Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Looking to remove the sendas permission for 1000's of users.

Posted on 2011-02-28
6
Medium Priority
?
487 Views
Last Modified: 2012-05-11
We have a user that has the ability to sendas for everyone in our domain (don't ask why).  This user is changing departments and we need to take away her rights to sendas all users.  We prefer not to use the -deny option but rather to remove her access.  Any suggestions on how this can be accomplished through Powershell?

Thanks.
0
Comment
Question by:laverneuniv
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 4

Expert Comment

by:geieea
ID: 35002311
I think this will work:

Get-Mailbox | Remove-ADPermission | where { ($_.ExtendedRights -like “*Send-As*”) -and ($_.IsInherited -eq $false) -and ($_.User -like “JaneDoe”) }
0
 
LVL 8

Expert Comment

by:pmorton23
ID: 35002320
how was the send as rights granted to all users for that one user. the easiest way to give someone send as rights is to allow that at the domain level or the user is in an exchange admin group. either way look at the domain permissions and check all exchange groups. remove user from those groups.
0
 
LVL 4

Expert Comment

by:geieea
ID: 35002352
No, something more like this:

Get-Mailbox | Get-ADPermission | where { ($_.ExtendedRights -like “*Send-As*”) -and ($_.IsInherited -eq $false) -and ($_.User -like “JaneDoe”) } | Select Identity, User, Deny | Export-CSV c:\send-As.csv

Then use the csv to run:

Remove-ADPermission -Identity userfromcsv -User JaneDoe -ExtendedRights "send as"
0
 

Accepted Solution

by:
laverneuniv earned 0 total points
ID: 35041064
We had some problems with your suggestion, but we got it work with this.  Perhaps I did something wrong on your suggestion.

# Add the Active Directory Management and Exchange Cmdlets into Powershell
#Add-PSSnapin Quest.ActiveRoles.ADManagement

$accts = Get-QADUser -SearchRoot "ou=users,ou=,dc=,dc=local" -SizeLimit 0
foreach($user in $accts){
      Remove-ADPermission -Identity $user.name -user "domain\user (the person whose permissions you want to remove" -ExtendedRights "send as" -confirm:$false | Out-Host
      
}
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35331153
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question