics

Detailed Sections

Collapsible categories
Searchable content
Sortable tables
Environment badges

CSV Report – Your Data Analysis Tool

The CSV report is perfect for data analysis, automation, and integration with other tools:

CSV Structure

Each row in the CSV represents a configuration category:

Category: The type of configuration (e.g., “ExchangeServers”, “TransportRules”)
Data: JSON-encoded configuration details
CollectedDate: When the data was collected

️ Report Categories Explained

Here’s what you’ll find in each major category:

️ Infrastructure Categories

Exchange Servers: Server roles, versions, and configurations
Mailbox Databases: Database settings, paths, and quotas
Database Availability Groups: DAG configuration and health
Virtual Directories: Client access configurations (OWA, EWS, etc.)
Client Access Services: AutoDiscover and client settings

Security Categories

Exchange Certificates: All certificates with expiration dates
Authentication Methods: Virtual directory authentication settings
TLS Configuration: Transport security settings
Anti-Spam Policies: Exchange Online Protection settings
Anti-Malware Policies: Malware protection configuration
Safe Attachments/Links: Defender for Office 365 policies

Transport Categories

Receive Connectors: Inbound SMTP configuration
Send Connectors: Outbound SMTP configuration
Transport Rules: Mail flow rules and policies
Transport Configuration: Global transport settings
Accepted Domains: Domain configuration
Remote Domains: External domain settings

Compliance Categories

Retention Policies: Email retention configuration
DLP Policies: Data loss prevention rules
Journal Rules: Journaling configuration
Audit Configuration: Logging and audit settings
Role Assignments: Administrative permissions

Understanding Critical Alerts

The script automatically identifies potential issues and highlights them prominently:

Critical Issues (Red Alerts)

Expired Certificates: SSL/TLS certificates that have already expired
Security Vulnerabilities: Configurations that pose immediate security risks
Service Disruptions: Settings that could cause service outages

Warnings (Yellow Alerts)

Certificates Expiring Soon: Certificates expiring within 30 days
Configuration Drift: Settings that deviate from best practices
Capacity Issues: Resource utilization approaching limits

Healthy Status (Green Indicators)

Valid Certificates: Certificates with sufficient validity period
Optimal Configuration: Settings aligned with best practices
Normal Operation: Services operating within expected parameters

Troubleshooting Guide

Even the best scripts can encounter issues. Here’s how to diagnose and resolve common problems you might encounter.

Common Issues and Solutions

PowerShell Module Issues

Problem: “Module not found” errors

Symptoms: Script fails with module import errors

Solution:

# Check installed modules

Get-Module -ListAvailable | Where-Object {$_.Name -like “*Exchange*”}# Install missing modules

Install-Module -Name ExchangeOnlineManagement -Scope CurrentUser -Force

Install-Module -Name Microsoft.Graph -Scope CurrentUser -Force# Update existing modules

Update-Module -Name ExchangeOnlineManagement

Problem: Module version conflicts

Symptoms: Cmdlets not working as expected

Solution:

# Remove old versions

Uninstall-Module -Name ExchangeOnlineManagement -AllVersions

Install-Module -Name ExchangeOnlineManagement -Scope CurrentUser# Force import specific version

Import-Module ExchangeOnlineManagement -Force

Connection Problems

Problem: Cannot connect to Exchange Online

Symptoms: Authentication failures or timeout errors

Solutions:

# Clear existing sessions

Get-PSSession | Remove-PSSession

Disconnect-ExchangeOnline -Confirm:$false# Test basic connectivity

Test-NetConnection -ComputerName outlook.office365.com -Port 443# Reconnect with verbose logging

Connect-ExchangeOnline -ShowProgress $true -Verbose

Problem: On-premises Exchange connection fails

Symptoms: PowerShell remoting errors

Solutions:

# Test WinRM connectivity

Test-WSMan -ComputerName exchange01.contoso.com# Check PowerShell remoting

Test-NetConnection -ComputerName exchange01.contoso.com -Port 80# Verify credentials

$cred = Get-Credential

Enter-PSSession -ComputerName exchange01.contoso.com -Credential $cred

Permission Errors

Problem: “Access Denied” errors

Symptoms: Script fails to collect certain data

Solutions:

Verify you have Exchange Administrator role
Check if MFA is properly configured
Ensure account is not disabled or locked
Verify tenant-level permissions for Exchange Online

Permission Verification Commands# Check current Exchange Online permissions

Get-ManagementRoleAssignment -RoleAssignee (Get-User $env:USERNAME).Identity# Test basic Exchange cmdlets

Get-OrganizationConfig | Select-Object Name, ExchangeVersion# Verify Graph permissions (if using)

Get-MgContext | Select-Object Scopes

⚡ Performance Issues

Problem: Script runs very slowly

Causes and Solutions:

Large environment: Use -IncludeDetailedStats sparingly
Network latency: Run from a machine closer to Exchange servers
Throttling: Exchange Online may throttle requests

Performance Optimization Tips# Run without detailed stats for faster execution

.\Exchange-Documentation-Script-Enhanced.ps1 -Environment Online# Use specific output path on fast storage

-OutputPath “D:\FastDrive\Reports”# Run during off-peak hours

# Schedule for nights or weekends

Diagnostic Commands

Use these commands to diagnose issues before running the main script:

# Check PowerShell version

$PSVersionTable# Verify execution policy

Get-ExecutionPolicy -List# Test Exchange Online connectivity

Connect-ExchangeOnline -ShowProgress $true

Get-OrganizationConfig | Select-Object Name# Check available disk space

Get-WmiObject -Class Win32_LogicalDisk | Select-Object DeviceID, FreeSpace, Size# Verify network connectivity

Test-NetConnection -ComputerName outlook.office365.com -Port 443

Pro Troubleshooting Tips

Start Simple: Test with minimal parameters first
Check Logs: Review PowerShell transcripts if enabled
Isolate Issues: Test individual components separately
Update Regularly: Keep modules and scripts updated
Document Solutions: Keep notes of fixes for future reference

Security Considerations

Security should always be a top priority when working with Exchange infrastructure. Here’s how to use the script securely and protect your environment.

