Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Powershell Exchange Cmdlet Help

Posted on 2012-03-15
5
Medium Priority
?
800 Views
Last Modified: 2012-03-19
I'm trying to run a PowerShell cmdlet that will tell me where a specific user (usera) has any kind of permission directly tied to a mailbox.

I'm trying to run the cmdlet below but it continues to fail. I want to find any mailbox where that user has ANY permission (Full Access, Delete Item, etc) and return it to a csv file.

Anyone know what I'm doing wrong?? Thanks!


[PS] C:\Windows\system32>Get-Mailbox -resultsize Unlimited | Get-MailboxPermission | where {$_.User -like "DOMAIN\usera"} | Export-Csv C:\Admin\usera.csv
0
Comment
Question by:brendan-amex
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 19

Accepted Solution

by:
suriyaehnop earned 668 total points
ID: 37727662
1st when you try the cmdlet:

Get-MailboxPermission name | Format-List

Open in new window


The result will look like this:

AccessRights    : {FullAccess, DeleteItem, ReadPermission, ChangePermission, ChangeOwner
Deny            : False
InheritanceType : All
User            : domain\Enterprise Admins
Identity        : domain.com/User A
IsInherited     : True
IsValid         : True
ObjectState     : Unchanged

Try this:

Get-Mailbox -ResultSize Unlimited | Get-MailboxPermission | where {$_.AccessRights -eq 'FullAccess'} | Format-Table User,Identity >C:\Filename.txt

Open in new window

0
 

Author Comment

by:brendan-amex
ID: 37727683
I only want it to show me where "usera"  has any kind of permissions on a mailbox, where can I add that in here? Also I want to output it to a CSV, so I assume just changing the txt to csv...
0
 
LVL 17

Assisted Solution

by:Premkumar Yogeswaran
Premkumar Yogeswaran earned 1332 total points
ID: 37728145
Hi,
Try the below mentioned codes:

 Get-Mailbox -Server "<servername>"  -resultsize "Unlimited" | Get-MailboxPermission | where { ($_.AccessRights -eq "FullAccess") -and ($_.IsInherited -eq $false) -and -not ($_.User -like "NT AUTHORITY\SELF") } | ft @{Name="Identity";expression={($_.Identity -split "/")[-1]}}, User -AutoSize 

Open in new window


Get-Mailbox | Get-MailboxPermission | ?{($_.AccessRight 
s -eq "FullAccess") -and ($_.User -like 'DOMAIN\user') -and ($_.IsInherited -eq $false)} | ft Id* 

Open in new window



Refer:
http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/a9cd79ff-eda6-4527-af25-e50149e2242c/
http://forums.msexchange.org/m_1800520833/mpage_1/key_/tm.htm#1800520833
http://exchangepedia.com/2008/02/how-to-list-mailboxes-with-full-mailbox-access-permission-assigned.html

HTH

Regards,
Prem
0
 
LVL 17

Assisted Solution

by:Premkumar Yogeswaran
Premkumar Yogeswaran earned 1332 total points
ID: 37728152
0
 

Author Closing Comment

by:brendan-amex
ID: 37739552
Thanks for your help guys. The command I ended up using is this one:

Get-MailboxPermission -ResultSize Unlimited -Identity * | where {$_.User -like "ACCOUNTS\brendan"} | Format-Table User,Identity >C:\Admin\117.txt
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question