We help IT Professionals succeed at work.

Script vbs or powershell that can scan all Users in a OU and all child Ou's below the main one and get the names of users who has been delegated

Hi,
Script vbs or powershell that can scan all Users in a OU and all child Ou's below the main one and get the names of users who has been delegated

1. Manage Send as permissions
2. manage Full access permissions.

Regards
Sharath
Comment
Watch Question

Meir RivkinFull stack Software Engineer

Commented:
Manage Send as permissions -> couldn't find this type of delegation

manage Full access permissions u mean "full control"?

Author

Commented:
This is for exchange 2007
Chris DentPowerShell Developer
Top Expert 2010

Commented:

You mean mailbox level delegation, which grants send on behalf, etc?

With Quest's CmdLets:

Get-QADUser -LdapFilter "(publicDelegates=*)"

I'm not sure if Get-Mailbox or Get-User return this, I won't be able to check until tomorrow.

Chris

Author

Commented:
Thanks Chris. How can i limit it for one OU and all Ou's below it
PowerShell Developer
Top Expert 2010
Commented:

Should be like this:

Get-QADUser -SearchRoot "OU=Somewhere,DC=domain,DC=com" -LdapFilter "(publicDelegates=*)"

If you actually want to see the publicDelegates property you'll have to ask for it:

Get-QADUser -SearchRoot "OU=Somewhere,DC=domain,DC=com" -LdapFilter "(publicDelegates=*)" -IncludedProperties "publicDelegates" | Select-Object Name, DN, publicDelegates

Chris

Author

Commented:
Hi Chris
This command
Get-QADUser -SearchRoot "OU=Somewhere,DC=domain,DC=com" -LdapFilter "(publicDelegates=*)" -IncludedProperties "publicDelegates" | Select-Object Name, DN, publicDelegates

How can i get just names to a txt file

username > Delegated name,Delegated name
Chris DentPowerShell Developer
Top Expert 2010

Commented:

This should do it.

Chris
$OFS = ","
Get-QADUser -SearchRoot "OU=Somewhere,DC=domain,DC=com" -LdapFilter "(publicDelegates=*)" `
    -IncludedProperties publicDelegates |
  Select-Object Name, publicDelegates |
  ForEach-Object {
    "$($_.Name) > $($_.publicDelegates | ForEach-Object { (Get-QADUser $_).Name })"
} > "DelegationReport.txt"

Open in new window

Author

Commented:
Thanks a lot Chris