️ Script Security Features

✅ Built-in Security Measures

Read-Only Operations: The script only reads configuration data
No Configuration Changes: Zero risk of modifying your Exchange environment
Encrypted Connections: All communications use HTTPS/TLS
Modern Authentication: Supports MFA and certificate-based auth
Credential Protection: No credentials stored in the script

Authentication Best Practices

Interactive Authentication

Best for: Manual execution and testing

Supports multi-factor authentication
Uses modern authentication flows
No stored credentials
Ideal for one-time runs

Certificate-Based Authentication

Best for: Automated and scheduled execution

No interactive prompts
Suitable for automation
Enhanced security
Audit trail friendly

Data Protection Guidelines

⚠️ Sensitive Information in Reports

The generated reports contain detailed configuration information that could be sensitive:

Server names and IP addresses
Certificate details and thumbprints
SMTP relay configurations
Security policy settings
User and mailbox statistics

Secure Storage Recommendations

Report Storage Best Practices
Store reports in encrypted folders or drives
Use network locations with proper access controls
Implement retention policies for old reports
Consider using Azure Storage with encryption
Restrict access to authorized personnel only
Regular review and cleanup of stored reports

Security Monitoring

Monitor these security aspects when using the script:

Security Aspect	What to Monitor	Recommended Action
Certificate Expiration	Expired or expiring certificates	Renew certificates before expiration
Authentication Methods	Weak authentication configurations	Enforce strong authentication
TLS Configuration	Outdated TLS versions	Upgrade to TLS 1.2 or higher
SMTP Security	Open relay configurations	Restrict relay permissions
Access Permissions	Excessive administrative rights	Apply principle of least privilege

Secure Automation Setup

For automated execution, follow these security guidelines:

# Create dedicated service account # Grant minimal required permissions # Use certificate-based authentication # Example secure automation command

.\Exchange-Documentation-Script-Enhanced.ps1 `
-Environment Online `
-AppId “your-app-id” `
-CertificateThumbprint “your-cert-thumbprint” `
-TenantId “your-tenant-id” `
-OutputPath “\\secure-share\reports\$(Get-Date -Format ‘yyyy-MM-dd’)”

Security Checklist

Review and approve script before first use
Test in non-production environment first
Use dedicated service accounts for automation
Implement proper access controls on reports
Regular security review of generated reports
Monitor for unauthorized script execution
Keep scripts and modules updated
Document security procedures and approvals

Automation & Scheduling

Once you’re comfortable with the script, you can automate it to run regularly, ensuring your Exchange documentation stays current without manual intervention.

⏰ Windows Task Scheduler Setup

The most common way to automate the script is using Windows Task Scheduler:

1Create the Scheduled Task# PowerShell command to create scheduled task

$action = New-ScheduledTaskAction -Execute “PowerShell.exe” -Argument “-File C:\Scripts\Exchange-Documentation-Script-Enhanced.ps1 -Environment Online -OutputPath C:\Reports\Automated”$trigger = New-ScheduledTaskTrigger -Weekly -DaysOfWeek Monday -At “02:00AM”$settings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -StartWhenAvailable$principal = New-ScheduledTaskPrincipal -UserId “DOMAIN\ServiceAccount” -LogonType PasswordRegister-ScheduledTask -TaskName “Exchange Documentation” -Action $action -Trigger $trigger -Settings $settings -Principal $principal

Automation Scenarios

Monthly Compliance Reports

Schedule: First Monday of each month

$trigger = New-ScheduledTaskTrigger -Monthly -DaysOfMonth 1 -At “01:00AM”

Use Case: Regular compliance documentation

Weekly Health Checks

Schedule: Every Sunday night

$trigger = New-ScheduledTaskTrigger -Weekly -DaysOfWeek Sunday -At “23:00”

Use Case: Certificate monitoring and health assessment

Daily Monitoring

Schedule: Every day at 6 AM

$trigger = New-ScheduledTaskTrigger -Daily -At “06:00AM”

Use Case: Critical environment monitoring

On-Demand Execution

Schedule: Manual trigger only

$trigger = New-ScheduledTaskTrigger -Once -At (Get-Date).AddMinutes(1)

Use Case: Incident response and troubleshooting

☁️ Azure Automation Integration

For cloud-based automation, you can adapt the script for Azure Automation:

Azure Automation Runbook Setup
Create an Azure Automation Account
Import required PowerShell modules
Create a runbook with the script content
Configure managed identity for authentication
Schedule the runbook execution

# Azure Automation runbook example

param(

[Parameter(Mandatory=$true)]

[string]$Environment = "Online",

[Parameter(Mandatory=$false)]
[string]$StorageAccount = "yourstorageaccount"
)

# Connect using managed identity
Connect-AzAccount -Identity

# Run the documentation script
.\Exchange-Documentation-Script-Enhanced.ps1 -Environment $Environment

# Upload results to Azure Storage
$storageContext = New-AzStorageContext -StorageAccountName $StorageAccount -UseConnectedAccount
Set-AzStorageBlobContent -File $reportPath -Container "reports" -Context $storageContext

Notification Integration

Enhance your automation with notifications:

Email Notification Script

# Add to the end of your automation script

$reportSummary = @{

Environment = $Environment

ReportDate = Get-Date

CategoriesDocumented = $Script:ReportData.Keys.Count

CriticalAlerts = $criticalAlertCount

}

$emailBody = @"
Exchange Documentation Report Completed

Environment: $($reportSummary.Environment)
Report Date: $($reportSummary.ReportDate)
Categories Documented: $($reportSummary.CategoriesDocumented)
Critical Alerts: $($reportSummary.CriticalAlerts)

Reports saved to: $outputPath
"@

Send-MailMessage -To "[email protected]" -From "[email protected]" -Subject "Exchange Documentation Complete" -Body $emailBody -SmtpServer "smtp.contoso.com"

Microsoft Teams Integration

# Teams webhook notification

$teamsWebhook = "https://outlook.office.com/webhook/your-webhook-url"

$teamsMessage = @{
"@type" = "MessageCard"
"@context" = "http://schema.org/extensions"
"summary" = "Exchange Documentation Complete"
"themeColor" = "0076D7"
"sections" = @(
@{
"activityTitle" = "Exchange Documentation Report"
"activitySubtitle" = "Automated documentation completed"
"facts" = @(
@{ "name" = "Environment"; "value" = $Environment },
@{ "name" = "Categories"; "value" = $Script:ReportData.Keys.Count },
@{ "name" = "Critical Alerts"; "value" = $criticalAlertCount }
)
}
)
}

Invoke-RestMethod -Uri $teamsWebhook -Method Post -Body ($teamsMessage | ConvertTo-Json -Depth 10) -ContentType "application/json"

Critical Alert Notifications

# Send immediate alerts for critical issues

if ($criticalAlertCount -gt 0) {

$alertSubject = "CRITICAL: Exchange Issues Detected - $criticalAlertCount alerts"

$alertBody = @"

CRITICAL EXCHANGE ALERTS DETECTED

The automated Exchange documentation has identified $criticalAlertCount critical issues that require immediate attention:

$($criticalAlerts -join "`n")

Please review the full report immediately: $htmlReportPath

This is an automated alert. Please do not reply to this email.
"@

Send-MailMessage -To "[email protected]" -From "[email protected]" -Subject $alertSubject -Body $alertBody -Priority High -SmtpServer "smtp.contoso.com"
}

Automation Best Practices

Use dedicated service accounts with minimal permissions
Implement proper error handling and logging
Set up monitoring for automation failures
Regular testing of automated processes
Backup and version control for automation scripts
Document automation procedures and dependencies
Implement notification systems for critical issues
Regular review and maintenance of automated tasks

⭐ Best Practices

To get the most value from the Exchange Documentation Script and ensure smooth operations, follow these proven best practices.

