We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now


Exchange 2007 - How to determine what mailboxes a user has access permissions to

Medium Priority
Last Modified: 2012-05-06
We currently use Exchange 2007 for our email system.  One of the problems we are having is how to determine what other mailboxes a user has access to in Exchange.  I know I can user the get-mailboxpermission command to see what access I have granted to that user but how to I reverse this so I can run a script that will show me the mailboxes that he has given himself access to or better yet other people that have given him proxy access to their mailbox.  

Let me know if there is something I can do.

Watch Question

at the top of my head I cannot think really innovative , however here's a direction

run get-mailbox -server servername | get-mailboxpermission |ft

this will give hyou a tabular form of all the permissions for all the mailboxes on the server, you might need to import it to csv & do some filtering



I ran the command and it produced the result similar to that shown below.    It does not tell me from the command what mailboxes "usera" has access proxy access to.     Also, on a side note how to do expand the "identity" field so I can see the whole name in the filed instead of it cutting off the name at the end liek this "blah.bh/bhUser..."

Identity             User                 AccessRights                                                 IsInherited Deny
--------             ----                 ------------                                                              ----------- ----
blah.bh/bhUser... NT AUTHORITY\SELF    {FullAccess, ReadPermission}        False       False
blah.bh/bhUser... blah\usera     {FullAccess}                                                    False       False
blah.bh/bhUser... blah\userb     {FullAccess}                                                    True        False
pipe the outout to Export-Csv C:\Export.csv file

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Nitin GuptaSolutions & Presales

Refer blog from Amit, it should guide and help you: http://exchangeshare.wordpress.com/2008/09/01/how-to-find-all-mailboxes-with-send-as-permission-assigned/
Nitin Gupta



The URL you sent was good  for showing all users that have "SendAs" but I still have some questions.   I need to have the script modified so I can run it against a single user and determine if he has eitehr FULL, MODIFY or READ access to other users mailboxes.   This is an HR thing that they want me to do but from the script I see there is no way to extract that information.   I tried to send an email to Amit on thsi but have not received a response back.    

Do you have any addtion help you can provide on this.

Thanks for your help.



I went to the web site that you directed me to in an earlier response and did not see what I needed.  However, I emailed the web site owner, Amit and asked him my specific question.  Her came back with the answer I needed.  Thanks Nina for giving me direction.  

Here is what Amit gave me.

Apologies for the late response, I was on vacation.

You can follow couple of below articles to search reverse Full Mailbox Access/Send-As permissions for a user on all mailboxes and similar way other permissions.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.