Category: Jet Toolbox2

To provision a Windows 10 virtual machine in Azure, assign it a public IP address, and successfully connect to it via Remote Desktop Protocol (RDP).

Step-by-Step Process:

1. Azure Login and Subscription Setup

Connect-AzAccount
Set-AzContext -SubscriptionId "<your-subscription-id>"

2. Create Resource Group

New-AzResourceGroup -Name "MyTestRG" -Location "westus"

3. Create Virtual Network and Subnet

$subnetConfig = New-AzVirtualNetworkSubnetConfig -Name "MySubnet" -AddressPrefix "10.0.1.0/24"
$vnet = New-AzVirtualNetwork -Name "MyVNet" -ResourceGroupName "MyTestRG" -Location "westus" -AddressPrefix "10.0.0.0/16" -Subnet $subnetConfig

4. Create Network Security Group with RDP Access

$rdpRule = New-AzNetworkSecurityRuleConfig -Name "Allow-RDP" -Protocol "Tcp" -Direction "Inbound" -Priority 1000 -SourceAddressPrefix "*" -SourcePortRange "*" -DestinationAddressPrefix "*" -DestinationPortRange 3389 -Access "Allow"
$nsg = New-AzNetworkSecurityGroup -Name "MyNSG" -ResourceGroupName "MyTestRG" -Location "westus" -SecurityRules $rdpRule

5. Create Network Interface (NIC)

$subnet = Get-AzVirtualNetworkSubnetConfig -Name "MySubnet" -VirtualNetwork $vnet
$nic = New-AzNetworkInterface -Name "MyNIC" -ResourceGroupName "MyTestRG" -Location "westus" -SubnetId $subnet.Id -NetworkSecurityGroupId $nsg.Id

6. Enter Credentials

$cred = Get-Credential  # Use a username like: azureadmin and a strong password

7. Configure the Windows 10 VM

$vmConfig = New-AzVMConfig -VMName "MyVM" -VMSize "Standard_B1s"
$vmConfig = Set-AzVMOperatingSystem -VM $vmConfig -Windows -ComputerName "MyVM" -Credential $cred
$vmConfig = Set-AzVMSourceImage -VM $vmConfig -PublisherName "MicrosoftWindowsDesktop" -Offer "Windows-10" -Skus "win10-22h2-pro" -Version "latest"
$vmConfig = Add-AzVMNetworkInterface -VM $vmConfig -Id $nic.Id

8. Deploy the Virtual Machine

New-AzVM -ResourceGroupName "MyTestRG" -Location "westus" -VM $vmConfig

9. Create and Attach a Public IP Address

$publicIp = New-AzPublicIpAddress -Name "MyPublicIP" -ResourceGroupName "MyTestRG" -Location "westus" -AllocationMethod Static -Sku Basic
$nic = Get-AzNetworkInterface -Name "MyNIC" -ResourceGroupName "MyTestRG"
$nic.IpConfigurations[0].PublicIpAddress = $publicIp
Set-AzNetworkInterface -NetworkInterface $nic

10. Reset VM Admin Credentials (if needed)

Set-AzVMExtension -ResourceGroupName "MyTestRG" -Location "westus" -VMName "MyVM" -Name "ResetAccess" -Publisher "Microsoft.Compute" -ExtensionType "VMAccessAgent" -TypeHandlerVersion "2.4" -Settings @{ "UserName" = "azureadmin" } -ProtectedSettings @{ "Password" = "YourNewP@ssw0rd!" }

---

Final Step: Connect via Remote Desktop

1. Launch Remote Desktop (RDP)
2. Enter the Public IP of your VM
3. Click “More choices” > “Use a different account”
4. Login as:
   • Username: azureadmin
   • Password: the one you specified
5. Accept certificate prompt

You’re now connected! ✅

Clean Up: Delete Azure VM and Resources to Avoid Charges

When you’re done testing, it’s important to clean up to avoid being billed for unused resources like disks, NICs, static IPs, and NSGs. You can do that with one simple PowerShell command:

# Clean up everything in one shot
Remove-AzResourceGroup -Name "MyTestRG" -Force -AsJob

This command deletes:

• The Virtual Machine (MyVM)
• Network Interface (MyNIC)
• Network Security Group (MyNSG)
• Virtual Network (MyVNet) and Subnet (MySubnet)
• Public IP (MyPublicIP)
• Managed Disks and any attached resources

📎 View on GitHub

© 2012–2025 Jet Mariano. All rights reserved.
For usage terms, please see the Legal Disclaimer.