Planning Your Documentation Strategy

Regular Schedule

Monthly: Comprehensive reports for compliance
Weekly: Health checks and certificate monitoring
Daily: Critical environments only
On-Demand: Before/after major changes

Report Organization

Use date-based folder structures
Separate reports by environment
Archive old reports regularly
Maintain naming conventions

Team Collaboration

Share reports with relevant teams
Create executive summaries
Establish review processes
Document action items

Continuous Improvement

Regular script updates
Feedback collection
Process refinement
Training and knowledge sharing

Performance Optimization

⚡ Speed Up Your Documentation
Run scripts during off-peak hours
Use fast storage for output files
Limit detailed statistics to when needed
Run from machines close to Exchange servers
Use certificate-based auth for automation
Monitor and optimize network connectivity

Report Management

File Organization Strategy

C:\Exchange-Reports\

├── 2024\

│ ├── 01-January\

│ │ ├── Weekly\

│ │ ├── Monthly\

│ │ └── OnDemand\

│ ├── 02-February\

│ └── …

├── Archives\

├── Templates\

└── Scripts\

Security Best Practices

Security Area	Best Practice	Implementation
Authentication	Use certificate-based auth for automation	Create dedicated app registrations with certificates
Permissions	Apply principle of least privilege	Grant only required Exchange admin roles
Data Protection	Encrypt sensitive reports	Use encrypted storage and secure transmission
Access Control	Restrict report access	Implement proper file and folder permissions
Audit Trail	Log all script executions	Enable PowerShell transcription and logging

Training and Knowledge Transfer

Building Team Expertise

Documentation: Maintain detailed procedures and runbooks
Training Sessions: Regular team training on script usage
Knowledge Base: Create internal wiki or knowledge base
Mentoring: Pair experienced users with newcomers
Regular Reviews: Periodic review of processes and improvements

Maintenance and Updates

Keeping Everything Current
Regular PowerShell module updates
Script version control and updates
Testing updates in non-production first
Backup configurations before changes
Monitor Microsoft Exchange updates
Review and update automation schedules
Validate report accuracy periodically
Update documentation and procedures

Measuring Success

Track these metrics to measure the value of your documentation efforts:

⏱️ Time Savings

Reduced manual documentation time
Faster troubleshooting
Quicker compliance reporting
Streamlined audit processes

Accuracy Improvements

Elimination of manual errors
Consistent reporting format
Complete configuration coverage
Real-time data accuracy

Issue Detection

Proactive certificate monitoring
Early security issue identification
Configuration drift detection
Compliance gap identification

Business Value

Improved compliance posture
Reduced audit costs
Better change management
Enhanced security monitoring

Final Recommendations

Start Small: Begin with basic documentation and expand gradually
Test Thoroughly: Always test in non-production environments first
Document Everything: Keep detailed records of your processes
Stay Updated: Regularly update scripts, modules, and procedures
Share Knowledge: Build team expertise and share best practices
Monitor Results: Track the value and impact of your documentation efforts

GitHub - MSB365/ExchangeDocumentationScript

Contribute to MSB365/ExchangeDocumentationScript development by creating an account on GitHub.

Post Views: 6,539

Designate Teams admin roles

In this article I would like to take a closer look at the different Microsoft Teams Admin roles. My

Message Encryption with Office 365

At the Ignite 2017 Microsoft presented a bulk of new features which are waiting for us in 2018. One of

Configure a dial plan

Since more and more companies are replacing their conventional telephony infrastructure with Microsoft Teams Enterprise Voice, telephony behaviour is also

Azure Application Proxy

What is the Azure Application Proxy? Azure AD Application Proxy is a feature of Azure AD Premium and Azure AD

Deploying Intune Applications

This article is a follow-up article based on my article “Microsoft Intune Automatization Script“. In this article, I introduce you

Address policy by recipient filters

There are several ways how we can create email address policies for an Organization. In the companies where I consult,

Product Review | Stellar Phoenix Mailbox Exchange Recovery Tool

This week I had the opportunity to review the Stellar Phoenix Mailbox Exchange Recovery Tool. The background for this is,

encrypted contacts manager

Today Proton Technologies Ltd. presented a new feature in their portfolio. Proton is a know swiss company who created a full

Naming convention suggestion

Creating a standardized and consistent naming convention for IT infrastructures based on Microsoft 365 and Microsoft Azure is essential for

Re award as a Microsoft MVP - 2022

It is the first of July 2022 and, just like a year ago, it is with great pleasure that I

Microsoft Kaizala will be integrated into Office 365

What has been mentioned for a long time is now becoming a fact, Microsoft Kaizala will be integrated

Rewarded as Microsoft MVP - Number 5

Today is the sixth of July and I am extremely pleased to have received an email from Microsoft on this

New Design

After several years we have decided to redesign our website. We hope you like the new design… On this occasion,

10 Useful PowerShell cmdlets for Exchange

On the Ignite 2017 Steve Goodman held a very good session about 10 useful PowerShell commands, which are important to know

Announcement Cloud8 Summit - 5th Edition

It’s almost time for the 5th edition of the Cloud8 Summit. As things stand, it seems that the COVID pandemic

Extended support for Exchange 2010

Last week Microsoft has announced surprisal, that the support of Exchange 2010 will be extended for few more months

Modify Mailbox type using Exchange Attribute Editor

A few days ago, I had to configure a few mailboxes for enabling message copy while sending. However, this is

Understanding Explicit Consent for Recording in Microsoft Teams: A Guide for Enhanced Transparency and Privacy

In today’s digital landscape, where communication and collaboration often occur virtually, ensuring user privacy and fostering trust has become paramount.

The future of Messaging - a personal view

I am working many years in IT, most ot the time with the messaging and emailing. My first steps I

Anonymous E-Mail as an alternative

Have you ever thought about your email privacy? People email each other everyday for different purposes. From holiday greetings

Exchange Online Journaling & Reporting

Journaling on Exchange (on-premise) is a feature that is often needed, especially for companies that have an obligation to the

PowerShell Script - Setting Calling Policies for multiple users

This article serves as documentation for the script, which is stored on GitHub. The corresponding script can be downloaded from

Ransomware Strain Encripts Cloud Email

A new ransomware strain dubbed as “ransomcloud” has been developed and it can encrypt online email accounts like Office 365

Enabling Sent Items Copy features with Exchange online for shared mailboxes

Shared mailboxes are great. They can be used for a variety of scenarios within your environment. What is that

Mailbox size and Quota useful PowerShell commands for Exchange

There are many cool scripts on the Technet about mailbox size and quota reporting. The same about searching for them

Microsoft Bookings available in Office 365

At the end of April, Microsoft announced in its Message Center update that Microsoft Bookings, a self-service scheduling tool, will

Planning an Office 365 migration

Many articles were written in the past about migrating environment to Office 365. In this article I don’t want to

Microsoft Intune Automatization Script

I am currently working on a new project involving the integration and configuration of Microsoft Intune in a hybrid environment.

