question

LanceMatthysenCloudEssentials-9304 avatar image
0 Votes"
LanceMatthysenCloudEssentials-9304 asked GlenScales-6756 answered

Delete folder in Exchange Online from all mailboxes

Hi All,



Need your help,



We need to find a way to delete a folder from users' mailboxes in exchange online, we found the following article https://www.alitajran.com/delete-folder-in-exchange-online-from-all-mailboxes/ works great in our test environment, but due to the changes to authentication and basic authentication has been disabled, this script fails as it uses basic authentication, is there anyone who is able to advise on how this script can be changed or provide a solution. or what am I missing as the error is Error: The request failed. The remote server returned an error: (401) Unauthorized. permission is in place.

windows-server-powershelloffice-exchange-online-itprooffice-exchange-server-dev
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

KaelYao-MSFT avatar image
0 Votes"
KaelYao-MSFT answered

Hi @LanceMatthysenCloudEssentials-9304

Since this question is related to Exchange development, I have added the tag "office-exchange-server-dev" to it.
Thanks for your understanding.


I tested the script in my lab and it works fine for me.
Would it be possible to temporarily enable basic auth for this script to work?

You may use this self-service tool to enable it.
If you have Azure Security Defaults enabled, you may need to first disable it.
And if the manage account has MFA enabled, please also disable it.
192497-42.png


If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


42.png (40.9 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

GlenScales-6756 avatar image
1 Vote"
GlenScales-6756 answered

To change that script to use oAuth you just need to change the line

 $service.Credentials = new-object Microsoft.Exchange.WebServices.Data.WebCredentials -ArgumentList (Get-Credential)

to

 $service.Credentials = New-Object Microsoft.Exchange.WebServices.Data.OAuthCredentials($accessToken)

the $accessToken variable needs to contain the oAuth Access Token which you will need some other code to acquire, there are a bunch of different approaches you could take the easiest maybe use the MSAL module from https://www.powershellgallery.com/packages/MSAL.PS/4.37.0.0 and you also need an application registration like https://docs.microsoft.com/en-us/exchange/client-developer/exchange-web-services/how-to-authenticate-an-ews-application-by-using-oauth

then you can do something like this for a Delegate Token

 $token = Get-MsalToken -ClientId yourclientid -Scopes "https://outlook.office365.com/EWS.AccessAsUser.All" -RedirectUri "https://login.microsoftonline.com/common/oauth2/nativeclient"

or for an AppToken

 $clientSecret = (ConvertTo-SecureString yourClientSecret -AsPlainText -Force )
 $token = Get-MsalToken -clientID $clientID -clientSecret $clientSecret -tenantID $tenantID -Scopes "https://outlook.office365.com/.default"

then use

$accessToken = $token.AccessToken




5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.