PowerShell Script: Schedule Litigation Hold Enabled Exchange Online

To share how to perform enabled litigation hold for User Mailbox using task scheduler. However, this may trigger your security application/detection in your environment (a.k.a “Unexpected script ran….”). This blog requires you to know how to use Task Scheduler.

*Note:

  • If you don’t specify license type in your script, is alright, the script will skip that user and move on with another one.
  • Some license doesn’t provide the litigation hold feature, such as E1 license.
  • This script is not a limited capability.

There are pretty much lots of ways you could perform this.

  1. You could perform based by checking on the user’s creation date and litigation hold status.
  2.  You could perform based by checking on the user’s department and litigation hold status
  3. You could perform based by checking only the litigation hold status
  4. You could perform based by checking the license type and litigation hold status
  5. You could perform based all 4 above

Well, it all depends on the requirements and necessary in the environment.

When I was scripting it, I notice if to perform manually running the script is best to make use “function” type, to avoid duplication. Anyways,

If you are planning to have this in task scheduler, you could have this PowerShell script save in any windows platform that has Windows PowerShell with the required module installed.

Before moving on, 

You would need to manually run a retrieve of office 365 global admin credential, save and encrypted into a file. If you are terrified of the file being accessed by others, just make some security adjustments towards the file. 

References:

  1. https://practical365.com/blog/saving-credentials-for-office-365-powershell-scripts-and-scheduled-tasks/
#Name: Sabrina Kay
#Purpose: This powershell is to enabled litigation hold

function Run-LitigationHoldEnabled{
#Parameter to get the path
param([string]$FilePath)

#retrieve the path
$File = Get-ChildItem -Path $FilePath -Filter *.cred

#Identify the file path iss found
if($File -eq $true){

#Have to convert to string, or get only the name, because the type is File System type
$UserName = $File.BaseName
$PwdSecureString = Get-Content "$($FilePath)\$($UserName).cred" | ConvertTo-SecureString

#Create a storable attribute object for username and password, (passsword won't be shown in plain text)
$UserCredential = New-Object System.Management.Automation.PSCredential -ArgumentList $UserName, $PwdSecureString

#Connect to Exchange Online
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session -DisableNameChecking
#Get user mailbox with litigation hold not enabled, set them to enabled
Get-Mailbox -RecipientTypeDetails UserMailbox | where-object {$_.litigationholdenabled -eq $false} | Set-Mailbox -LitigationHoldEnabled $true

#Finish and end session
Remove-PSSession $Session
}

Else{
#End Session if file path not found
    Remove-PSSession $Session
    }
}

#Main Program
#attribute for the office 365 credential file path
$KeyPath = "C:\xxx\"

#Task to run
Run-LitigationHoldEnabled -FilePath $KeyPath

Author: sabrinaksy

Just a little girl who love what she does best.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s