Tools (and Migration Playbook) for Mail migration

Foreword In this article, I describe one (of several) ways in which a mailbox migration can be carried out from,

Deploy Windows 10 usin Intune - and USB Stick

There are different ways to roll out Windows 10. One option that is becoming increasingly popular is the deployment with

Customize Password Expiration in Office 365

Having password policies in a company is good! Very good! And important! Using on-premises active directory and GPO’s makes it

Microsoft Teams phone meets Copilot

Since its launch in 2017, Microsoft Teams has stood by a unique perspective: integrating communication and collaboration seamlessly into a

Problems by changing language because of Yammer Root

Some days ago one of our users has opened a ticket that he is not able to change his Outlook

Microsoft Ignite - Review

Microsoft Ignite this year is already finished, and it was a huge event and It was an honour for me

Adding a Domain to Office 365 with PowerShell

One of my customers has bought another company, so they needed to add the new company domain to their environment.

Azure Active Directory Pass-through Authentication

As far we know until today, the best solution form the Microsoft point of view is, to use ADFS to

Office 365 admin roles

By using Office 365 we have a new horizon of opportunities and features we can go with. In the other

Mailbox Location Report Script

Generate Comprehensive Mailbox Reports with PowerShell Discover which mailboxes are in Exchange Online vs On-Premises with this powerful

Intune MAM for Exchange On-Premise Mailboxes

A couple of months ago, I was working on a project to reveal the power of Microsoft Intune for my

Microsoft 365 assessment Script

Introduction In this article, I describe one of the most elaborate scripts I have ever written for the community. This

Recommendation - Microsoft 365 authorization concepts - Part 1

Microsoft 365 administrators have various roles and tasks that they need to manage to ensure that the organization runs smoothly.

Merge Exchange online Mailbox with on-premise AD account

One of my customer runs a hybrid exchange environment. By the onboarding process of new employees he needs to create

Create dynamic Azure AD Group for Autopilot deployment

This script helps to create dynamic Azure AD groups based on the PowerShell module Graph SDK. The idea is that

Office 365 Ports and Firewall Challenges

In this article I would like to talk about the deployment of Office 365. We can prepare, automate, customize, etc.

Celebrating My 7th Microsoft MVP Award!

A Journey of Excellence in Microsoft 365 Technologies I’m Thrilled to Announce… I am extremely happy and

Veeam Backup for Microsoft 365 v7

My daily work with Microsoft 365 includes not only Microsoft Teams Enterprise Voice (or Microsoft Teams Phone as it is

How to handle domains during a Tenant migration

It’s now already some years I am supporting companies with their journey to the cloud. Having read the Microsoft announcment

Part 2 - Assign Teams Licenses

To use Teams Phone, you’ll first need to assign the following licenses to a user: Microsoft Teams Microsoft 365 Teams

Part 5 - Enable users for Direct Routing with Teams Phone

Before you can enable Direct Routing for users, you’ll need to have configured it at the organization level. This will

Clear Microsoft Teams cache using PowerShell - Intune compatible

In this blog article I describe the functionality (documentation) of my latest script for Microsoft Teams. It is about deleting

The Way to go | Microsoft cert path's

This day’s I spoke with on of our Junior Engineers about Microsoft certifiations an certification paths. He wasn’t sure which

Powershell function for Exchange online

Working as a consultant for multiple customers forces us to connect multiple times a day to different Exchange Online management

Microsoft adds support for Google Gmail IDs to Azure Active Directory

Microsoft has fulfilled the promise about enabling Gmail users to collaborate with others, using Azure Active Directory (B2B) without the

Cloud8 virtual Summit

The first Cloud8 virtual event will take place on May 22. Here in this article I describe briefly what it

Remove a former employee from Office 365

Have an employee leaving and need to block access to data and email? To do this: Go to Active Users.

Export and merge Mailbox Informations and Archive Informations

I was asked to create an informal export from Mailboxes with the Total Mailbox Size. Till now nothing special, I

Configure remote domain for automatic replies

Few weeks ago, I was working on a migration project between two independent domains. The project by itself was huge

Get the Exchange Virtual Directories by PowerShell

You can check in a very easy Way all of your Exchange Virtual Directories by using my Script I share

Cloud Solution Provider (CSP) program Important Informations!!!

Availability The Cloud Solution Provider program is available to companies with offices in the following countries/regions. These are grouped

.NET Assemblies In PowerShell - Part 3: Create Active Directory objects

In the first parts of the series “.NET Assemblies In PowerShell”, I wrote about managing existing Active Directory groups and

Add BULK Users from CSV to Azure AD Group

This script is for the following use case: An administrator needs to add multiple users from an organisation to an

Microsoft Ignite Splitter - A look back

Microsoft Ignite this year is already finished, and it was a huge event and It was an honour for me

Bulk import pictures in Office 365 users

A few days ago I got a customer request about User photos. The company had just migrated from Exchange 2010

Enabling Audit Logs in Office 365 Security and Compliance

After an organization has deployed Office 365, the companies’ administrator roles will be changed. Each company needs an administrator, who

Remove old EAS Devices

Earlier this month I had to make some cleanups in a customer’s Exchange infrastructure. On one side, I had to identify

Major Update Office 365 | Group members receive email in their mailbox

Microsoft has announced a new major update that group members are able to receive group emails in their personal mailboxes.

Deploy Remote Desktop Gateway (RDS)

For creating a Remote Desktop Gateway infrastructure we need different configuration steps. For the Deployment I prefer to use PowerShell.

Automatisation Office 365 Language Settings

By using Office 365 you are syncing your local Active Directory with Azure AD which is comming together on Office

Microsoft submerges data center in the sea

Microsoft sunk a data center in the sea. The company wants to accelerate the development of self-sufficient underwater data centers

Microsoft Most Valuable Professional

I am proud to announce that I was awarded today by Microsoft, with the Microsoft Most Valuable Professional (MVP) Award

Microsoft Ignite Splitter | Day 2

Day one has already passed, and I am looking forward for day two… My second day on the Ignite stated

Microsoft Teams: Private Line

Microsoft has done it again! What? More feature updates in the Microsoft Teams area. Okay, that’s not much of a

Microsoft Ignite Splitter - Day four

Day four at the Microsoft Ignite 2019. If you ever was wondering what equipment Attendees are carrying on during the

Migrating on-premise Mailboxes to Office 365 by using Quest Tools

Bevor I start writing this Article, I want to mace clear, I don’t get paid for this Post from the

Issue deleting Mailbox - Active directory response: 00000005: SecErr: DSID-03152612, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

Recently, one of my customers reported a problem that he was unable to delete a mailbox of a former employee.

Customize the Office 365 encryption Message

Microsoft Office 365 allows us in a very easy way to encrypt messages to our recipients. To be able to

Mail forwarding to external Mail address BULK

Especially during a messaging migration, situations may arise where external message forwarding has to be set up for several users.

