These instructions will guide you on how an email can be purged for all users in the organization if it has been sent accidentally and cannot be recalled.


Windows PowerShell

Copyright (C) Microsoft Corporation. All rights reserved.


PS C:\Windows\system32> install-module -name ExchangeOnlineManagement                                                   

NuGet provider is required to continue

PowerShellGet requires NuGet provider version '2.8.5.201' or newer to interact with NuGet-based repositories. The NuGet

 provider must be available in 'C:\Program Files\PackageManagement\ProviderAssemblies' or

'C:\Users\AdminIT\AppData\Local\PackageManagement\ProviderAssemblies'. You can also install the NuGet provider by

running 'Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force'. Do you want PowerShellGet to install

and import the NuGet provider now?

[Y] Yes  [N] No  [S] Suspend  [?] Help (default is "Y"): y


Untrusted repository

You are installing the modules from an untrusted repository. If you trust this repository, change its

InstallationPolicy value by running the Set-PSRepository cmdlet. Are you sure you want to install the modules from

'PSGallery'?

[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "N"):

WARNING: User declined to install module (ExchangeOnlineManagement).

PS C:\Windows\system32> install-module -name ExchangeOnlineManagement


Untrusted repository

You are installing the modules from an untrusted repository. If you trust this repository, change its

InstallationPolicy value by running the Set-PSRepository cmdlet. Are you sure you want to install the modules from

'PSGallery'?

[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "N"): y

PS C:\Windows\system32> import-module exchangeonlinemanagement

PS C:\Windows\system32> Connect-ExchangeOnline -UserPrincipalName itsupport@ctsl.com.pg


----------------------------------------------------------------------------------------

This V3 EXO PowerShell module contains new REST API backed Exchange Online cmdlets which doesn't require WinRM for Client-Server communication. You can now run these cmdlets after turning off WinRM Basic Auth in your client machine thus making it more secure.


Unlike the EXO* prefixed cmdlets, the cmdlets in this module support full functional parity with the RPS (V1) cmdlets.


V3 cmdlets in the downloaded module are resilient to transient failures, handling retries and throttling errors inherently.


REST backed EOP and SCC cmdlets are also available in the V3 module. Similar to EXO, the cmdlets can be run without WinRM basic auth enabled.


For more information check https://aka.ms/exov3-module

----------------------------------------------------------------------------------------



PS C:\Windows\system32> Connect-IPPSsession -UserPrincipalName itsupport@ctsl.com.pg


----------------------------------------------------------------------------------------

We have made updates to move the SCC admin experience to REST-based APIs. In doing so, we will be deprecating the legacy Remote PowerShell (RPS) protocol starting July 15, 2023.


Benefits of REST-based cmdlets: improved security, WinRM no longer required for client-server communication, improved error handling.


The REST API has the same cmdlets available and feature parity with RPS(V1) cmdlets, so existing scripts and processes don't need to be updated. Simply using the new module will ensure REST is used rather than RPS.


For more information, go to https://aka.ms/exov3-module

----------------------------------------------------------------------------------------


PS C:\Windows\system32> $Search=New-ComplianceSearch -Name "Remove Phishing Message1" -ExchangeLocation All -ContentMatchQuery '(Received:8/13/2024) AND (Subject:"FW: Request for HR to assist with establishing CTSL Toastmasters Corporate Club - refer to email and attachments")'


PS C:\Windows\system32> start-compliancesearch -Identity $search.identity


PS C:\Windows\system32> new-compliancesearchaction -searchname "Remove Phishing Message1" -Purge -PurgeType SoftDelete


Confirm

Are you sure you want to perform this action?

This operation will make message items meeting the criteria of the compliance search "Remove Phishing Message1"

completely inaccessible to users. There is no automatic method to undo the removal of these message items.

[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"):


Name                           SearchName               Action RunBy           JobEndTime Status

----                           ----------               ------ -----           ---------- ------

Remove Phishing Message1_Purge Remove Phishing Message1 Purge  CTSL IT Support            Starting



PS C:\Windows\system32> get-compliancesearchaction


Name                           SearchName               Action RunBy           JobEndTime           Status

----                           ----------               ------ -----           ----------           ------

Remove Phishing Message_Purge  Remove Phishing Message  Purge  CTSL IT Support 2/1/2024 12:49:24 AM Completed

Remove Phishing Message1_Purge Remove Phishing Message1 Purge  CTSL IT Support 8/13/2024 1:41:39 AM Completed



PS C:\Windows\system32> Disconnect-ExchangeOnline


Running this cmdlet will clear the specified REST connections along with the connection for inbuilt cmdlets and all the

 active RPS sessions created using Connect-ExchangeOnline or Connect-IPPSSession.

Press(Y/y/A/a) if you want to continue.

[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"):