Microsoft Office 365 Security Statistics

This template shows status of Office 365 Exchange mailbox security and includes the following Component Monitors:

  • User Mailbox Security - Users that have access to more than 20 mailboxes
  • Users by Retention Policy - Users assigned to retention policies and their respective names
  • User Password Settings - Users based on password expiration settings
  • Last Password Change - Number of users that have password changes more than 90 days ago
  • Administrative Roles - Administrative roles and the number of users assigned to them
  • Mailbox Auditing - Mailboxes that currently have audit enabled
  • Multi-Factor Authentication - Users that have multi-factor authentication enabled\


WMI access to the target server

Check the following article for prerequisites: Connect to Exchange Online Using Remote PowerShell.

Important: The PowerShell script mentioned in the Microsoft article above should be run on the Orion server, not the target node.


  • An Orion account with SAM administrator permissions.
  • An Office 365 account with global administrator privileges.
    • The account must be a member of an Office 365 admin role.
    • The account should be an all-in-one, inclusive account to support the monitoring of all mailboxes.

Use UPN format (username@domain) — not domain\username format to enter credentials. Also, a service account for Exchange Web Services is recommended to avoid authentication issues when passwords are updated.