Enable TLS 1.2 and disable SSL 3.0 on Exchange Servers

On October 31 Microsoft will disable TLS 1.1 for Exchange. If you have not changed your environment to TLS 1.2

Register Application in EntraID - Using PowerShell

In today’s digital landscape, automating processes is an essential part of increasing efficiency and maximizing productivity. In this blog post,

Transfer FSMO Roles by PowerShell

If FSMO role holder DC goes under upgradation process or down, we think about FSMO roles as its important and

Another 10 useful PowerShell cmdlets for Exchange

After all the positive feedback to my article “10 Useful PowerShell cmdlets for Exchange” (thanks again to Steve Goodman), I

Finding out the own Tenant ID

Recently I was asked for one of my customers how he can find out his Tenant ID. The Office 365

Meltdown/Spectre Powershell Module

Meltdown is currently thought to primarily affect Intel processors manufactured since 1995, excluding the company’s Itanium server chips and Atom

Fix: Teams Phone Device Rollout

Depending on the tenant configuration, there may be problems with the rollout of Team Certified phones. Here is a solution:

.NET Assemblies In PowerShell - Part 1: Manage Active Directory groups

The most popular way to manage Active Directory with PowerShell is to use the cmdlets provided by the PowerShell module

Microsoft Teams calling ID policies (plus Script documentation - How to)

An extremely important element in the field of telephony, apart from incoming calls and their management, is the element of

Recommendation - Microsoft 365 authorization concepts - Part 2

This article is a continuation – i.e. Part 2 – of the article Recommendation – Microsoft 365 authorization concepts –

Microsoft Hybrid Agent for Exchange

Microsoft sees midsize businesses as users of Office 365 and is setting things in motion to facilitate the migration of

Error by installing Exchange CU (Event 1002)

Today I had to install new Exchange 2016 CU on a customer’s exchange environment. Normally that is an easy going

Intune Deploy Win32 applications - public preview

Seems like Microsoft really cares a lot about the ideas that users post on the Intune Feedback page. 🙂

MFA with Microsoft Authenticator App for OWA

In one of my last articles, I wrote about installing, customizing and about the functionality of the ADFS servers. Today

Microsoft has finally released a new Teams PowerShell Module

On March 14th 2017 in New York, Microsoft has announced that MS Teams will be released worldwide. Not sure if

Sensitivity Labeling with Microsoft

For almost a year now, we have had to deal with the COVID-19 pandemic. Many of us can work from

Create DAG by PowerShell

How to create fast and clean a new Exchange DAG? – Use PowerShell! Since the last Versions of Exchange we

How does the cloud work?

When I studied at the Technical University in Chur, there was a generational gap Type between our professors who learned

Microsoft Teams Presence Report

I’m excited to share a new PowerShell script I’ve developed that dives into Microsoft Teams presence data and generates a

Enable UM for multiple Exchange Mailboxes

Background Some time ago I was on a very interesting project about on-premise infrastructure, Exchange online and 3rd party player

Configuring ADFS for Office 365

Almost everyone is using Cloud services, there are a lot of them like Azure, Office 365, G-Suite, Dropbox, AWS. Some

Outlook Web App supports now third party storage

Microsoft has announced about new feature that soon it will be possible to add third party storage for Outlook Web

Do I need an on-premise Exchange using Exchange online?

The story is often the same one: I get invited for a workshop from a customer about projects for messaging

The new Exchange Server

Microsoft revealed today their plans for Microsoft Exchange. This means that a new Exchange version is being released. This is

PowerShell does not reflect the correct server for Mailboxes

By preparing tasks for a customer’s Enterprise Vault I had to figure out on which Mailbox Database and on which

How to build a call center with Microsoft Teams

Microsoft is becoming more and more a telephony provider. With the possibility of building a call centre with native tools

How to import an Outlook 2010 PST to Office365

Last month one of our Junior Engineers got a task to move some outlook information’s to the O365 Mailbox. It

Easy Office 365 Management -AdminDroid

Cloud services from Microsoft, Amazon, Google and other service providers have been booming not only since the Corona crisis. Of

Generate Email for default Mails over PSForm

I was asked from a small Business Company to create an easy way for the Administration, to create default Email

Mail encryption issues with PGP and S/MIME (high importance)

PGP and S / MIME encryption is not nearly as reliable as expected. Inadequate standards, outdated technology, and malicious programs

Microsoft Ignite Splitter - Day five

Here we are, the last Day at Microsoft Ignite 2019 has come 🙁 This article is not about a lock

Create an Exchange federation between Exchange and Office 365 Organization

Prolog Recently I had a small project by one of my customers. This customer company has bought another company and

Five more PowerShell commands you need to know

In this article I would like to return to an old series. It’s about PowerShell commands that we should all

Conditional Access Reporting

This article is a documentation for another script which I have written and would like to make available to the

Checklist: How companies use Microsoft 365 securely

Microsoft 365 provides companies with numerous protective measures that ensure a high level of security for all applications and data.

Microsoft Exchange Server SE - Good to know

It’s been a few days now since Microsoft announced the next Exchange Server version. You can read my article and

Restarting Stopped Services with PowerShell

Last weekend I had to work on a change request in a company. Our guys from the network team had

GUI based Admin Tool for Windows 10

This PowerShell based tool is used to cover various before and after tasks. More specifically, it covers the tasks involved

Logon problems Session Broker - CAA50021

Some time ago, one of my customers had the problem that after his environment was migrated to the cloud (hybrid

.NET Assemblies In PowerShell - Part 2: Manage Active Directory group members and user accounts

In the first part of this series, I described how you can add and remove members to and from Active

PowerShell commands for Exchange and Office 365 – Part 3

It look’s like I will start a series with this kind of articles. Thank you guys for your resonance and

Offboard M365 User

Preliminary information This article, or rather this script, is based on the GitHub script of the AdminDroid team. Before I

Meeting Room Utilization Exchange online

Introduction I’ve delved into the world of PowerShell scripting to create a solution that records and reports the current utilization

Create a Certificate Request (CSR) without IIS

Prolog There are several ways to create a Certificate request (CSR) for SSL Certificates. There are a large number of

Brief how-to: Enable MFA for Office 365

Here is another article before my Ignite journey this year. 🙂 Today I want to write about activating multi factor

Web Application Proxy PowerShell Cheat Sheet

As Web Application Proxy is a standard Windows Server role service, you can use many Windows Server PowerShell tools to

Microsoft Ignite Splitter | Day 5

Last day at Microsoft Ignite 2018, for me personally there are two sessions waiting for me. The Expo has already

Microsoft Teams Survival Guide

On the Microsoft Technet I found this very interesting Post about Microsoft Teams. I reposted this Article here by me

#MVPbuzzChat with Christian Buckley

For the Episode 233 of the #MVPbuzzChat interview series, I was invited by my fellow M365 Apps & Services MVP

Not able to send Message - User not found

One of my customers is running an exchange environment with multiple Accepted Domains. The reason for that is that this

Exchange PowerShell Suite - by MSB365

In the company I am working for, we have some multiple Exchange projects. To set them up in a standardized

Deprecation announcements Exchange online and Outlook

Microsoft, or rather the relevant product teams, have today made a number of announcements regarding the Deprecation of various services.

Part one - How to secure the number one hacking Target - Email...