This script uses eseutil to perform offline defragmentation and compaction of Exchange mailbox databases, helping reclaim unused space and improve performance.

# Dismount database
Dismount-Database -Identity "Mailbox Database 001"

# Defrag the database (adjust path as needed)
eseutil /d "E:\ExchangeDB\Mailbox Database 001.edb" /t"E:\Temp\DBDefrag.edb"

# Mount database back
Mount-Database -Identity "Mailbox Database 001"

This script must be run during off-hours. Always take a full backup before running offline defrag.

🔗 View on GitHub

© 2012–2025 Jet Mariano. All rights reserved.
For usage terms, please see the Legal Disclaimer.

This script adds members to an existing Distribution Group and grants them appropriate permissions on a related shared mailbox (like “Send As” and “Full Access”). Useful when a team manages both a DL and its mailbox.

# Add members to Distribution Group
$members = @("[email protected]", "[email protected]", "[email protected]")
foreach ($m in $members) {
    Add-DistributionGroupMember -Identity "Sales Team" -Member $m
}

# Assign Send As & Full Access to all DG members (loop through)
foreach ($m in $members) {
    Add-MailboxPermission -Identity "[email protected]" -User $m -AccessRights FullAccess -InheritanceType All
    Add-ADPermission -Identity "Sales Team" -User $m -ExtendedRights "Send As"
}

Great for use in tightly aligned teams with shared inbox responsibility.

🔗 View on GitHub

© 2012–2025 Jet Mariano. All rights reserved.

For usage terms, please see the Legal Disclaimer.

This script creates a Marketing shared mailbox and assigns three permission tiers: 10 users with read-only, 10 with “Send As,” and one owner with full access. Great for controlled collaboration environments.

# Create Shared Mailbox
New-Mailbox -Name "Marketing Shared" -Shared -PrimarySmtpAddress "[email protected]"

# Assign Read-Only Access (View Only - use mailbox folder permissions)
$readUsers = @("[email protected]", "[email protected]", "[email protected]")
foreach ($user in $readUsers) {
    Add-MailboxFolderPermission -Identity "[email protected]:\Inbox" -User $user -AccessRights Reviewer
}

# Assign Send As permissions
$sendAsUsers = @("[email protected]", "[email protected]", "[email protected]")
foreach ($user in $sendAsUsers) {
    Add-ADPermission -Identity "Marketing Shared" -User $user -ExtendedRights "Send As"
}

# Assign Full Access to Owner
Add-MailboxPermission -Identity "[email protected]" -User "[email protected]" -AccessRights FullAccess -InheritanceType All

Run this after connecting to Exchange Online. Mailbox folder permissions are used for read-only access.

🔗 View on GitHub

© 2012–2025 Jet Mariano. All rights reserved.

For usage terms, please see the Legal Disclaimer.

Welcome!
This utility helps system administrators quickly clear cache, cookies, history, and temp files from both Chrome and Edge using PowerShell—ideal for troubleshooting browser issues or prepping a machine for user handoff.

Description:
This script uses file system paths and environment variables to remove temporary internet files, browsing history, and cached data from both Microsoft Edge and Google Chrome. It is especially useful in enterprise environments for periodic cleanup or pre-deployment routines.

# Clear Chrome browser data
$chromePaths = @(
    "$env:LOCALAPPDATA\Google\Chrome\User Data\Default\Cache",
    "$env:LOCALAPPDATA\Google\Chrome\User Data\Default\Code Cache",
    "$env:LOCALAPPDATA\Google\Chrome\User Data\Default\Cookies",
    "$env:LOCALAPPDATA\Google\Chrome\User Data\Default\History",
    "$env:LOCALAPPDATA\Google\Chrome\User Data\Default\Temp"
)
foreach ($path in $chromePaths) {
    if (Test-Path $path) {
        Remove-Item $path -Recurse -Force -ErrorAction SilentlyContinue
    }
}

# Clear Edge browser data
$edgePaths = @(
    "$env:LOCALAPPDATA\Microsoft\Edge\User Data\Default\Cache",
    "$env:LOCALAPPDATA\Microsoft\Edge\User Data\Default\Code Cache",
    "$env:LOCALAPPDATA\Microsoft\Edge\User Data\Default\Cookies",
    "$env:LOCALAPPDATA\Microsoft\Edge\User Data\Default\History",
    "$env:LOCALAPPDATA\Microsoft\Edge\User Data\Default\Temp"
)
foreach ($path in $edgePaths) {
    if (Test-Path $path) {
        Remove-Item $path -Recurse -Force -ErrorAction SilentlyContinue
    }
}

Notes:

• Best run with administrative privileges.
• Does not remove saved passwords or extensions.
• Can be scheduled via Task Scheduler for weekly cleanup.

