This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 69%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELM%3C/text%3E%3C/svg%3E)
Hi All,
Need your help,
We need to find a way to delete a folder from users' mailboxes in exchange online, we found the following article https://www.alitajran.com/delete-folder-in-exchange-online-from-all-mailboxes/ works great in our test environment, but due to the changes to authentication and basic authentication has been disabled, this script fails as it uses basic authentication, is there anyone who is able to advise on how this script can be changed or provide a solution. or what am I missing as the error is Error: The request failed. The remote server returned an error: (401) Unauthorized. permission is in place.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 22%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKY%3C/text%3E%3C/svg%3E)
Since this question is related to Exchange development, I have added the tag "office-exchange-server-dev" to it.
Thanks for your understanding.
I tested the script in my lab and it works fine for me.
Would it be possible to temporarily enable basic auth for this script to work?
You may use this self-service tool to enable it.
If you have Azure Security Defaults enabled, you may need to first disable it.
And if the manage account has MFA enabled, please also disable it.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 84%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGS%3C/text%3E%3C/svg%3E)
To change that script to use oAuth you just need to change the line
$service.Credentials = new-object Microsoft.Exchange.WebServices.Data.WebCredentials -ArgumentList (Get-Credential)
to
$service.Credentials = New-Object Microsoft.Exchange.WebServices.Data.OAuthCredentials($accessToken)
the $accessToken variable needs to contain the oAuth Access Token which you will need some other code to acquire, there are a bunch of different approaches you could take the easiest maybe use the MSAL module from https://www.powershellgallery.com/packages/MSAL.PS/4.37.0.0 and you also need an application registration like https://learn.microsoft.com/en-us/exchange/client-developer/exchange-web-services/how-to-authenticate-an-ews-application-by-using-oauth
then you can do something like this for a Delegate Token
$token = Get-MsalToken -ClientId yourclientid -Scopes "https://outlook.office365.com/EWS.AccessAsUser.All" -RedirectUri "https://login.microsoftonline.com/common/oauth2/nativeclient"
or for an AppToken
$clientSecret = (ConvertTo-SecureString yourClientSecret -AsPlainText -Force )
$token = Get-MsalToken -clientID $clientID -clientSecret $clientSecret -tenantID $tenantID -Scopes "https://outlook.office365.com/.default"
then use
$accessToken = $token.AccessToken