-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathConnect-EXOPSSession.ps1
More file actions
68 lines (59 loc) · 2.89 KB
/
Connect-EXOPSSession.ps1
File metadata and controls
68 lines (59 loc) · 2.89 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
<#
.SYNOPSIS
Connect to Exchange Online without the Click2Run
.DESCRIPTION
Connect to Exchange Online without the Click2Run
.PARAMETER UserPrincipalName
UserPrincipalName of the Admin Account
.EXAMPLE
Connect to Exchange Online
Connect-EXOPSSession -UserPrincipalName admin@contoso.com
.NOTES
Ref : https://www.michev.info/Blog/Post/1771/hacking-your-way-around-modern-authentication-and-the-powershell-modules-for-office-365
Only Support User Connection no Application Connect (As Of : 2019-05)
#>
Function Connect-EXOPSSession
{
[Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingConvertToSecureStringWithPlainText", "")]
[cmdletbinding()]
param (
[parameter(Mandatory=$False)]
$UserPrincipalName
)
if([string]::IsNullOrEmpty($UserPrincipalName))
{
$UserPrincipalName = Get-CurrentUPN
}
if([string]::IsNullOrEmpty($UserPrincipalName))
{
Throw "Can't determine User Principal Name, please use the parameter -UserPrincipalName to specify it."
}
else
{
$resourceUri = "https://outlook.office365.com"
$redirectUri = "urn:ietf:wg:oauth:2.0:oob"
$clientid = "a0c73c16-a7e3-4564-9a95-2bdf47383716"
if($Script:UPNEXOHeader){
# Setting DateTime to Universal time to work in all timezones
$DateTime = (Get-Date).ToUniversalTime()
# If the authToken exists checking when it expires
$TokenExpires = ($Script:UPNEXOHeader.ExpiresOn.datetime - $DateTime).Minutes
$UPNMismatch = $UserPrincipalName -ne $Script:UPNEXOHeader.UserID
$AppIDMismatch = $ClientID -ne $Script:UPNEXOHeader.AppID
if($TokenExpires -le 0 -or $UPNMismatch -or $AppIDMismatch){
Write-PSFMessage -Level Host -Message "Authentication need to be refresh" -ForegroundColor Yellow
$Script:UPNEXOHeader = Get-OAuthHeaderUPN -clientId $ClientID -redirectUri $redirectUri -resourceAppIdURI $resourceURI -UserPrincipalName $UserPrincipalName
}
}
# Authentication doesn't exist, calling Get-GraphAuthHeaderBasedOnUPN function
else {
$Script:UPNEXOHeader = Get-OAuthHeaderUPN -clientId $ClientID -redirectUri $redirectUri -resourceAppIdURI $resourceURI -UserPrincipalName $UserPrincipalName
}
$Result = $Script:UPNEXOHeader
$Authorization = $Result.Authorization
$Password = ConvertTo-SecureString -AsPlainText $Authorization -Force
$Ctoken = New-Object System.Management.Automation.PSCredential -ArgumentList $UserPrincipalName, $Password
$EXOSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/PowerShell-LiveId?BasicAuthToOAuthConversion=true -Credential $Ctoken -Authentication Basic -AllowRedirection
Import-Module (Import-PSSession $EXOSession -AllowClobber) -Global -DisableNameChecking
}
}