Enable Auditing on Office 365 mailbox

General discussion of using Adaxes for Active Directory management and administration
Post Reply
bjzielinski
Posts: 1
Joined: Wed Jul 10, 2019 12:28 pm

Enable Auditing on Office 365 mailbox

Wed Jul 10, 2019 12:32 pm

I have a handful of manual PowerShell scripts that I run after a new user is created. Most of these commands can be done using a Business Rule except one. I need to turn on global auditing but I don't see it as an option. Is this something that can be added in a future release? Can I run a PowerShell command in the meantime? The command is below. Thank you!

Code: Select all

Set-Mailbox -AuditEnabled $true -AuditLogAgeLimit 180 -AuditAdmin Update, MoveToDeletedItems, SoftDelete, HardDelete, SendAs, SendOnBehalf, Create, UpdateFolderPermission -AuditDelegate Update, SoftDelete, HardDelete, SendAs, Create, UpdateFolderPermissions, MoveToDeletedItems, SendOnBehalf -AuditOwner UpdateFolderPermission, MailboxLogin, Create, SoftDelete, HardDelete, Update, MoveToDeletedItems

User avatar
Support
Site Admin
Posts: 2373
Joined: Thu Apr 23, 2009 2:28 am

Re: Enable Auditing on Office 365 mailbox

Thu Jul 11, 2019 6:20 am

Hello,
bjzielinski wrote:
Wed Jul 10, 2019 12:32 pm
I need to turn on global auditing but I don't see it as an option. Is this something that can be added in a future release?
According to the Enable mailbox auditing article, mailbox audit logging is turned on by default for all Microsoft 365 organizations since January 2019. So, there is no necessity to turn it on again. You can configure default settings for mailbox auditing using the Set-OrganizationConfig cmdlet.
bjzielinski wrote:
Wed Jul 10, 2019 12:32 pm
Can I run a PowerShell command in the meantime?
You can use the following script to configure mailbox auditing individually:

Code: Select all

try
{
    # Get the object ID in Office 365
    $objectId = [Guid]$Context.TargetObject.Get("adm-O365ObjectId")
}
catch
{
    return # The user doesn't have an Office 365 account
}

try
{
    # Connect to Exchange Online
    $session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri "https://outlook.office365.com/powershell-liveid/" `
        -Credential $Context.GetOffice365Credential() -Authentication Basic -AllowRedirection
    Import-PSSession $session -AllowClobber -DisableNameChecking -CommandName Set-Mailbox
    
    # Configure audit
    Set-Mailbox $objectId.ToString() -AuditEnabled $true -AuditLogAgeLimit 180 -AuditAdmin Update, MoveToDeletedItems, SoftDelete, HardDelete, SendAs, SendOnBehalf, Create, UpdateFolderPermission -AuditDelegate Update, `
                                                                  SoftDelete, HardDelete, SendAs, Create, UpdateFolderPermissions, MoveToDeletedItems, SendOnBehalf -AuditOwner UpdateFolderPermission, `
                                                                  MailboxLogin, Create, SoftDelete, HardDelete, Update, MoveToDeletedItems    
}
finally
{
    # Close the remote session and release resources
    if ($session) { Remove-PSSession $session }
}
Active Directory Identity Management

Follow Adaxes in social networks
Image Image Image

Post Reply
  • Information
  • Who is online

    Users browsing this forum: Bing [Bot] and 1 guest