79522212

Date: 2025-03-20 07:53:03
Score: 0.5
Natty:
Report link

Here is the scripted solution that I used to implement @Sridevi's answer:

$appname = "YourApplication"

### Connect to Graph (to get the service principal
Connect-MgGraph -ShowBanner:$false
$app = Get-MgServicePrincipal -Filter "displayname eq '$appname'"
Disconnect-MgGraph

### Verify there's exactly one app
$appcount = ($app | measure-object).count
if ($appcount -ne 1) {
   throw("$Found $appcount apps with displayname '$appname', this isn't right.")
}

### Connect to IPPS to set everything
Connect-IPPSSession -ShowBanner:$false

$sp = get-serviceprincipal -Identity $app.appid
if (($sp | Measure-Object).count -eq 0) {
    try {
      $sp = New-ServicePrincipal -AppId $app.appid -ObjectId $app.id -Displayname "$appname - Purge"
    } catch {
      throw("Can't generate service principal")
    }
}

$rolemember = Get-RoleGroupMember -Identity "eDiscoveryManager" | Where-Object { $_.exchangeObjectId -eq $app.id }
if (($rolemember | Measure-Object).count -eq 0) {
    Add-RoleGroupMember -Identity "eDiscoveryManager" -Member $app.id
}

$eadmin = Get-eDiscoveryCaseAdmin | Where-Object { $_.exchangeObjectId -eq $app.id }
if (($eadmin | Measure-Object).count -eq 0) {
    Add-eDiscoveryCaseAdmin -User $app.id
}

Disconnect-ExchangeOnline
Reasons:
  • Long answer (-1):
  • Has code block (-0.5):
  • User mentioned (1): @Sridevi's
  • Self-answer (0.5):
  • Low reputation (0.5):
Posted by: Haruka Shitou