Monday, July 15, 2024

Microsoft 365 Discovery Report

If you are working with a Microsoft 365 tenant, whether it is for your own or for a client, it is often necessary to obtain a decent report of what is there. You may want to know about all the Mailboxes that are in Exchange Online, Sizing, Delegate information, Licenses, a full listing of Microsoft Teams with members, channel permissions and data sizes, OneDrive sizes/usage, Distribution Lists, Contacts, Guest Accounts and SharePoint sites/data/usage, SharePoint Libraries, Public Folders, Unified Groups, Security Groups, Azure AD Devices, Calendar Permissions and License Information. Lastly it also collects MFA details, showing who has it enforced, who has registered for MFA and the type of authentication (App/Txt/Call) that they selected, the phone number and phone type used, and the last logon date/time. All of the data is bundled up nicely into a very usable Excel file.

The latest version is V5.30, released on 11 March 2024.

Basically, this report gives you an complete breakdown of the workloads in Microsoft 365 and allows you to either plan migrations effectively, or simply have a solid inventory of everything that is there in your tenant.

Getting all that information can involve a load of different scripts and console items to view which is why I have put it all together into a single script. The script runs across the tenant and creates multiple CSV files with all the data, then it compiles everything into a single Excel sheet with multiple tabs, all formatted and looking nice.

It even installs automatically all the PowerShell modules for Microsoft 365 that are required to connect and run everything.

Update as of December 2023, the tool includes the ability to run the Microsoft ORCA report from inside the script. The ORCA Report is the Office 365 Recommended Configuration Analyzer and gives solid information and recommendations for the tenant with regard to mail/inbound/outbound security. An example is here.

An extremely useful report when looking at your own, or a clients, tenant.

It now also adds the ability to use the spreadsheet that is created as a Migration Run Sheet much better than before. The script can add PowerShell code to the Mailbox report that will allow you to copy/paste into the PowerShell ISE to create these items in a target tenant. Supply the target UPN suffix and it will provision the code to create those identities as ANY of these options

  • Mail Contacts
  • Mail Users
  • Mail Users with Exchange GUID and Legacy Exchange DN set – Perfect for MRS matching
  • Mailbox Users – Complete M365 identities ready to be licensed and accept incoming migration data

This is a significate update in the lifecycle of this tool and with these options will aid the migration efforts of many Microsoft 365 Tenant to Tenant scenarios for admins.

Added the additional PowerShell line to populate the Email Alias of the Target Tenants ‘’. Helpful when the tenant does not populate these automatically as it is required for the Cross Tenant Migration.

Included an additional column called ‘Identity’ in the ‘ZZ’ option. This helps greatly when using the output report as a batch run sheet, so you can filter by batch and then copy/paste the Identity field straight into a blank file to be used as a migration import CSV. Watch the latest video here to discover how this is a valuable asset to the tool.

The video below shows a full run through of the new version and what it is capable of

The Output & Tool

Here is an example of the output you can expect. Many columns are included, not just what is shown on the limited space below.

The script checks for all the modules that are required and prompts to install them if they are not present. There is no need to connect to M365 before running as it allows you to enter the credentials and make the connection at runtime./

Everything is run from a simple menu to make it easy to get the output you need.

Required Rights to Run

If you have a Global Admin account then obviously this is going to work great, however the only rights that are actually necessary to run all of the reports in the script are;

  • Global Reader
  • Teams Administrator

Downloading and Running

The script comes in the form of a ZIP file which allows you to extract the .PS1 file on to your machine. It is recommended that it be run from the c:\scripts directory on your local machine. If you want to change the output then the first few lines of the script have the location where you can change this.

When you run the PowerShell or PowerShell ISE window to run the script it is important that you “Run As Administrator” when you start it. This is a requirement of the PowerShell modules that Microsoft 365 uses to connect to the cloud and you will find that they will fail without the local administrator privileges.


To get a 50% discount code for this script, subscribe to my YouTube channel and then drop me an email to and I will send you a coupon code.

All the scripting products, and the CloudOCM system, are available in the store.

Hope you find this useful, please reach out in the comments with any thoughts, comments or improvements you would like to see.

Mark – The Cloud Geezer.

Mark Rochester
Mark Rochester
Mark currently works in the cloud space assisting large companies to migrate from either on premises to the cloud, or cloud to cloud. His experience with Enterprise migrations spans more than 25 years which basically makes him old. However, with all the oldness creeping up he still finds technology massively exciting. Please reach out for a chat anytime you would like. :-)

Related Articles

Migrate Microsoft 365 Mailboxes to Google Workspace

This is not a very common subject to talk about as most of the migrations that get performed are people moving into the Microsoft...

Batches Paused in ‘Needs Approval’ Status

When you are using the native Microsoft tools to migrate from Google Workspace (Gmail) into Microsoft 365 the tool works very well. It does...

Create ‘Dummy Test’ Users in Local Active Directory

The need for this comes along when you are testing things like Azure AD Connect Sync, or an AD to AD migration. Maybe an...

Stay Connected

- Advertisement -

Latest Articles