Powershell constrained language mode and ORCA's output folder

[zxcvxzcv-johndoe]

Hello,

It seems that at least ExchangeOnlineManagement's 3.3 version doesn't work with Powershell's Constrained Language mode which gets enabled by Applocker on non-admin accounts for security reasons.

So when I bypass that by running Powershell as Admin, I can load ExchangeOnlineManagement normally and then run ORCA but ORCA outputs the HTML file to "C:\Users\local.admin\AppData\Local\Microsoft\ORCA" folder instead somewhere where my normal account can access to, and when Edge opens the file automatically it naturally says "cannot find the file" etc.

Naturally I can copy/paste from that Run as Admin Powershell session the files to somewhere else but it would be nice if I could choose the output folder somehow.

And also how do the other people use ORCA? I cannot be only one using Applocker and not having local admin rights on my daily account on my machine :)

Also, regarding the instructions to run ORCA, after I connect to ExchangeOnline I had to also run "Connect-IPPSSession" for the "Get-ProtectionAlert" cmdlet to load. I got error in ORCA because of that first time.

Thanks,

[dstreefkerk]

Good suggestion.

I cannot be only one using Applocker and not having local admin rights on my daily account on my machine :)

Take it from someone who used to work in IT and implemented AppLocker at several different organizations, and now works as a cyber security consultant - you're a rare breed.

[cammurray]

Great suggestion, will include it in the 2.9 release.