🔗 View on GitHub

© 2012–2025 Jet Mariano. All rights reserved.

For usage terms, please see the Legal Disclaimer.

Welcome:
This PowerShell module automates the creation of a Distribution Group and assigns shared mailbox permissions in one go. Built for environments like Pimco and Monster where access precision and scale are critical.

Description:
Create a Distribution Group with over 20 members, nest a shared mailbox and another DL, and assign permissions like “Send As” and “Full Access” as needed.

# Create Distribution Group
New-DistributionGroup -Name "LegalTeamDG" -PrimarySmtpAddress [email protected] -OrganizationalUnit "OU=Groups,DC=domain,DC=com"

# Add users
$users = @("[email protected]", "[email protected]", ..., "[email protected]")
foreach ($user in $users) {
    Add-DistributionGroupMember -Identity "LegalTeamDG" -Member $user
}

# Nest a Shared Mailbox and DL
Add-DistributionGroupMember -Identity "LegalTeamDG" -Member "[email protected]"
Add-DistributionGroupMember -Identity "LegalTeamDG" -Member "[email protected]"

# Assign Send As and Full Access
Add-RecipientPermission -Identity "[email protected]" -Trustee "LegalTeamDG" -AccessRights SendAs -Confirm:$false
Add-MailboxPermission -Identity "[email protected]" -User "LegalTeamDG" -AccessRights FullAccess -InheritanceType All

Replace placeholder values with actual names and domains.

Requires Exchange Online PowerShell module.

Add DLs with caution—permissions are inherited recursively.

🔗 View on GitHub

© 2012–2025 Jet Mariano. All rights reserved.

For usage terms, please see the Legal Disclaimer.

Description:
This script automates the creation of Dynamic Distribution Groups based on user attributes (e.g., department, title, or office) and applies filters to populate the group membership dynamically.

# Connect to Exchange Online (Modern Auth)
Connect-ExchangeOnline -UserPrincipalName [email protected]

# Define variables
$DLName = "DL-SLC-IT"
$RecipientFilter = "(Department -eq 'IT') -and (Office -eq 'Salt Lake City')"

# Create the Dynamic Distribution Group
New-DynamicDistributionGroup -Name $DLName -RecipientFilter $RecipientFilter

# Confirm creation
Get-DynamicDistributionGroup -Identity $DLName | Format-List Name,RecipientFilter

• Customize $DLName and $RecipientFilter as needed for your organization.
• This script assumes you have Exchange Online PowerShell V2 module installed.
• Optional: Add -PrimarySmtpAddress or -DisplayName if you want a specific email format.

Dynamic DL Generator

Easily generate dynamic distribution lists in Exchange Online using custom filters and automated membership rules. Ideal for modern, policy-based email groups.

🔗 View on GitHub

© 2012–2025 Jet Mariano. All rights reserved.

For usage terms, please see the Legal Disclaimer.

Shine a light on your Microsoft 365 usage.
This tool provides a snapshot of license assignments and group memberships—perfect for cleanup, budgeting, and security reviews.

Description:
Quickly audit Microsoft 365 user licenses and group memberships to spot inconsistencies and optimize provisioning.

# Connect to Microsoft Graph
Connect-MgGraph -Scopes "User.Read.All", "Directory.Read.All"

# Get all licensed users
$users = Get-MgUser -All | Where-Object { $_.AssignedLicenses }

foreach ($user in $users) {
    $groups = Get-MgUserMemberOf -UserId $user.Id
    [PSCustomObject]@{
        DisplayName   = $user.DisplayName
        UserPrincipal = $user.UserPrincipalName
        Licenses      = ($user.AssignedLicenses | ForEach-Object { $_.SkuId }) -join ', '
        Groups        = ($groups | Where-Object { $_.'@odata.type' -eq '#microsoft.graph.group' } | ForEach-Object { $_.DisplayName }) -join ', '
    }
}

Requires Microsoft Graph PowerShell SDK.

Replace SkuId with readable license names by mapping GUIDs if needed.

Ideal for license audits and ensuring users belong to correct security or M365 groups.

