Create 1 PS script from 2 to accomplish a task

EE User "GusGallows" came up with this script that would grant managers full mailbox access to their Direct Reports:

$users = get-user -resultsize unlimited
foreach ($user in $users)
{
	$manUserDN = $user.DistinguishedName
	$directReports = @($user.DirectReports)
	if ($directReports -ne $Null)
	{
		foreach ($directReport in $directReports)
		{
			$drUserdn = $directReport.DistinguishedName
			Add-MailboxPermission $drUserDN -User $manUserDN -AccessRights:FullAccess
		}
	}
}

Open in new window



The issue I think I'm going to run into is the auto-opening of the direct reports mailboxes in each manager's Outlook since apparently this environment is setup to do so.

There is another script here this is supposed to turn off the auto-mapping of accessible mailboxes:

<#
    .SYNOPSIS
    Adds Mailbox Permissions without Auto-Mapping in Outlook
    .DESCRIPTION
    Performs the same functions as Add-MailboxPermission with the added 
    extra that it does not automatically add the Mailbox to Outlook 2007 
    and 2010. 
    For more help use Get-Help Add-MailboxPermission
    #>
param(
     $Identity,
     [Alias('db')]
     [Switch]
     $Debug,
     [Alias('wv')]
     $WarningVariable,
     [Alias('cf')]
     [Switch]
     $Confirm,
     $Instance,
     $AccessRights,
     [Alias('ea')]
     $ErrorAction,
     [Switch]
     $IgnoreDefaultScope,
     $DomainController,
     [Alias('wi')]
     [Switch]
     $WhatIf,
     [Alias('ob')]
     $OutBuffer,
     [Alias('wa')]
     $WarningAction,
     $Owner,
     $InheritanceType,
     $User,
     [Alias('ov')]
     $OutVariable,
     [Alias('vb')]
     [Switch]
     $Verbose,
     [Switch]
     $Deny,
     [Alias('ev')]
     $ErrorVariable,
     [Switch]
     $AsJob)

if ($DomainController)
{
    # Domain Controller was set. Get the Mailbox we are adding permissions for first so we have it's LDAP DN
    $Mailbox = Get-Mailbox $Identity -DomainController $DomainController
    if (!$Mailbox)
    {
        throw "Could not find Mailbox $($Identity)"
    }
    # Add the permission
    $Result = Add-MailboxPermission @PSBoundParameters
} else {
    # Domain Controller was not set. Get the Mailbox we are adding permissions for first so we have it's LDAP DN and a domain controller name
    $Mailbox = Get-Mailbox $Identity
    if (!$Mailbox)
    {
        throw "Could not find Mailbox $($Identity)"
    }
    # Set the domain controller
    $DomainController = $Mailbox.OriginatingServer
    # Add the permission
    $Result = Add-MailboxPermission @PSBoundParameters -DomainController $DomainController
}    
if ($Result)
{
    # If the mailbox permission was successfully added, remove the auto mapping using ADSI
    $LDAPUser=[ADSI]"LDAP://$($DomainController)/$($Mailbox.DistinguishedName)"
    $LDAPUser.msExchDelegateListLink.Remove(((Get-Mailbox $User).DistinguishedName))
    $LDAPUser.SetInfo()
    # Output the result of Add-MailboxPermission like the normal command would
    $Result
}

Open in new window

source: http://www.stevieg.org/2011/02/disable-exchange-2010-sp1s-auto-shared-mailbox-mapping/


Is there a way to edit and combine these scripts as to create one script that will:
Give all Managers full access to their Direct Reports but also turn off the auto-opening of the Direct Reports mailboxes for them.

We have a developed add-on for Outlook that will allow users to Open a mailbox from the ribbon menu so the auto-opening would be unnecessary...
garryshapeAsked:
Who is Participating?
 
steforCommented:
Based on the provided scripts this should be working.

$users = get-user -resultsize unlimited
foreach ($user in $users)
{
        $manUserDN = $user.DistinguishedName
        $directReports = @($user.DirectReports)
        if ($directReports -ne $Null)
        {
                foreach ($directReport in $directReports)
                {
						$drUserdn = $directReport.DistinguishedName
						Add-MailboxPermission $drUserDN -User $manUserDN -AccessRights:FullAccess
						$Mailbox = Get-Mailbox $drUserDN
						$DomainController = $Mailbox.OriginatingServer
							$LDAPUser=[ADSI]"LDAP://$($DomainController)/$($Mailbox.DistinguishedName)"
							$LDAPUser.msExchDelegateListLink.Remove(((Get-Mailbox $manUserDN).DistinguishedName))
							$LDAPUser.SetInfo()

                }
        }
}

Open in new window

0
 
garryshapeAuthor Commented:
THANK YOU!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.