Working in IT shows us that one of the main things we must think about is to defend our organization

Understanding S/MIME

Time by time I am getting the same questions from customers, which I try to explai them. Lately one of

Fixing Outlook Calendar Issue

Usually my posts are all about server related topics. But from time to time some Outlook issues appear on my

Master Microsoft Teams Administration with PowerShell

Complete guide to creating comprehensive Microsoft Teams reports using PowerShell and Microsoft Graph. Automate guest user management, compliance

Join the community - Subscribe to the Newsletter

Do you like my posts about Office 365, Exchange, ADFS and PowerShell? So why not subscribe to my newsletter? Get

Exchange 2016 CU9 Released!

The Exchange Team released the March updates for Exchange Server 2013 and 2016, and these Cumulative Updates contain a ton

Error when moving a mailbox to Exchange online

In a project I was running some time ago, one of the main Tasks was to move on-premise Mailboxes to

Ways to migrate to Exchange Online | Office 365

Today, more and more companies are moving their IT environment to the cloud. One of the main services, which is

5 Essential steps to keep all your mails safe

Your email account is a gold mine for hackers. And yet many people still aren’t taking basic precautions to secure

Part 8 - Enable additional calling features for Teams Phone

Audio Conferencing settings allow you to enable or disable, set options such as default Conference Bridge numbers for users, and

Part 7 - Enable a user for voice and voicemail services with Direct Routing

After you have assigned the correct licenses, the next step is to configure the user’s online phone settings. You’ll perform

Email Address Internationalization (EAI) support in Office 365

This Days Microsoft announced that Office 365 will enable Email Address Internationalization (EAI) support in Q1 2018. This can have

Note for the Ignite first timer

In a few days the Microsoft Ignite 2019 in Orlando will start. I am super exited about it and can’t

Mails from external cannot be received after migration to Exchange Online

After migrating several users from Exchange 2010 to Exchange Online it can happen that some of the users are not

Microsoft Ignite Splitter - Day two

Second day at Ignite started very early for me, this year I didn’t travel alone from switzerland to U.S. My

Microsoft To-Do is released

Today I received a Email from Microsoft that they began with the Rollout of Microsoft To-Do. But what is Microsoft

Microsoft Ignite Splitter | Day 1

First day on Ignite is over, and here we go with Ignite Splitter for the first day… When I was

Advanced version of the Teams Voice Admin Tool

A few weeks ago, I wrote a PowerShell script concerning the Teams Voice Admin Tool. This script received a good

Microsoft Exchange services and ports

Every Microsoft product is very complex in itself, depending on the role and functionality there are different communication channels and

Microsoft Teams and Telephony

Along with emailing and chatting, telephoning is one of the most important communication tools of our time. Even more, long

Announcement and teaser for the Cloudeight virtual Summit on November 13

We are currently in the planning phase for the second cloudeight virtual summit, which will take place on November 13th.

Choosing the right .NET version for your exchange environment

Before you install Exchange 2016, you need to review the topic to ensure that your network, hardware, software, clients, and

Migrate from Gmail to Office 365

There are many articles in the field about migrating from on-premise Exchange to Office 365, but how about migrating from

Block inbound calls

As Microsoft Teams continues to replace conventional telephony systems, there are more and more tasks to be done in this

Cloud Identity - Step by step with Office 365

In all projects in which I am consulting with my customers, most of the questions are about the functionality of

Change Language settings by Office365 Mailbox

After the migration to Exchange online there are Users, which have language Issues. This kind of problem occurs mostly by

PowerShell Script for creating License Groups including assignments

Since I rely heavily on standardization for my clients, I have created a new script that I would like to

Scalability update for Exchange 2016

In the end of September 2017 Microsoft has announced a significant update to the scalability guidance for Exchange 2016. If

Managing shared Mailboxes using PowerShell

I just had to do some additional work in a project we have just finished. One of the main tasks

Microsoft Teams name change on MacOS

With the recent General Available of New Teams on Mac, there are changes that impact the management of some tenants

How to check current Exchange Server version

Sometimes the simplest things need the most time to find out. There are many different versions of Exchange servers installed

Add, remove and manage email alias using Powershell

This short article is about a returning question about how to add or remove smtp alias addresses using the Exchange

Part 4 - Assign calling policies and dial plans to a user

While you can assign a multitude of policies to Teams users, two important policies for Voice are dial plans and

Set "SendAs" and/or "FullAccess" permissions on mailboxes

Setting “SendAs” and “FullAccess” authorizations is basically old hat. There are many blog articles and also many scripts on how

Autodiscover and further DNS

In one of my LAST articles I have described the MX-Records and the SPF-Records, how they work and why we

Automated ADFS setup - with WAP roles for Exchange and Skype

It is already some time ago that I have posted a PowerShell script to the community. So I thought why

Part 3 - Assign phone numbers and emergency locations to users

After assigning licenses to users for Teams Phone, you’ll then need to assign phone numbers and emergency locations. In European

Microsoft Outlook cannot start Microsoft Office Outlook. Cannot open the Outlook Window

Today one of my Customers contacted me that he is not able to start his Outlook Client after migrating his

DNS settings for mail flow in Office 365

If we want to use cloud services it is necessary to understand how DNS works. In this specific article I

Install Exchange Management Shell on your Computer

If you’re administrating an Exchange organisation there are different ways to do it. The simple way is to use the

Microsoft uncovers Windows 11 - these are the new features

New user interface The most obvious change is the new taskbar, which now displays pinned program icons centered at the

How To Export Office 365 Mailboxes To Outlook PST

The online version of Exchange (Office 365) does not have the same EDB to PST conversion features that its on-premise

Fix Office 365 issues using the Microsoft Tool "SaRA"

Each of us has had issues with Outlook OneDrive or other Office 365 themes in the past. Microsoft has provided

Orphaned Exchange Online External Contacts preventing users account to sync to Exchange Online

I recently had a problem with an Exchange Online tenant. There was an external mail contact which was previously synchronised from Active

Try now - The "new" Microsoft Teams Client

Microsoft is currently working on a major update for the Microsoft Teams Client for Windows. Microsoft Teams is increasingly becoming

Script: All information about Mobile devices

Today I had to prepare some things for migration between two Active Directory forests. Both sites have a 2-Way trust

All about Exchange 2019

Many companies are still using the on-premise version of Exchange Server. And the IT departments have faced the decision of

Windows Server 2012/2016: Installing and Configuring PowerShell Web Access (PSWA)

PowerShell on Samsung Galaxy and iPhone? PowerShell Web Access is a new Windows Server Feature. It provides a web-based PowerShell

Accessing Copilot for Microsoft 365: A Comprehensive Guide

Microsoft Copilot is not a tool that only needs to be planned for use in the future, no, it is

Reaward as Microsoft MVP 2021

Today is the first of July and I am extremely pleased to have received an email from Microsoft on this

Exchange 2016 problems after setting up CU8: Outlook Web App X-OWA-Error

Last week I had to update a customers Exchange server envoriment with the new CU Pack. It’s an Exchange 2016

Identity model for Office 365 - 3 ways...