🔗 View on GitHub

© 2012–2025 Jet Mariano. All rights reserved.

For usage terms, please see the Legal Disclaimer.

Instantly audit who has access to what.
This report gives you a clear view of shared mailbox permissions across your tenant—crucial for security, compliance, and peace of mind.

Description:
Generate a report listing all users with Full Access to shared mailboxes. Perfect for security audits and handoff reviews.

# Connect to Exchange Online
Connect-ExchangeOnline -UserPrincipalName [email protected]

# Get all shared mailboxes and their access permissions
$sharedMailboxes = Get-Mailbox -RecipientTypeDetails SharedMailbox -ResultSize Unlimited

foreach ($mbx in $sharedMailboxes) {
    Get-MailboxPermission -Identity $mbx.Alias |
    Where-Object { $_.AccessRights -like "*FullAccess*" -and $_.User -notlike "NT AUTHORITY*" } |
    Select-Object @{Name="SharedMailbox";Expression={$mbx.DisplayName}},
                  @{Name="User";Expression={$_.User}},
                  AccessRights
}

Filters out system accounts like NT AUTHORITY\SYSTEM.

Modify the AccessRights filter if you need SendAs or SendOnBehalf reporting.

Great for auditing or onboarding/offboarding reviews.

Shared Mailbox Access Report

Generate a detailed report showing who has access to each shared mailbox in Exchange Online. Essential for security reviews and access audits.

🔗 View on GitHub

© 2012–2025 Jet Mariano. All rights reserved.

For usage terms, please see the Legal Disclaimer.

Seamlessly migrate mailboxes between servers or tenants with minimal downtime.
This tool automates batch migrations, preserves permissions, and logs progress — built for smooth transitions in hybrid and cloud environments.

Description:
Migrate batches of mailboxes to Exchange Online with minimal effort. Ideal for hybrid setups or post-merger transitions.

# Connect to Exchange Online and Exchange On-Prem
Connect-ExchangeOnline -UserPrincipalName [email protected]
$Session = New-PSSession -ConfigurationName Microsoft.Exchange `
  -ConnectionUri http://onprem.exchange.local/PowerShell/ `
  -Authentication Kerberos
Import-PSSession $Session -DisableNameChecking

# Create Migration Batch
New-MigrationBatch -Name "Marketing_Migration" `
  -CSVData ([System.IO.File]::ReadAllBytes("C:\Scripts\marketing.csv")) `
  -TargetDeliveryDomain "domain.mail.onmicrosoft.com" `
  -AutoStart -AutoComplete

EmailAddress
[email protected]
[email protected]
[email protected]

• Make sure your on-prem Exchange supports remote PowerShell.
• Run Complete-MigrationBatch if -AutoComplete is not used.
• This utility supports staged, cutover, or remote migrations.

Mailbox Migration Utility

Automate mailbox migrations from on-prem to Exchange Online with detailed logging and status checks. A time-saving tool for hybrid environments.

🔗 View on GitHub

© 2012–2025 Jet Mariano. All rights reserved.

For usage terms, please see the Legal Disclaimer.

Schedule and manage auto-replies for multiple users at once — perfect for company-wide holidays or department leaves.
This PowerShell tool updates internal and external messages in bulk, saving time and reducing manual errors.

Description:
Schedule automatic out-of-office replies for multiple users in one go. Useful for holidays, company events, or terminations.

# Connect to Exchange Online
Connect-ExchangeOnline -UserPrincipalName [email protected]

# Import CSV of users with their messages and date range
$Users = Import-Csv "C:\Scripts\outofoffice.csv"

foreach ($user in $Users) {
    Set-MailboxAutoReplyConfiguration -Identity $user.UserPrincipalName `
        -AutoReplyState Scheduled `
        -StartTime $user.StartTime `
        -EndTime $user.EndTime `
        -InternalMessage $user.InternalMessage `
        -ExternalMessage $user.ExternalMessage
}

UserPrincipalName,StartTime,EndTime,InternalMessage,ExternalMessage
[email protected],5/6/2025 08:00,5/10/2025 17:00,"I'm out of the office.","Thank you for reaching out. I’ll respond after my return."

Make sure date/time format matches your system locale.

You can adjust messages per user or use static content.

Useful for managing departments, terminated accounts, or planned leaves.

Bulk Out of Office Scheduler
🔗 View on GitHub

© 2012–2025 Jet Mariano. All rights reserved.

For usage terms, please see the Legal Disclaimer.