Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 804
  • Last Modified:

Powershell Exchange Cmdlet Help

I'm trying to run a PowerShell cmdlet that will tell me where a specific user (usera) has any kind of permission directly tied to a mailbox.

I'm trying to run the cmdlet below but it continues to fail. I want to find any mailbox where that user has ANY permission (Full Access, Delete Item, etc) and return it to a csv file.

Anyone know what I'm doing wrong?? Thanks!


[PS] C:\Windows\system32>Get-Mailbox -resultsize Unlimited | Get-MailboxPermission | where {$_.User -like "DOMAIN\usera"} | Export-Csv C:\Admin\usera.csv
0
brendan-amex
Asked:
brendan-amex
  • 2
  • 2
3 Solutions
 
suriyaehnopCommented:
1st when you try the cmdlet:

Get-MailboxPermission name | Format-List

Open in new window


The result will look like this:

AccessRights    : {FullAccess, DeleteItem, ReadPermission, ChangePermission, ChangeOwner
Deny            : False
InheritanceType : All
User            : domain\Enterprise Admins
Identity        : domain.com/User A
IsInherited     : True
IsValid         : True
ObjectState     : Unchanged

Try this:

Get-Mailbox -ResultSize Unlimited | Get-MailboxPermission | where {$_.AccessRights -eq 'FullAccess'} | Format-Table User,Identity >C:\Filename.txt

Open in new window

0
 
brendan-amexAuthor Commented:
I only want it to show me where "usera"  has any kind of permissions on a mailbox, where can I add that in here? Also I want to output it to a CSV, so I assume just changing the txt to csv...
0
 
Premkumar YogeswaranCommented:
Hi,
Try the below mentioned codes:

 Get-Mailbox -Server "<servername>"  -resultsize "Unlimited" | Get-MailboxPermission | where { ($_.AccessRights -eq "FullAccess") -and ($_.IsInherited -eq $false) -and -not ($_.User -like "NT AUTHORITY\SELF") } | ft @{Name="Identity";expression={($_.Identity -split "/")[-1]}}, User -AutoSize 

Open in new window


Get-Mailbox | Get-MailboxPermission | ?{($_.AccessRight 
s -eq "FullAccess") -and ($_.User -like 'DOMAIN\user') -and ($_.IsInherited -eq $false)} | ft Id* 

Open in new window



Refer:
http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/a9cd79ff-eda6-4527-af25-e50149e2242c/
http://forums.msexchange.org/m_1800520833/mpage_1/key_/tm.htm#1800520833
http://exchangepedia.com/2008/02/how-to-list-mailboxes-with-full-mailbox-access-permission-assigned.html

HTH

Regards,
Prem
0
 
brendan-amexAuthor Commented:
Thanks for your help guys. The command I ended up using is this one:

Get-MailboxPermission -ResultSize Unlimited -Identity * | where {$_.User -like "ACCOUNTS\brendan"} | Format-Table User,Identity >C:\Admin\117.txt
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now