Comments (5)
I have created an off-boarding Powershell script that does the following for Azure. I have a separate one for 365 only (Just so you can get some ideas)
- Remove from 365 groups
- Find out if the server is syncing via mail or UPN attribute in AD (For Azure AD Sync)
- Sets the mail nickname attribute based on their AD username
- Hides from global address list in 365
- Converts to shared mailbox in 365
- Removes licenses from account in 365
- Automatically resets the password in AD and checks the last password reset date/time to confirm it has been changed to something random
- Sets mailbox forwarding and mailbox access
- Disabled account in AD and moves it to an OU. This part is filtered based on OU name and is looking for something like "Azure" and will ask the engineer if they want to choose that OU. If they select No, then it will look another another and confirm if they want to move into that one, etc.
- Makes sure Azure AD Connect is not open as this can cause issues
- Forces an Azure sync
from cipp.
You read my mind. To give details of our process:
- Disable Sign-in
- Reset Password
- Convert to Shared Mailbox
- Remove License
- Setup delegated access to mailbox (Disable auto populate to Outlook desktop app)
- Setup delegated access to Onedrive.
We don't do self service password resets, but that should probably be disabled as well.
Useful feedback for the technician:
- Onedrive URL
- OWA URL
from cipp.
Good call on the GAL, totally forgot that step. If there is some way to break the immutable ID so that syncing stops on that user, without the risk of automatic re-pairing, that would be nice. That was the relationship between the AD account and the AAD account would be permanently broke and I don't have to worry about an AD action causing an AAD reaction.
This is important since the process is obviously going to be disconnected between AAD and AD, since I don't see any AD interactions to be in-scope of CIPP.
from cipp.
Almost done on this, perfecting some API error handling. :)
from cipp.
Added in dev build
from cipp.
Related Issues (20)
- [Feature Request]: Access to BitLocker Key From Admin > Devices HOT 3
- [Feature Request]: Standard to handle unlicensed users OneDrive data HOT 3
- Improve message text for Reset Password (Must Change) in sidebar HOT 2
- [Feature Request]: Add report of all mailboxes with their delegated permissions. HOT 1
- [Feature Request]: Date and Filtering Improvements HOT 2
- [Feature Request]: Out of Office Message HTML Editor HOT 2
- Duplicate MDM Policy deployment HOT 4
- Permissions Checker missing 'M365 License Manager' - 'LicenseManager.AccessAsUser' HOT 6
- Failed adding Autopilot Profile [AutoPilot Profile Name] HOT 2
- [Feature Request]: Template Library Prefix sync
- [Feature Request]: how to assign a license to the user HOT 1
- Invalid Date on IDENTITY MANAGEMENT > Administration > Users > Users Sign In Logs HOT 3
- [Feature Request]: Please show Archive size under Reports->Mailbox statistics HOT 2
- [Feature Request]: Allow access options to choose tenants to access for users HOT 1
- [Feature Request]: Intune Template Exclude HOT 2
- [Feature Request]: Set-CalendarProcessing for Rooms HOT 5
- [Feature Request]: View assigment information about Policies HOT 2
- Intune - Add MSP App: ImmyBot HOT 2
- [Feature Request]: Added CA Vacation mode like feature for groups HOT 2
- [Feature Request]: Create default Exchange Retention Policies HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cipp.