A collection of PowerShell scripts for enterprise IT administration, covering Active Directory, Microsoft 365, Exchange Online, Entra ID, and Intune management tasks that i've created over the years.

License: GPL v3 PowerShell Gallery Platform

• Table of Contents
• Features
• Getting Started
  • Prerequisites
  • Installation
• Usage
  • Basic Usage
  • Script Categories
  • Interactive Scripts
• Configuration
  • Environment Variables
  • Authentication
  • Customisation
• Folder Structure
• Modules and Functions
  • Core Functionality
  • Key Scripts
• Testing
  • Development Environment
  • Validation
• Logging and Troubleshooting
  • Logging Standards
  • Common Issues
  • Support Resources
• Accessibility
• Contributing
  • Development Guidelines
• Changelog
  • Recent Updates
  • Version History
• License
• Like to say thank you?
• Contact and Support
  • Project Maintainer
  • Getting Help
  • Support Guidelines

• Active Directory Management: User creation, group management, computer organisation, and bulk operations
• Microsoft 365 Administration: Exchange Online mailbox management, quarantine handling, and transport rules
• Entra ID Integration: External user management, compromised account remediation, and identity operations
• Intune Device Management: Bulk device synchronisation, remediation scripts, and compliance monitoring
• General Utilities: Password generation, module management, and script selection tools
• OneDrive Administration: User content download and management capabilities
• Comprehensive Logging: Standardised logging across all scripts with detailed audit trails
• Error Handling: Robust error handling and retry logic for enterprise environments
• GUI Interfaces: User-friendly forms for complex administrative tasks

• PowerShell 7.0 or later
• Windows operating system
• Appropriate administrative permissions for target systems
• Required PowerShell modules (see individual scripts for specific requirements):
  • Active Directory Module
  • Exchange Online Management
  • Microsoft Graph PowerShell SDK
  • Microsoft.Graph.Intune
  • MSOnline (where applicable)

1. Clone the repository:

   git clone https://github.com/twcau/PowerShellScripting.git

2. Navigate to the project directory:

   cd PowerShellScripting

3. Review the script you want to use and install any required modules:

   # Example: Install Exchange Online Management module
   Install-Module -Name ExchangeOnlineManagement -Force

4. Configure the scripts according to your environment (see Configuration section)

Each script is designed to be run independently. Navigate to the appropriate folder and execute the script:

# Example: Run user creation script
.\ad\user\creation\User-Creation.ps1
# Example: Run Intune bulk sync
.\intune\devices\Intune-BulkSync.ps1

• Active Directory: Scripts for user and computer management in on-premises AD environments
• Exchange 365: Email and mailbox management for cloud and hybrid environments
• Entra ID: Identity and access management for Azure AD/Entra ID
• Intune: Mobile device management and compliance scripts
• General: Utility scripts for common administrative tasks

Many scripts include GUI interfaces for ease of use:

• User creation wizards with form-based input
• Device selection interfaces
• Progress indicators for long-running operations

Some scripts may require environment-specific configuration. Review each script's header for specific requirements.

• Ensure you have appropriate administrative credentials
• Some scripts require multi-factor authentication (MFA)
• Consider using application passwords where applicable

Scripts include configurable parameters at the top of each file. Common customisations include:

• Domain names and organisational units
• Email domains and Exchange settings
• Logging paths and retention policies
• Timeout values and retry attempts

