Enable Mailbox Auditing

0
votes

When I run this command I'm getting an error on enabling a few accounts for auditing. 

Get-Mailbox -ResultSize Unlimited -Filter {RecipientTypeDetails -eq "UserMailbox" -or RecipientTypeDetails -eq "SharedMailbox" -or RecipientTypeDetails -eq "RoomMailbox" -or RecipientTypeDetails -eq "DiscoveryMailbox"} |
    Set-Mailbox -AuditEnabled $true -AuditLogAgeLimit 180 -AuditAdmin Update, MoveToDeletedItems, SoftDelete, HardDelete, SendAs, SendOnBehalf, Create, UpdateFolderPermission -AuditDelegate Update, SoftDelete, HardDelete, SendAs, Create, Update FolderPermissions, MoveToDeletedItems, SendOnBehalf -AuditOwner UpdateFolderPermission, MailboxLogin, Create, SoftDelete , HardDelete, Update, MoveToDeletedItems

Then I get this error here,

The operation couldn't be performed because 'Employee Name' matches multiple
entries.
+ CategoryInfo          : NotSpecified: (:) [Set-Mailbox], ManagementObjectAmbiguousException
+ FullyQualifiedErrorId : [Server=removed,RequestId=removed,TimeStamp=8/16/2018 8:54:51 PM] [FailureCategory=Cmdlet-ManagementObjectAmbiguousException] B88862F7,Microsoft.Exchange.Management.RecipientTasks.SetMailbox
+ PSComputerName        : outlook.office365.com

Then I'm running this command to see who is enabled and who isn't

Get-Mailbox -ResultSize Unlimited |
    Select Name, AuditEnabled, AuditLogAgeLimit |
    Out-Gridview

Which pops up a GUI and show's me a few Employee's that are duplicate. This is because we have two different domain names with different email boxes. Example: [email protected] and [email protected]. How do I enable those duplicate accounts in PowerShell?

1
powershellsecurityoffice365
Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See What topics can I ask about here in the Help Center. Perhaps Super User would be a better place to ask.jww

1 Answers

3
votes

I find it funny that the identity parameter passed through the pipeline is based on the Name, even though it doesn't uniquely identify the object :) (an Identity should be unique by definition!!). Anyhow, what we need to do is to change the Identity from the name to something more globally unique like the GUID. We can do this by adding in a step in the pipeline to change the Identity:

Get-Mailbox...| Select -Property @{Name="Identity";Expression={$_.GUID.ToString()}}  | Set-Mailbox...

What I am doing is to use an expression inside a Select statement to convert the GUID in to a string, and pass it on through the pipeline as the Identity. The Set-Mailbox will take the GUID as an Identity, and will update the right mailbox.

So your code becomes (broken up for clarity):

Get-Mailbox -ResultSize Unlimited -Filter {RecipientTypeDetails -eq "UserMailbox" -or RecipientTypeDetails -eq "SharedMailbox" -or RecipientTypeDetails -eq "RoomMailbox" -or RecipientTypeDetails -eq "DiscoveryMailbox"}`
| Select -Property @{Name="Identity";Expression={$_.GUID.ToString()}} `
| Set-Mailbox -AuditEnabled $true -AuditLogAgeLimit 180 -AuditAdmin Update, MoveToDeletedItems, SoftDelete, HardDelete, SendAs, SendOnBehalf, Create, UpdateFolderPermissions -AuditDelegate Update, SoftDelete, HardDelete, SendAs, Create, UpdateFolderPermissions, MoveToDeletedItems, SendOnBehalf -AuditOwner UpdateFolderPermissions, MailboxLogin, Create, SoftDelete , HardDelete, Update, MoveToDeletedItems