EXO V2 Module – Microsoft 365 Exchange Online – PowerShell Module

EXO v2 Exchange Online PowerShell Module download here

Some PowerShell commands to help you manage your Microsof 365 Exchange. 

More information on the Microsoft Site here

How to load the EXO v2 Module

Run PowerShell ( I used the ISE) as Administrator    (+ be connected to the Internet)

Install-Module -Name ExchangeOnlineManagement    #Execute this command

You will need to say “Yes to All” on Trust the repository prompt (Well that’s what I needed to do)

How do you connect to Exchange Online

Connect-ExchangeOnline -EnableErrorReporting -LogDirectoryPath C:\temp\logs –LogLevel All

Enter your tenancy credentials

(This will work and prompt for MFA enabled accounts.)

Example EXO V2 PowerShell Commands

Example 1 – Return Mailbox details for a specific user command (Settings you might see in Active Directory)

Get-EXOMailbox -Identity <ENTER EMAIL ADDRESS HERE> -Properties DisplayName,EmailAddresses,Alias

Example 2 – Return Mailbox details for a specific user command ( Settings like MAPI & POP status, Email Addresses)

Get-EXOCASMailbox -Identity “< ENTER EMAIL ADDRESS HERE >” 

Example 3 – Check User Permissions

Get-EXOMailboxPermission -Identity “< ENTER EMAIL ADDRESS HERE >”


Example 4 – What Devices have accessed the mailbox.

This showed multiple devices and which supported remote wipe. If you are reviewing security footprint and what devices have access corporate email, this is a good starting point.

Get-EXOMobileDeviceStatistics -Mailbox “< ENTER EMAIL ADDRESS HERE >” -ActiveSync


Then finally how to Disconnect

DisConnect-ExchangeOnline

Then select “Yes to All”

Disconnected Successfully

Office 365 – Anti Malware Policy/ Mail Flow rule – Detected PS1 file – Email Attachment

A good starting point for this exercise was to find the Microsoft Post on Mail Flow rules to inspect message attachments. Available here. There is also a good reference page on common blocking scenarios.

Recently some of our users received received PS1 files as attachments. We wanted to raise awareness to our users about PS1 files by adding an additional disclaimer in emails received with PS1 attached file types.

If you try to send a PS1 file as an attachment, you will often get a notification, but it allows you to send the email.

Users of Outlook might receive the email still and be notified of a potentially unsafe attachment. Which is good. But what if they weren’t using Outlook?

Web Mail “Outlook” will give you a “No Entry” sign

Challenge : How do we create a mail flow rule to add a disclaimer to inbound emails with PS1 files attached?

How to Guide : Create Mail Flow Rules

Start in “Microsoft 365 Admin Center” and browse to “Exchange” Admin Center

You can created new rules by selecting “Mail Flow” > “Rules” > “+”> “Create a new rule”

This example Appends the Disclaimer when a PS1 file is recieved

Additional options (Optional)

Rule is configured

.. Test Mail example sent to a Microsoft 365 Exchange Mail box – Disclaimer added. See example screen shot below.

Enhance Security : Enforce Mobile Devices to Use Encryption and Password Policy connecting to Exchange Online (O365)

Features available to improve security with mobile devices by using encryption and a password policy when connecting to Exchange Online (O365). Anyone who has been a Active Directory Admin will by default expect to configure additional security, the same logic should apply for the Office 365 admin / Exchange Online Admin.

How to configure, start in Exchange Admin Center

Browse “Mobile” and edit the “Default”

To apply additional security settings to mobile services by default. I’ve highlighted some more restrictive settings to configure from the default.

  • Require Password
  • Require an Alphanumeric Password
  • Require Encryption
  • Min Password Length
  • Wipe Device on Sign-In Failures
  • Sign In time
  • Password Lifetime and Recycle Count

How To Enable Admins/Users to Import Their Own PST files in Office 365

To enable the admins/users to import their own PST files, the users must be given the “Mailbox Import Export” role.

This it how you configure / assign the users the role.

Login to the Microsoft 365 Admin Center and Open “Exchange” admin center.

Click “Permissions” > “Admin Roles” and “+” Add a new role

Enter details (example info), Add “Mailbox Import Export” role. Click Save

Office 365 Exchange Online Enable Calendar Sharing with External Office 365 Exchange

To setup calendar sharing in Office 365 with another External Office 365 Exchange go to the Exchange Admin Center.

You have the option to add an individual or an organisation. See example below

For further information visit: https://docs.microsoft.com/en-us/exchange/sharing/organization-relationships/create-an-organization-relationship