I saw today someone posting a script that allow you to find Inbox Rules that have forward rules setup in Microsoft Office 365. This is actually pretty common scenario and some people do this without proper approval of management or even against organization policies.ย Below you can find my version of it. If you want to see original you can find it at GitHub.ย Below script includes couple of steps:
Clear-Host
Import-Module PSWriteExcel
Import-Module PSSharedGoods
$Configuration = @{
Tenant = @{
UserName = 'przemyslaw.klys@domain.com'
Password = 'C:\Support\GitHub\Ignore\MySecurePassword.txt'
PasswordSecure = $true
PasswordFromFile = $true
ConnectionURI = 'https://outlook.office365.com/powershell-liveid/'
Authentication = 'Basic'
SessionAzure = 'SessionAzure'
SessionAzureAD = 'SessionAzureAD'
SessionExchange = 'SessionExchange'
}
Steps = @{
ConnectTenant = @{
Azure = $false
AzureAD = $false
ExchangeOnline = $true
}
FindInboxRules = $true
}
OutputFile = "$Env:USERPROFILE\Desktop\myReport.xlsx"
}
if ($Configuration.Steps.ConnectTenant.Azure) {
$SessionAzure = Connect-WinAzure -SessionName $Configuration.Tenant.SessionAzure -Username $Configuration.Tenant.UserName -Password $Configuration.Tenant.Password -AsSecure:$Configuration.Tenant.PasswordSecure -FromFile:$Configuration.Tenant.PasswordFromFile
}
if ($Configuration.Steps.ConnectTenant.AzureAD) {
$SessionAzureAD = Connect-WinAzureAD -SessionName $Configuration.Tenant.SessionAzureAD -Username $Configuration.Tenant.UserName -Password $Configuration.Tenant.Password -AsSecure:$Configuration.Tenant.PasswordSecure -FromFile:$Configuration.Tenant.PasswordFromFile
}
if ($Configuration.Steps.ConnectTenant.ExchangeOnline) {
$Session = Connect-WinExchange -SessionName $Configuration.Tenant.SessionExchange -Username $Configuration.Tenant.UserName -Password $Configuration.Tenant.Password -AsSecure:$Configuration.Tenant.PasswordSecure -FromFile:$Configuration.Tenant.PasswordFromFile -ConnectionURI $Configuration.Tenant.ConnectionURI -Authentication $Configuration.Tenant.Authentication
Import-PSSession $Session -AllowClobber
}
if ($Configuration.Steps.FindInboxRules) {
$Mailboxes = get-mailbox -RecipientTypeDetails UserMailbox -ResultSize Unlimited | Select-Object UserPrincipalName, PrimarySMTPAddress, SamAccountName, DisplayName, Name, Identity
$InboxRules = @()
$i = 1
foreach ($Mailbox in $Mailboxes) {
Write-Color -Text "$($i) of $($totalMailbox)", ' | ', "$($mailbox.UserPrincipalname)", ' | ' -Color Yellow, White, Blue, White
$InboxRules += Get-InboxRule -Mailbox $mailbox.UserPrincipalName | Select-Object *
$i++
}
$InboxRulesForwarding = @()
foreach ($Mailbox in $Mailboxes) {
$UserRules = $InboxRules | Where-Object { ($Mailbox.Identity -eq $_.MailboxOwnerID) -and (($_.ForwardTo -ne $null) -or ($_.ForwardAsAttachmentTo -ne $null) -or ($_.RedirectsTo -ne $null)) }
foreach ($Rule in $UserRules) {
$InboxRulesForwarding += [pscustomobject] @{
UserPrincipalName = $Mailbox.UserPrincipalName
DisplayName = $Mailbox.DisplayName
RuleName = $Rule.Name
Description = $Rule.Description
Enabled = $Rule.Enabled
Priority = $Rule.Priority
ForwardTo = $Rule.ForwardTo
ForwardAsAttachmentTo = $Rule.ForwardAsAttachmentTo
RedirectTo = $Rule.RedirectTo
DeleteMessage = $Rule.DeleteMessage
}
}
}
$Mailboxes | ConvertTo-Excel -FilePath $Configuration.OutputFile -ExcelWorkSheetName 'All Mailboxes' -AutoFilter -AutoFit
$InboxRules | Select-Object * -ExcludeProperty PSComputerName, RunspaceID, PSShowComputerName, PSComputerName, IsValid, ObjectState | ConvertTo-Excel -FilePath $Configuration.OutputFile -ExcelWorkSheetName 'Inbox Rules' -AutoFilter -AutoFit
$InboxRulesForwarding | ConvertTo-Excel -FilePath $Configuration.OutputFile -ExcelWorkSheetName 'Inbox Rules with Forwarding' -AutoFilter -AutoFit
}
Below are 3 modules that I use to Connect to Office 365,ย to export to Microsoft Excel, and finally to use colorful output. You still will need standard modules required to connect to Office 365 becauseย PSSharedGoods provides just a wrapper that allow easy connection setup. While you could skip those (and the script that is linked above doesn't require it) I've wrote some simple wrappers that allow me to manage things in easy way, and the way I want it.
Install-Module PSSharedGoods Install-Module PSWriteExcel Install-Module PSWriteColor
This post was last modified on June 9, 2025 10:12
Ever wondered how to run network diagnostics like Ping, Traceroute, or DNS queries from probes…
Are you tired of manually running network diagnostics like Ping, Traceroute, or DNS queries? The…
Discover new features in the PSWriteHTML PowerShell module โ including New-HTMLInfoCard, improved layout controls with…
Security Identifier (SID) History is a useful mechanism in Active Directory (AD) migrations. It allows…
Today, I made the decision to upgrade my test environment and update the version of…
Have you ever looked at your Active Directory and wondered, "Why do I still have…