[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 811
  • Last Modified:

Powershell Exchange Cmdlet Help

I'm trying to run a PowerShell cmdlet that will tell me where a specific user (usera) has any kind of permission directly tied to a mailbox.

I'm trying to run the cmdlet below but it continues to fail. I want to find any mailbox where that user has ANY permission (Full Access, Delete Item, etc) and return it to a csv file.

Anyone know what I'm doing wrong?? Thanks!


[PS] C:\Windows\system32>Get-Mailbox -resultsize Unlimited | Get-MailboxPermission | where {$_.User -like "DOMAIN\usera"} | Export-Csv C:\Admin\usera.csv
0
brendan-amex
Asked:
brendan-amex
  • 2
  • 2
3 Solutions
 
suriyaehnopCommented:
1st when you try the cmdlet:

Get-MailboxPermission name | Format-List

Open in new window


The result will look like this:

AccessRights    : {FullAccess, DeleteItem, ReadPermission, ChangePermission, ChangeOwner
Deny            : False
InheritanceType : All
User            : domain\Enterprise Admins
Identity        : domain.com/User A
IsInherited     : True
IsValid         : True
ObjectState     : Unchanged

Try this:

Get-Mailbox -ResultSize Unlimited | Get-MailboxPermission | where {$_.AccessRights -eq 'FullAccess'} | Format-Table User,Identity >C:\Filename.txt

Open in new window

0
 
brendan-amexAuthor Commented:
I only want it to show me where "usera"  has any kind of permissions on a mailbox, where can I add that in here? Also I want to output it to a CSV, so I assume just changing the txt to csv...
0
 
Premkumar YogeswaranAnalyst II - System AdministratorCommented:
Hi,
Try the below mentioned codes:

 Get-Mailbox -Server "<servername>"  -resultsize "Unlimited" | Get-MailboxPermission | where { ($_.AccessRights -eq "FullAccess") -and ($_.IsInherited -eq $false) -and -not ($_.User -like "NT AUTHORITY\SELF") } | ft @{Name="Identity";expression={($_.Identity -split "/")[-1]}}, User -AutoSize 

Open in new window


Get-Mailbox | Get-MailboxPermission | ?{($_.AccessRight 
s -eq "FullAccess") -and ($_.User -like 'DOMAIN\user') -and ($_.IsInherited -eq $false)} | ft Id* 

Open in new window



Refer:
http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/a9cd79ff-eda6-4527-af25-e50149e2242c/
http://forums.msexchange.org/m_1800520833/mpage_1/key_/tm.htm#1800520833
http://exchangepedia.com/2008/02/how-to-list-mailboxes-with-full-mailbox-access-permission-assigned.html

HTH

Regards,
Prem
0
 
Premkumar YogeswaranAnalyst II - System AdministratorCommented:
0
 
brendan-amexAuthor Commented:
Thanks for your help guys. The command I ended up using is this one:

Get-MailboxPermission -ResultSize Unlimited -Identity * | where {$_.User -like "ACCOUNTS\brendan"} | Format-Table User,Identity >C:\Admin\117.txt
0

Featured Post

Take Control of Web Hosting For Your Clients

As a web developer or IT admin, successfully managing multiple client accounts can be challenging. In this webinar we will look at the tools provided by Media Temple and Plesk to make managing your clients’ hosting easier.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now