matt-taylor.tech
← Back to projects

Work · Affinity Group

Microsoft 365 PowerShell Admin Library

PowerShell Microsoft Graph Exchange Online PowerShell SharePoint PnP Entra ID

Internal PowerShell library I wrote at Affinity Group for ongoing Microsoft 365 administration and monthly compliance review. 76 scripts that cover the surface area I care about across identity, security, Defender, Intune, Teams, SharePoint, and audit reporting.

What it covers

  • Licensing: license auditing, license usage trends, unused-license reclamation.
  • Mailboxes: mailbox sizing, external forwarding detection, mailbox database inventory, room mailbox usage.
  • OneDrive / SharePoint: OneDrive usage, SharePoint external sharing, SharePoint site collection inventory, hub-site inventory.
  • Audit: unified audit log search, advanced message trace, journaling/archiving, mail-flow rules.
  • Identity: MFA status, risky sign-in detection, guest user auditing, privileged role assignments, Azure AD app registrations, service principal permissions, hybrid AD Connect.
  • Security: Conditional Access policy inventory, Defender for Endpoint device reporting, Defender attack-simulation inventory, Identity Protection, Microsoft Secure Score, EOP advanced config, Information Protection, Cloud App Security, Azure AD PIM, Azure AD Access Reviews, Azure AD Entitlement Management.
  • Teams: meeting attendance, channel analytics, voice/calling, external access, app permissions, lifecycle, policy inventory.
  • Intune: configuration profiles, MDM reporting, app inventory.
  • Compliance: communication compliance, insider risk, information barriers, Compliance Manager assessments, Viva Insights adoption, M365 usage analytics, M365 group expiration.
  • Other: spam/malware reporting, Power Platform DLP, network connectivity, backup policies, service health incidents, Azure AD B2B collaboration, Azure AD authentication methods.

Engineering conventions

  • Every script is documented for reuse: synopsis, parameters, examples, prerequisites.
  • Parameterized for multi-tenant work where the cmdlets allow.
  • Error handling and structured logging built in, not bolted on.
  • Built on Microsoft Graph PowerShell, Exchange Online PowerShell, and SharePoint PnP modules.

Honest framing

The library is internal. Not open-sourced, not publicly published, not adopted by external contributors. The 76 scripts and the use case (monthly compliance reviews across a real ~1,100-user tenant) are real and strong on their own.