By most of the companies I know or I was working with, there are two scenarios when I was speaking

Problem with Exchange management shell: IncorrectProtocolVersion

Today I want to write about some small issue one of my customers just had.This customer has installed an exchange

Sixth Time's the Charm: Honored to Be Named Microsoft MVP Again!

I’m thrilled to announce that I’ve been awarded the prestigious Microsoft Most Valuable Professional (MVP) Award for the sixth year

Part two - How to prevent attacks against our business

In the first part of my small trilogy we have learned about the risks, which are waiting over the Emails.

Phishing attack simulation in Exchange online - Part one

Prolog One of the biggest dangers in the industry for IT professionals is attacks on their own company network. There

Add or change Azure administrator roles that manage the subscription or services

You can change the Azure administrator that manages your Azure subscription or manages the Azure services used in your subscription.

Manage Windows devices with Intune

With Intune you can manage devices and apps of your employees as well as their access to your company data.

My PowerShell Gallery

Unfortunately Microsoft is about to retire the Technet Gallery. For me this gallery was a fantastic repository to look

Microsoft Ignite 2022 - Personal Lookback

After a two-year break, a physical Ignite took place from 12 to 15 October for the first time since the

Microsoft Ignite Splitter | Day 3

Day tree is just over and the halftime of the Ignite 2018 is already reached. Walking around the convention centre

Microsoft Ignite Splitter | Coming soon

Soon, the Ignite 2018 in Orlando Florida will start. For me personally, after some Tech Summits this Ignite will be

Microsoft Teams - Push to Talk

Some time ago, Microsoft announced a new function for Teams. This is the Microsoft Teams Push to Talk function, which

Installation documentation with Powershell

By setting up or configuring software it is always necessary to make documentations. To document the installation or configuration steps

Multi ADFS Forrest

About the way how you can deploy an ADFS Infrastructure I have already described here and more about ADFS you

Microsoft Ignite Splitter | Day 4

Day four has just ended, it was a long one. I look back to the Universal Studios party back as

PowerShell Script - Defender onboarding

Not every company uses Microsoft Intune or System Center, but this does not mean that tools such as Microsoft Defender

Cleaning up Mailbox Folder Permissions

I guess many of you who are reading my blog are also working in the Messaging and/or Cloud area. That

Part 1 - Enable users for Teams Phone

After you have set up your organization’s configuration for Teams Phone with Calling Plans or configured a partnership with your

PowerShell script for Network Drive mapping

In this article I describe another small script that should simplify the daily work with Microsoft Intune. This is about

Reaward as Microsoft MVP

Today is the first of July. This is a very special day for every Microsoft MVP. On this day the

Microsoft Teams add-on licenses - Overview

After we have dealt with the various roles and capabilities of Microsoft Teams in the article Designate Teams admin roles,

GRAPH UPDATE: Add BULK Users from CSV to Azure AD Group

For a given occasion, I have rewritten the script: Add BULK Users from CSV to Azure AD Group. The

Building a hybrid Exchange environment

This week, I was on a technical board and had to explain to customers on the level of CTO (chief

Goodbye Xing

Since 22 October 2009 I am now a Xing Member. However, I did not have the Premium Subscription for a

Set automated disclaimer to all E-Mails sending out

Company e-mails have to follow some policies before they can be sent out from an organization. If these policies are

Creating a Exchange 2016 Building Block

Deploying a new Exchange Server infrastructure is never been so Standarted like today with Exchange 2016. In this Post it

Microsoft Teams data Location

The current COVID-19 threat forces more and more companies to use collaburation tools. There are some on the market which

Enable daily Out of Office message - by PowerShell

Here some short article for today… In the morning an IT admin was asking me if it is possible to configure

Teams is now also available without Office 365 subscription

Microsoft make teams available as a free version, regardless of an Office 365 subscription. Free version is offered in 40

The Rising Cybercrime Threat and the Imperative of Robust Password Policies

In today’s digital landscape, businesses are increasingly grappling with the repercussions of cybercrime. Cyberattacks are escalating in frequency, and the

Create SSL Certificate Request by PowerShell

Creating SSL Certificate Requests needs a lot of Time, how to create a Request without IIS I wrote here in

Get all Mobile Devices on Office 365

In the past I have described how we can delete old EAS devices from our Exchange on-premises and/or Exchange online

Archive or not to archive (that is the question)

Archiving emails is a progress many of us knows. Let us have a look back how the scenario was couple

A short note about personal passwords

Strong passwords are an important basis for protecting your data. Unfortunately, many users still use the same passwords for all

Mail flow using connectors in Office 365

There are different reasons to have a hybrid infrastructure. One of them can be that the HR is, for legal

Thank you <3

In this article I have decided not to write a technical contribution. Here you can see a video of me

How to federate multiple Azure AD instances with single ADFS

The standard setting of Azure instance with ADFS is well known, standardized and implemented in the field. We use an

Get Who-Is information over the PowerShell

Finding out who owns a Domain is easy, there are a lot of Web Tools to find out, all informations…

What is end-to-end encryption and how does it work?

End-to-end encryption is the most secure way to communicate privately and securely online. By encrypting messages at both ends of

Fixing mailbox enabled cloud-only user accounts in Office 365 for hybrid migrations

The basic scenario in hybrid Exchange environments is that we have to create an Exchange mailbox on-premise, which has to

PowerShell Email Domain Migration Guide

Overview: This comprehensive guide provides PowerShell commands for migrating email domains in hybrid Microsoft 365 and Active Directory

Exchange Online Protection - EOP

More and more Customers are going to use Exchange online or other Microsoft Cloud services. One of them, which is

Good to know - Email encryption

In this article, I describe the most important points about email encryption in a kind of FAQ. We have all

Office 365 Portal gets a Facelift

Microsoft has announced that the Office 365 Portal will introduced in the new Microsoft 365 admin center. The new admin

Exchange Online Limits

Customers, which are planning to migrate to Exchange online, asks mostly the same questions. How much do it costs to

Finding E-Mail sender IP address

Internet emails are designed to carry the IP address of the computer from which the email was sent. This IP

Phishing attack simulation in Exchange online - Part two

Prolog In my last article about this topic I have described how you can perform simulated phishing attacks on your

Export all Distribution Group and All members in one CSV or/and delete empty Distribution Groups

In some situations we have to Export all the Distribution group and all the members of it to a CSV

Stay Informed with Microsoft Forms Notifications

Microsoft Forms is a powerful tool in the Microsoft 365 suite that allows users to create various types of forms

Migrate Fileserver to SharePoint online with Microsoft Teams - and make it accessible in the File Explorer

Microsoft Temas is becoming more and more the central working point where, regardless of the industry, companies are focusing more

Phishing attack simulation in Exchange online - Part three

Prolog At this point I am happy to present the third part of my series “Phishing attack simulation”. In this

Show Calendar Permission as a Report

Our 2nd level support came up to me earlier this week with a with a request about calendar permissions. He

