Created
March 9, 2025 20:13
-
-
Save novaksam/1469ec48b1d3ed7d84236d1a38d33a97 to your computer and use it in GitHub Desktop.
Populate O365 impersonation via job title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Connect-ExchangeOnline | |
| $PolicyName = "Office365 AntiPhish Default" | |
| # Get the current policy | |
| $POLICY = Get-AntiPhishPolicy -Identity $PolicyName | |
| #Connect-AzureAd | |
| Connect-mggraph | |
| # Get Azure AD Users with a Job Title | |
| # This will take a long time, as the Get-AzureAdUser cmdlet doesn't really do filtering | |
| #$AzureAdUsers = Get-AzureAdUser -All 1 | where {$_.JobTitle -notlike "" } | |
| $AzureAdUsers = Get-MgUser -All | where {$_.JobTitle -notlike "" } | |
| # Make a list of users based on job title | |
| $ImpersonationUsers = $AzureAdUsers | where {$_.JobTitle -match "Dean" -or $_.JobTitle -match "Manager" -or $_.JobTitle -match "Chief" -or $_.JobTitle -match "Chancellor" -or $_.JobTitle -match "Director" -or $_.JobTitle -like "Dir*"} | sort-object -property SurName | |
| # Create a new impersonated User List | |
| $POLICY.TargetedUsersToProtect.Clear() | |
| foreach ($User in $ImpersonationUsers) { $POLICY.TargetedUsersToProtect.Add("$($User.Surname), $($User.GivenName);$($User.UserPrincipalName)") } | |
| # And set the policy | |
| Set-AntiPhishPolicy -Identity $PolicyName -TargetedUsersToProtect $POLICY.TargetedUsersToProtect |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment