This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 85%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESH%3C/text%3E%3C/svg%3E)
I have the below script. The script brings back the correct users, from line 9 in the script, but when i go to enable litigationhold, its enabling it for all users, and i want to enable it for only the users that currently do not have lithold enabled.
Any help is greatly appreciated
$pimserviceaccount = "******@mycompany.onmicrosoft.com"
$adminpassword = "01000000d08c9ddf0115d1118c7a00c04fc297eb0100000084b78e199e1c3b478efd799c7aab6a910000000002000000000003660000c0000000100000000d19998b9fdab9ec1f44820c65de76fd0000000004800000a000000010000000dce05d1d250d5882967e46b97ecbd0c218000000ab0ceed45aa0a431a0137017b3479b6a6ea8e9694b41327714000000d1b19a01c628ceffedd753a5e2b53d0cd90fb930"
$secureString = ConvertTo-SecureString -String $adminpassword
$cred = New-Object -TypeName PSCredential -ArgumentList $pimserviceaccount, $secureString
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $cred -Authentication Basic -AllowRedirection
Import-PSSession $Session -DisableNameChecking
#Import-Module msonline
#connect-msolservice -credential $cred
$Lithold = Get-MsolUser -all:$true | Where-Object {($_.licenses).AccountSkuId -match "SPE_E5" -or ($_.licenses).AccountSkuId -match "EXCHANGEARCHIVE_ADDON" -or ($_.licenses).AccountSkuId -match "SPE_F1" -or ($_.licenses).AccountSkuId -match "SPE_F5_SECCOMP"} |select UserPrincipalname
$lithold |ForEach-Object {Get-Mailbox -Identity $_.userprincipalname} | Where-Object {$_.litigationholdenabled -eq $false}
$Lithold |ForEach-Object {set-mailbox -identity $_.userprincipalname -litigationholdenabled:$true}
Answer accepted by question author
Looks to me that line 10 isn't really doing anything. You need to assign the results to a variable that you can then use on line 11.
$LitNotEnabled = $lithold |ForEach-Object {Get-Mailbox -Identity $_.userprincipalname} | Where-Object {$_.litigationholdenabled -eq $false}
$LitNotEnabled |ForEach-Object {set-mailbox -identity $_.userprincipalname -litigationholdenabled:$true}
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 74%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERM%3C/text%3E%3C/svg%3E)
I agree with @MotoX80 .
Try replacing lines 9, 10, and 11 with something like this:
Get-MsolUser -all:$true |
Where-Object {
(
($_.licenses).AccountSkuId -match "SPE_E5" -or
($_.licenses).AccountSkuId -match "EXCHANGEARCHIVE_ADDON" -or
($_.licenses).AccountSkuId -match "SPE_F1" -or
($_.licenses).AccountSkuId -match "SPE_F5_SECCOMP"
) -and
-not $_.litigationholdenabled
} |
Set-Mailbox -identity $_.userprincipalname -litigationholdenabled:$true
Thanks for the help. What you suggested worked.