Public/Convert-GroupADSyncToCloud.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
function Convert-GroupADSyncToCloud {
    [CmdletBinding()]
    param (
        [Parameter(Mandatory = $true,
            ValueFromPipeline = $true)]
        [psobject[]]
        $GroupObject,

        [Parameter(Mandatory = $true)]
        [string]$ManagedByDefaultUserEmailAddress,

        [Parameter(Mandatory = $true)]
        [string]$ModeratedByDefaultUserEmailAddress,
        
        [switch]$WhatIf
    )

    begin {
        if (-not (Get-PSSession | Where-Object { $_.ConfigurationName -eq 'Microsoft.Exchange' -and $_.ComputerName -eq 'outlook.office365.com' } )) {
            Write-Warning "Please connect to Exchange Online to convert distribution groups from AD synchronized to cloud-only; exiting script"
            Exit
        }
    }

    process {
        foreach ($dgObject in $GroupObject) {

            $ManagedBy = if ($dgObject.Group.ManagedBy -match "Organization Management" -or -not $dgObject.Group.ManagedBy) {
                $ManagedByDefaultUserEmailAddress
            }
            else {
                $dgObject.Group.ManagedBy | Get-Recipient | Select-Object -ExpandProperty PrimarySMTPAddress
            }

            $ModerateBy = if ($dgObject.Group.ManagedBy -match "Organization Management") {
                $ModeratedByDefaultUserEmailAddress
            }
            else {
                $dgObject.Group.ModeratedBy | Get-Recipient | Select-Object -ExpandProperty PrimarySMTPAddress
            }

            $newDGParam = @{
                Name                               = $dgObject.Group.Name
                ModeratedBy                        = $ModerateBy
                RequireSenderAuthenticationEnabled = $dgObject.Group.RequireSenderAuthenticationEnabled
                ModerationEnabled                  = $dgObject.Group.ModerationEnabled
                DisplayName                        = $dgObject.Group.DisplayName
                Alias                              = $dgObject.Group.Alias
                ManagedBy                          = $ManagedBy
                PrimarySmtpAddress                 = $dgObject.Group.PrimarySMTPAddress
                Members                            = ($dgObject.Member.PrimarySMTPAddress | Where-Object { $_.Length -gt 0 })
                SendModerationNotifications        = $dgObject.Group.SendModerationNotifications
                WhatIf                             = $WhatIf
            }
            Write-Verbose -Message "Re-creating distribution group: $($dgObject.Group.Name)"
            $newDG = New-DistributionGroup @newDGParam

            Write-Verbose -Message "Re-adding Email Addresses to distribution group: $($dgObject.Group.Name)"
            $setDGParam = @{
                Identity       = $newDG.Identity
                EmailAddresses = $dgObject.Group.EmailAddresses
                WhatIf         = $WhatIf
            }
            Set-DistributionGroup @setDGParam
        }
    }
    
}