Add Email Address Policies by PowerShell

To create Mail Address Policies on Exchange I prefer to use PowerShell. If you go this Way, there are some

PowerShell Tool - Teams Voice - BULK handling Voice policies

I was looking for an easy way to distribute Teams Voice policies for several users. I came up with the

Use Telnet for sending e-mails

Prolog This article is about an old school topic. In the last few weeks after my vacation, I was supporting

Entra Application Proxy with on-prem OWA

From time to time I get requests from customers for the following scenario: The customer basically has a hybrid infrastructure,

Microsoft Ignite Splitter - Day one

Here we are, Microsoft Ignite 2019 has finally started. Yesterday on Sunday I was the whole day on a MVP

100 Days with Microsoft Copilot for Microsoft 365

As an honoured Microsoft MVP immersed in the ever-evolving landscape of technology, I witness first-hand the perpetual metamorphosis of tools

Information about "Microsoft 365"

In August 2017 Microsoft released a new Product in their Portfolio. They call it ‘Microsoft 365’. But what is ‘Microsoft

Engineers help Engineers | through Telegram

While I am writing articles on my Blog and surfing on different Forums and Social medias I always have two

Enable Sent Item Copy for shared Mailboxes in Exchange online

Time by time customers are asking me if it is possible, to move sent mails from shared mailboxes, to the

Restoring a Hybrid Exchange Environment

Prolog Recently, I have been getting inquiries from customers, who have the following scenario: The environment was originally an on-premises

Build the Callback function in Microsoft Teams

This article is a sequel for my blog article ‘How to build a call center with Microsoft Teams’ and describes

Download and install the OMS Agent by PowerShell

I had to install on several servers the OMS Agent to manage the Systems in our Workspace. To go forward

Microsoft eliminates device limits for Office 365

So far, the subscriptions of the consumer versions of Office 365 were limited to two devices: home subscribers were allowed

Exchange EWS and SMTP Relay Usage Scanner

Discover Hidden Applications Using Your Exchange Server A PowerShell Solution for Seamless Migration Planning ️ Exchange Server • PowerShell •

Import PST files using Exchange PowerShell

If we want to import PST files into an Exchange mailbox, we can use the PowerShell CMDlet New-MailboxImportRequest. The PST

PowerShell Tool - Teams Voice Admin Tool

In this article I describe the functionality of my Powershell script tool for managing Microsoft Teams Voice. I have developed

Mail security best practices we should follow up

The single biggest threat to our business’s online security is malicious emails. As responsible Messaging Administrators/Engineers/Architects, it’s up to us

Allow Exchange users to see Calendar availability on G Suite

Thanks to the globalization, companies worldwide are working closer with each other. However, not all companies are using the same

Delete Outlook cache with Microsoft Intune

There are various reasons why the Outlook cache needs to be deleted. One of the most common reasons is after

Part three - How to secure the number two hacking Target – our employees…

The last part of my trilogy is about the weakest link, our employees. Some of the things you will read

Office 365 Multi-Geo

In the last general availability Microsoft has finally launched the Multi-Geo option for Exchange online. So, what that means for

Exchange 2016 CU8 Issue Occurs in Hybrid Mode

On December 19th Microsoft has announced thr Cumulative Update 8 (CU8) for Exchange server 2016. With the CU8 Microsoft fixed

Deprecation of Teams live events API on Microsoft Graph

Microsoft recently announced that the Microsoft Graph API for Microsoft Teams live events will be terminated for commercial customers. The

Microsoft Teams Presence Portal

Introducing the Microsoft Teams Presence Dashboard I’m excited to announce the release of the Microsoft Teams Presence Dashboard,

Microsoft Ignite Splitter - Day three

Day three at the Microsoft Ignite 2019, it is unbelievable how fast the time flies. It is halftime again and

Bye bye Skype

Microsoft has announced that Skype for Business will be retired on July 31st, 2021. At the Ignite 2019 in

Assign licenses to users in Office 365 for business

We have a new employee in our company, who starts his work as junior System Engineer. However, as a junior

Configure and manage voice users

Ongoing management is required as new employees start, or if their needs change. Learn how to manage voice user configuration,

VMware Power CLI meets PowerShell

Administrating and operating windows services can be done in different ways, one of the most useful ways is to do

Things to be aware of when migrating to Exchange Online

2018 is already knocking at the door and more and more of my customers find their way towards the cloud.

Unveiling an unexpected behavior in ConditionalAccess: Unable to enforce controls for some Apps

Recently, an unexpected problem popped up with some ConditionalAccess policies: it is not possible to enforce controls. Applications show up

Microsoft 365 networking - Proxy Endpoints

For larger environments and/or infrastructures that have more complex network architectures, it can be important to split up the topic-related

Part 6 - Assign Teams Licenses

To use Direct Routing, you’ll first need to assign the following licenses to a user: Microsoft Teams Microsoft Teams Phone

Microsoft Cloud Services Expand in Europe including New Swiss Datacenters

Microsoft has been rapidly expanding its cloud infrastructure to meet increasing customer demand in Europe and today announced the availability

Exchange Reporting Script

Complete Exchange Documentation Script Guide

Table of Contents

Introduction & Overview

Meet Your New Best Friend

✨ Why This Script is Special

What Does This Script Do?

On-Premises Exchange

☁️ Exchange Online

Security & Compliance

Professional Reports

Critical Monitoring Features

Prerequisites & Requirements

️ System Requirements

PowerShell Modules

✨ Automatic Module Installation

Manual Module Installation

For Exchange Online:

For Microsoft Graph (Optional but recommended):

Required Permissions

⚠️ Important Security Note

Installation Guide

1Download the Script

2Set PowerShell Execution Policy

Understanding Execution Policies

3Verify Script Location

4Test Basic Functionality

✅ Installation Complete!

⚙️ Understanding Parameters

Parameter Reference

Choosing the Right Environment Parameter

OnPremises

☁️ Online

Both

Pro Tip: Start Simple

Step-by-Step Usage Guide

Your First Run: Exchange Online

1Open PowerShell as Administrator

2Navigate to Script Directory

3Run the Script

4Follow the Prompts

On-Premises Exchange Documentation

Hybrid Environment Documentation

What Happens During Execution

Script Initialization

Data Collection Phase

✅ Script Completion

Congratulations!

Real-World Examples

Scenario 1: Monthly Compliance Report

Situation:

Solution:

Result:

Scenario 2: Pre-Migration Assessment

Situation:

Solution:

Result:

Scenario 3: Hybrid Environment Health Check

Situation:

Solution:

Result:

Scenario 4: Automated Certificate Monitoring

Situation:

Solution:

Result:

Scenario 5: Security Audit

Situation:

Solution:

Result:

⚠️ Important Notes for Production Environments

Understanding the Output

HTML Report – Your Interactive Dashboard

Visual Design

Critical Alerts

Summary Dashboard

Detailed Sections

CSV Report – Your Data Analysis Tool

CSV Structure

️ Report Categories Explained

️ Infrastructure Categories