Monthly Archives: January 2021

Get Distribution Group Owner lists and email

User below PowerShell one liner we can list group owners and their email ID in Microsoft 365.

To get for one group.

Get-DistributionGroup TestGroup@Domain.com | select PrimarySmtpAddress, @{n= "ManagedBy"; e={$_.ManagedBy | foreach {(Get-Mailbox $_).PrimarySMTPAddress}}}

To get for all groups

Get-DistributionGroup | select PrimarySmtpAddress, @{n= "ManagedBy"; e={$_.ManagedBy | foreach {(Get-Mailbox $_).PrimarySMTPAddress}}}

We can also filter groups and get the list. Below command will list all the groups starting with DL-IT

Get-DistributionGroup DL-IT* | select PrimarySmtpAddress, @{n= "ManagedBy"; e={$_.ManagedBy | foreach {(Get-Mailbox $_).PrimarySMTPAddress}}}

Remove Reoccuring meeting invite

There are situations when an organizer wants to cancel a meeting invite, but not able to delete and invite re-appears in attendees calendars, and we may need to remove the invite from backend.

It becomes extremely important to examine the results before deleting them to make sure you have targeted the correct meeting invite or email.

If you want to search all the mailboxes for specific meeting, use below command. This command will give you estimated results only and will not delete anything from the mailboxes.

Get-Mailbox | Search-Mailbox -SearchQuery "kind:meetings AND Subject:'Bi Weekly IT Review Meeting' AND From:User@domain.com" -EstimateResultOnly

If you want to search a set of mailboxes, you can copy the PrimarySMTP addresses in a list and use the command like below.

The below command will export all the specified meeting invite from all mentioned mailboxes to a target folder in a target mailbox.

This command will also not delete anything from mailbox, once results are exported you can review the results and make sure you are targeting the correct meeting invite or email.

Get-Content C:\Temp\List.txt | Get-Mailbox | Search-Mailbox -SearchQuery "kind:meetings AND Subject:'Bi Weekly IT Review Meeting' AND From:User@domain.com" -TargetMailbox ExportResult@Domian.com -TargetFolder "ExportResult"

Once you are sure that correct meeting invite or email will be deleted, you can run the delete command to remove the meeting.

Search-Mailbox -SearchQuery '(subject:"Bi Weekly IT Review Meeting") AND (kind:meetings) and from:User@domain.com' -DeleteContent -Loglevel Full  -TargetMailbox ExportResult@Domian.com -TargetFolder "ExportResult"

On the target mailbox, you can download the logs to see all the actions.

Your flow needs attention…

When you have a flow running with your account and have MFA enabled, you often receive an error email about your flow connection, which states “YOUR FLOW NEEDS ATTENTION….”

This notification was sent as the flow had failure runs due to invalid flow connection.

We can fix this by just reauthenticating the flow connection but if this comes too frequent then it may require some back end fix.

  • Get rid of “Remember Multi-factor authentication”
    • If you are using “Remember Multi-factor authentication” option from
    • AAD Console –> Users –> All Users –> Multi-Factor Authentication -> Service Settings.
  • We should move away from this setting and configure the same using Conditional Access policy.
  • This setting overrides the default behavior for modern authentication clients (like Microsoft Outlook) who only prompt every 90 days, by default.
  • We can configure the same setting using Conditional Access Policies –
  • AAD Console -> Security -> Conditional Access -> Access Controls -> Sessions –> Sign-in Frequency.
  • Exclude selected users from MFA
    • The one solution is to exclude the user from MFA, but this may not be possible in all cases, especially when we have MFA enabled for all the accounts.
    • If you apply MFA using conditional access policies, then excluding some users is simple, just create one group and then all such users to that group and exclude the group in the policy.
    • Open Azure AD console and select Security and click Conditional Access.
    • If you already have a policy, open the policy and in Assignment section -> Users and groups – Exclude – Add the group.
  • Exclude Flow location IPs from MFA.
    • The another solutions can be to exclude the Flow location services IP from MFA.
    • For this create a “New Network” location, like “IP range for Flow in APAC”.
    • Azure AD Console -> Security -> Named Locations.
  • Add IPs of Flow of your tenant location, you can find IPs using below link.

https://docs.microsoft.com/en-us/power-automate/limits-and-config

  • Now in the Conditional Access Policy, Assignments -> Conditions  -> Locations – Exclude the Name location you have created.

allow or suppress the auto replies when sending emails to groups.

Recently one of our users reported an issue that when he sent an email to a large distribution list, he did not receive any Auto Reply, OOF from any user. Though, there were many users had Auto Reply configured at that time.

There are few group properties which can cause this –

ReportToManagerEnabled –  The ReportToManagerEnabled parameter specifies whether delivery status notifications (also known as DSNs, non-delivery reports, NDRs, or bounce messages) are sent to the owners of the group (defined by the ManagedBy property). Valid values are

  • $true: Delivery status notifications are sent to the owners of the group.
  • $false: Delivery status notifications aren’t sent to the owners of the group. This is the default value.

ReportToOriginatorEnabled –  The ReportToOriginatorEnabled parameter specifies whether delivery status notifications (also known as DSNs, non-delivery reports, NDRs, or bounce messages) are sent to senders who send messages to this group. Valid values are:

  • $true: Delivery status notifications are sent to the message senders. This is the default value.
  • $false: Delivery status notifications aren’t sent to the message senders.

The ReportToManagerEnabled and ReportToOriginatorEnabled parameters affect the return path for messages sent to the group. Some email servers reject messages that don’t have a return path. Therefore, you should set one parameter to $false and one to $true, but not both to $false or both to $true.

SendOofMessageToOriginatorEnabled –  The SendOofMessageToOriginatorEnabled parameter specifies how to handle out of office (OOF) messages for members of the group. Valid values are:

  • $true: When messages are sent to the group, OOF messages for any of the group members are sent to the message sender.
  • $false: When messages are sent to the group, OOF messages for any of the group members aren’t sent to the message sender. This is the default value.

Based on the above values, Exchange Online adds a header “X-Auto-Response-Suppress” to message to suppress or allow the Auto Replies or OOF.

Like in my example – SendOofMessageToOriginatorEnabled was False and I can see header “X-Auto-Response-Suppress” with value “DR, OOF, AutoReply” in the message properties.

We can adjust these values to allow or suppress the Auto Replies, OOF from groups.