public/get-AllM365Permissions.ps1
|
Function get-AllM365Permissions{ <# Author = "Jos Lieben (jos@lieben.nu)" CompanyName = "Lieben Consultancy" Copyright = "https://www.lieben.nu/liebensraum/commercial-use/" #> Param( [Switch]$expandGroups, [Switch]$ignoreCurrentUser, [parameter(Mandatory=$true)] [ValidateSet('XLSX','CSV')] [String[]]$outputFormat ) $currentUser = New-GraphQuery -Uri 'https://graph.microsoft.com/v1.0/me' -NoPagination -Method GET Write-Host "Starting FULL M365 Tenant scan as $($currentUser.userPrincipalName)" Write-Host "Planned scan order:" Write-Host "1. Entra permissions" Write-Host "2. Exchange permissions" Write-Host "3. Onedrive permissions" Write-Host "4. Teams and Sharepoint permissions" get-ExOPermissions -outputFormat $outputFormat -expandGroups:$expandGroups.IsPresent -ignoreCurrentUser:$ignoreCurrentUser.IsPresent get-EntraPermissions -outputFormat $outputFormat -expandGroups:$expandGroups.IsPresent -ignoreCurrentUser:$ignoreCurrentUser.IsPresent get-AllSpOPermissions -outputFormat $outputFormat -expandGroups:$expandGroups.IsPresent -ignoreCurrentUser:$ignoreCurrentUser.IsPresent -includeOnedriveSites } |