PowerShellScripting/
├── ad/ # Active Directory scripts
│ ├── computer/
│ │ └── FindMachineOU.ps1 # Locate computer objects in AD
│ └── user/
│ ├── creation/ # User account creation scripts
│ │ ├── AD-CopyGroups.ps1 # Copy group memberships
│ │ ├── User-Creation-Bulk.ps1 # Bulk user creation
│ │ ├── User-Creation.ps1 # Individual user creation with GUI
│ │ └── User-Departure.ps1 # User departure processing
│ └── reconcillation/ # User account reconciliation
│ ├── AD-Bulk-DepartedEmployeeReconcillation.ps1
│ ├── Employee-Departure-Reconciliation.ps1
│ └── Employee-Listing.ps1
├── e365/ # Exchange 365 scripts
│ ├── E365-Mailbox-ConvertToShared.ps1 # Convert mailboxes to shared
│ ├── E365-Quarantine-ExportRecord.ps1 # Export quarantine records
│ ├── Exchange-QuarantineTABL-DataDownload.ps1
│ └── NewTransportRuleExecName.ps1 # Transport rule management
├── entra/ # Entra ID (Azure AD) scripts
│ ├── AutomateCompromisedAccountRemediation.ps1
│ ├── Entra-UserExternal-Create.ps1 # External user creation
│ └── User-Management-External.ps1 # External user management
├── general/ # General utility scripts
│ ├── ScriptSelector.ps1 # Interactive script launcher
│ ├── module-management/ # PowerShell module utilities
│ │ ├── Module-PowerShell7-Require.ps1
│ │ └── Update-Module.ps1
│ └── password-generation/ # Password generation tools
│ ├── Password-Generator-Silent.ps1
│ └── Password-Generator.ps1
├── intune/ # Microsoft Intune scripts
│ ├── devices/
│ │ └── Intune-BulkSync.ps1 # Bulk device synchronisation
│ └── remediation/ # Intune remediation scripts
│ ├── M365-VersionDetect.ps1 # M365 Apps version detection
│ ├── M365-VersionRemediate.ps1 # M365 Apps version remediation
│ ├── TeamsOld-Detect.ps1 # Legacy Teams detection
│ ├── TeamsOld-Remediate.ps1 # Legacy Teams remediation
│ ├── WinUpdate-23H2to24H2Force-Detect.ps1
│ ├── WinUpdate-23H2to24H2Force-Remediate.ps1
│ ├── WinUpdate-Detect.ps1 # Windows Update detection
│ ├── WinUpdate-Pause-Detect.ps1 # Windows Update pause detection
│ ├── WinUpdate-Pause-Remediate.ps1
│ └── WinUpdate-Remediate.ps1 # Windows Update remediation
├── m365/ # Microsoft 365 scripts
├── onedrive/ # OneDrive management scripts
│ └── M365-OneDrive-DownloadUserContents.ps1
└── testing/ # Development and testing scripts

The scripts in this collection provide:

• User Management: Creation, modification, and departure processing
• Group Management: Membership copying and bulk operations
• Device Management: Synchronisation, detection, and remediation
• Security Operations: Compromised account handling and compliance monitoring
• Utility Functions: Password generation, module management, and system utilities

• User-Creation.ps1: Comprehensive user creation with GUI interface
• Intune-BulkSync.ps1: Mass device synchronisation for Intune environments
• AutomateCompromisedAccountRemediation.ps1: Automated security response
• ScriptSelector.ps1: Interactive menu system for script selection

Testing scripts are located in the testing/ folder and include:

• Proof-of-concept implementations
• Version comparisons
• Experimental features

Before using scripts in production:

1. Review the script header for version information and changelog
2. Test in a non-production environment
3. Verify all required modules are installed
4. Check logging output for any warnings or errors

All scripts follow consistent logging practices:

• Log files stored in $env:TEMP with timestamps
• Comprehensive error logging with context
• Success and failure reporting
• Progress indicators for long-running operations

• Module Import Errors: Ensure required PowerShell modules are installed
• Authentication Failures: Verify credentials and MFA settings
• Permission Errors: Check administrative rights for target systems
• Network Connectivity: Ensure access to required cloud services

• Check script headers for specific documentation links
• Review Microsoft documentation for API changes
• Consult PowerShell Gallery for module updates

This project is committed to accessibility and inclusive design:

• Scripts include progress indicators and clear status messages
• Documentation uses descriptive text for all functionality
• Error messages provide actionable guidance
• GUI interfaces follow accessibility best practices
• All documentation supports screen readers

Contributions to improve and expand this script collection are welcome. Please read the contribution guidelines:

1. Code Standards: Follow PowerShell best practices and existing code style
2. Documentation: Include comprehensive headers and inline comments
3. Testing: Validate scripts in appropriate test environments
4. Security: Ensure no hardcoded credentials or sensitive information

• Use Australian English (EN-AU) for documentation and comments
• Include proper error handling and logging
• Follow the established folder structure
• Update this README when adding new functionality

• 6/06/2025: Enhanced user creation script with group copying improvements
• 27/03/2025: Added Clear Base User and Clear All User functionality
• 21/05/2025: Implemented base group validation and management
• 4/03/2025: Updated department listings for dynamic group memberships

See individual script headers for detailed version history and changelog information.

This project is licensed under the GNU General Public License v3.0 - see the LICENSE file for details.

Copyright (c) 2025, Michael Harris, All rights reserved.

If these scripts have helped you in your IT administration tasks, consider:

• ⭐ Starring this repository
• 🐛 Reporting issues or suggesting improvements
• 📖 Contributing to the documentation
• ☕ Buy me a coffee to support continued development

• Michael Harris - @twcau

• Issues: Report bugs or request features via GitHub Issues
• Discussions: Join the conversation in GitHub Discussions
• Documentation: Review script headers and Microsoft documentation links

• Provide clear descriptions of issues with relevant log files
• Include PowerShell version and module information
• Specify the target environment (on-premises, cloud, hybrid)
• Follow the issue templates when reporting problems

This project follows Microsoft PowerShell best practices and maintains compatibility with enterprise IT environments.