Users not part of office distribution lists PowerShell

Copper Contributor

I'm looking to find office365 users whose primary SMTP is our domain.com that are not part of certain office365 distribution lists we have. For example Dist1, Dist2, Dist3, Dist4 and export the results to a csv. I'm hoping someone already created such a script. Any is appreciated. Thank you

13 Replies

@Sam240 I created this one in my test tenant:

 

Script:

 

Connect-ExchangeOnline
$total = @()
$users = Get-Mailbox | Where-Object PrimarySmtpAddress -Match 'M365x537152.OnMicrosoft.com' | where-object PrimarySmtpAddress -NotMatch 'DiscoverySearchMailbox' | Sort-Object UserPrincipalName
$distributiongroups = "Executives", "Sales Team", "Tailspin Toys"
foreach ($distributiongroup in $distributiongroups) {
    $distributiongroupmembers = Get-DistributionGroupMember -Identity $distributiongroup
    foreach ($user in $users) {
        if (-not ($distributiongroupmembers | Select-String $user.name)) {
            $output = [pscustomobject]@{
                "DistributiongroupName"          = $distributiongroup
                "UserName which is not a Member" = $user.UserPrincipalName
            }
            $total += $output
        }
    }
}

$total | Export-Csv -Path c:\temp\distributiongroups.csv -NoTypeInformation -Delimiter ';'

 

 

CSV:

Harm_Veenstra_1-1648894579417.png

 

 

@Harm_Veenstra Thank you so much. I'll test it out and get back to you but this looks like it might do it for me!!!

No problem, let us know if it works out for you!

Did it work for you ?

Please mark my answer as solution to mark it as solved if it worked out for you.
Why the two client side filters in the Get-Mailbox line? Performance wise that looks strange.
Can't we use a server side filter on Get-Mailbox for the two PrimarySmtpAddress elements?

You can use whatever filter you want 😉 I added the discoverymailbox because it was also evaluated, you can leave that out if you want.. Performance wise there was no impact in my test environment, very few users, but in larger environments it could take somewhat longer. But is this something you run once in a while or daily?

 

Shorter version:

Get-Mailbox | Where-Object {$_.PrimarySmtpAddress -Match 'M365x537152.OnMicrosoft.com' -and $_.PrimarySmtpAddress -NotMatch 'DiscoverySearchMailbox'} | Sort-Object UserPrincipalName

@Harm_Veenstra 

 

Can't this all be done server side.

 

Get-Mailbox -Filter {$_.PrimarySmtpAddress -Match 'M365x537152.OnMicrosoft.com' -and $_.PrimarySmtpAddress -NotMatch 'DiscoverySearchMailbox'} |
    Sort-Object UserPrincipalName
Not sure what you mean with server side? You connect Exchange Online and run the commands directory on that...
In your example, you are piping the Get-Mailbox account into Where-Object. This means it has to get all of the mailboxes first and then filter client side. The processing of this is done on the machine running the shell. (Client side).

If you use the -Filter on the Get-Mailbox command, this is then processed server side. Usually improving the performance of the script, particularly if there is a lot of data to filter which there would be in this case as you are looking at all mailboxes.

https://techcommunity.microsoft.com/t5/skype-for-business-blog/filter-vs-where-object/ba-p/618442

https://sid-500.com/2017/06/24/powershell-filtering-objects-vs-where-object/

Ah, yes! You're right! But PrimarySmtpAddress doesn't look like something you can filter regarding Primary address Filterable properties for the RecipientFilter parameter | Microsoft Docs

It's in that list. It doesn't have a LDAP Display Name but it says "string (wildcards accepted)".
The following works in my org. Need to use -eq or -like. (Match is not a supported operator).
Get-Mailbox -Filter {PrimarySmtpAddress -like 'testuser*'}

There are always some attributes\commands where its better or easier to use client side filtering, but I always try\check if it can be done server side where possible.
It also says in the comments column, scroll right on page:

Don't use the PrimarySmtpAddress property; use the EmailAddresses property instead. Any filter that uses the PrimarySmtpAddress property will also search values in the EmailAddresses property. For example, if a mailbox has the primary email address dario@contoso.com, and the additional proxy addresses dario2@contoso.com and dario3@contoso.com, all of the following filters will return that mailbox in the result: "PrimarySmtpAddress -eq 'dario@contoso.com'", "PrimarySmtpAddress -eq 'dario2@contoso.com'", or "PrimarySmtpAddress -eq 'dario3@contoso.com'".

You have to specify email addresses, I was searching for Domains which were set as PrimarySMTPAddress