diff --git a/.DS_Store b/.DS_Store new file mode 100644 index 0000000..592571f Binary files /dev/null and b/.DS_Store differ diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..3b5dc43 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +PMM/Alert Detection Rules/* \ No newline at end of file diff --git a/EXO/Set-GlobalMailboxPermissions.ps1 b/EXO/Set-GlobalMailboxPermissions.ps1 new file mode 100644 index 0000000..448fa00 --- /dev/null +++ b/EXO/Set-GlobalMailboxPermissions.ps1 @@ -0,0 +1,22 @@ +Write-Host "What is the UPN of user or group that should be added: " -NoNewline +$upn = Read-Host + +Write-Host "What permissions should be applied: " -NoNewline +$calendarPermission = Read-Host + +Write-Host "Granting $upn $calendarPermission permission to all mailboxes" + +$mailboxes = Get-EXOMailbox + +$totalMailboxes = $mailboxes.Count +$processCount = 0 + +Write-Progress -Activity "Applying calendar permissions" -Status "Starting" -PercentComplete 0 + +foreach ($mailbox in $mailboxes) { + $calendarPath = "$($mailbox.UserPrincipalName):\Calendar" + $processCount++ + $percentComplete = (($processCount / $totalMailboxes) * 100) + Write-Progress -Activity "Applying calendar permissions" -Status "Processing $calendarPath" -PercentComplete $percentComplete + Add-MailboxFolderPermission -Identity $calendarPath -User $upn -AccessRights $calendarPermission -SharingPermissionFlags Delegate +} \ No newline at end of file diff --git a/Entra/Get-PasswordExpiryReport.ps1 b/Entra/Get-PasswordExpiryReport.ps1 index b0ea8a3..dc7e41d 100644 --- a/Entra/Get-PasswordExpiryReport.ps1 +++ b/Entra/Get-PasswordExpiryReport.ps1 @@ -20,4 +20,4 @@ $Properties = @( $AllUsers = Get-MgUser -All -Property $Properties | Select-Object -Property $Properties #Export to CSV -$AllUsers | Export-Csv -Path "C:\Temp\PasswordChangeTimeStamp.csv" -NoTypeInformation \ No newline at end of file +$AllUsers | Export-Csv -Path "PasswordChangeTimeStamp.csv" -NoTypeInformation \ No newline at end of file diff --git a/PMM/.DS_Store b/PMM/.DS_Store new file mode 100644 index 0000000..3e18845 Binary files /dev/null and b/PMM/.DS_Store differ diff --git a/PMM/Set-PMMRules.ps1 b/PMM/Set-PMMRules.ps1 new file mode 100644 index 0000000..19927d0 --- /dev/null +++ b/PMM/Set-PMMRules.ps1 @@ -0,0 +1,230 @@ +function Write-Title { + [CmdletBinding()] + param ( + [Parameter(Mandatory=$true)] + [string]$Title + ) + + Write-Host $Title + for ($i = $Title.Length -1; $i -ge 0 ; $i--) { + Write-Host "-" -NoNewline + } + Write-Host +} + +function Set-AzureSubscriptionVariable { + Write-Title -Title "Azure Subscriptions" + $subscriptions = Get-AzSubscription + + $index = 1 + $subscriptionTable = @{} + foreach ($subscription in $subscriptions) { + Write-Host "$index. $($subscription.Name)" + $subscriptionTable["$index"] = $subscription.Id + $index++ + } + + Write-Host + $selectedValue = Read-Host -Prompt "Select Azure Subscription" + return $subscriptionTable[$selectedValue] +} + +function New-ResourceGroup { + $resourceGroupName = Read-Host -Prompt "Enter the name of the resource group" + $resource = New-AzResourceGroup -Name $resourceGroupName -Location "uksouth" + return $resource.ResourceId +} + +function Set-ResourceGroupVariable { + Write-Title -Title "Azure Resource Groups" + $resourceGroups = Get-AzResourceGroup + + $index = 1 + $resourceGroupTable = @{} + foreach ($resourceGroup in $resourceGroups) { + Write-Host "$index. $($resourceGroup.ResourceGroupName)" + $resourceGroupTable["$index"] = $resourceGroup.ResourceGroupName + $index++ + } + + Write-Host + $selectedValue = Read-Host -Prompt "Select Resource Group (or 0 to create a new one)" + + if ($selectedValue -eq "0") { + return New-ResourceGroup + } else { + return $resourceGroupTable[$selectedValue] + } +} + +function New-ActionGroup { + [CmdletBinding()] + param ( + [Parameter(Mandatory=$true)] + [string]$ResourceGroupName + ) + + $actionGroupName = Read-Host -Prompt "Enter the name of the action group" + $location = "global" + + $emailReceiverParams = @{ + Name = "PMM-EmailAlerts-Dev" + EmailAddress = "40db3afb.DOHERTYASSOCIATES.onmicrosoft.com@emea.teams.ms" + UseCommonAlertSchema = $false + } + $emailReceiver = New-AzActionGroupEmailReceiverObject @emailReceiverParams + + $webhookReceiverParams = @{ + Name = "LogAlertsV2" + ServiceUri = "https://7037684a-c132-4a29-ae42-556d05fae681.webhook.uks.azure-automation.net/webhooks?token=Rx%2fqYg642juKtsrhebjWV%2fOt3NlfFG5tXFVkByTejFA%3d" + UseCommonAlertSchema = $true + UseAadAuth = $false + } + $webhookReceiver = New-AzActionGroupWebhookReceiverObject @webhookReceiverParams + + $actionGroupParams = @{ + ResourceGroupName = $ResourceGroupName + Name = $actionGroupName + Location = $location + ShortName = $actionGroupName + EmailReceiver = $emailReceiver + WebhookReceiver = $webhookReceiver + Enabled = $true + } + $resource = New-AzActionGroup @actionGroupParams + return $resource.Id +} + +function Set-ActionGroupVariable { + [CmdletBinding()] + param ( + [Parameter(Mandatory=$true)] + [string]$ResourceGroupName + ) + + Write-Title -Title "Azure Action Groups" + $actionGroups = Get-AzActionGroup + + $index = 1 + $actionGroupTable = @{} + foreach ($actionGroup in $actionGroups) { + Write-Host "$index. $($actionGroup.Name)" + $actionGroupTable["$index"] = $actionGroup.Id + $index++ + } + + Write-Host + $selectedValue = Read-Host -Prompt "Select Action Group (or 0 to create a new one)" + + if ($selectedValue -eq "0") { + return New-ActionGroup -ResourceGroupName $ResourceGroupName + } else { + return $actionGroupTable[$selectedValue] + } +} + +function Set-LogAnalyticsWorkspaceVariable { + Write-Title -Title "Azure Log Analytics Workspaces" + $logAnalyticsWorkspaces = Get-AzOperationalInsightsWorkspace + + $index = 1 + $lawTable = @{} + foreach ($logAnalyticsWorkspace in $logAnalyticsWorkspaces) { + Write-Host "$index. $($logAnalyticsWorkspace.Name)" + $lawTable["$index"] = $logAnalyticsWorkspace.ResourceId + $index++ + } + + Write-Host + $selectedValue = Read-Host -Prompt "Select Log Analytics Workspace" + + return $lawTable[$selectedValue] +} + +function Set-DetectionRules { + [Parameter(Mandatory=$true)] + [string]$ResourceGroupName, + [Parameter(Mandatory=$true)] + [string]$ActionGroupId, + [Parameter(Mandatory=$true)] + [string]$LogAnalyticsWorkspaceId + + $rules = Get-ChildItem "Alert Detection Rules" + + + foreach ($rule in $rules) { + $query = Get-Content -Path $rule.FullName -Raw + $fileNameWithoutExtension = $rule.Name -replace "\.[^.]+$", "" + + Write-Host "Processing $fileNameWithoutExtension..." -NoNewline + + $detectionRuleParams = @{ + Query = $query + Name = $fileNameWithoutExtension + ResourceGroupName = $resourceGroup + ActionGroupId = $actionGroup + LogAnalyticsWorkspaceId = $logAnalyticsWorkspace + } + + Set-DetectionRule @detectionRuleParams + Write-Host "Done" + } + +} + +function Set-DetectionRule { + [CmdletBinding()] + param ( + [Parameter(Mandatory=$true)] + [string]$Query, + [Parameter(Mandatory=$true)] + [string]$Name, + [Parameter(Mandatory=$true)] + [string]$ResourceGroupName, + [Parameter(Mandatory=$true)] + [string]$ActionGroupId, + [Parameter(Mandatory=$true)] + [string]$LogAnalyticsWorkspaceId + ) + + $dimension = New-AzScheduledQueryRuleDimensionObject -Name AADTenantId -Operator Include -Value * + $condition=New-AzScheduledQueryRuleConditionObject -Dimension $dimension -Query $Query -TimeAggregation "Count" -Operator "GreaterThan" -Threshold "0" + + $timespan = New-TimeSpan -Minutes 15 + $location = "uksouth" + $severity = 3 + + $ruleParams = @{ + DisplayName = $Name + Name = $Name + EvaluationFrequency = $timespan + Location = $location + WindowSize = $timespan + ResourceGroupName = $ResourceGroupName + TargetResource = $LogAnalyticsWorkspaceId + Severity = $severity + ActionGroup = $ActionGroupId + CriterionAllOf = $condition + Scope = $LogAnalyticsWorkspaceId + } + $resource = New-AzScheduledQueryRule @ruleParams +} + +# Set-DetectionRules + +$azureSubscription = Set-AzureSubscriptionVariable +Set-AzContext -Subscription $azureSubscription + +Write-Host + +$resourceGroup = Set-ResourceGroupVariable + +Write-Host + +$actionGroup = Set-ActionGroupVariable -ResourceGroupName $resourceGroup + +Write-Host + +$logAnalyticsWorkspace = Set-LogAnalyticsWorkspaceVariable + +Set-DetectionRules -ResourceGroupName $resourceGroup -ActionGroupId $actionGroup -LogAnalyticsWorkspaceId $logAnalyticsWorkspace \ No newline at end of file