The script has a number of different functions that can be used together or independently. Before using, you will need to fill out the Declarations section with your desired settings. The script leverages encrypted credentials using an AES key. The creation process and encryption of credentials is covered in the notes. As I said, the preservation policies only need to be set once. The versioning and IRM should be checked periodically and reset to the desired state. Hopefully, Microsoft will provide administrators the power to set defaults and restrict owners from editing certain settings. The script will require that you install the
SharePoint Online SDK and
Management Shell. Let me know what you think, and if you find any bugs! In future versions, I plan to move the settings to a configuration file and add some logic for creating the stored credential on the fly. I would also like to expand the settings for application.