Exchange Powershell - grant full mailbox access and Send As - import csv?

Posted on 2012-04-10
Medium Priority
Last Modified: 2012-04-18
I can't find this one powershell script I found online a while ago, so was checking here to see if anyone has a script similar to what I'm looking for;

I want to be able to grant full mailbox permissions for a few different users to the same few mailboxes.

So for example, I have mailbox 1, mailbox 2, mailbox 3, mailbox 4.
What I'm trying to do is grant John, Bob, Sally, Rick and Jason all full mailbox access and SendAs access to those mailboxes (1 -4).

Would this have to be done by having a 2 column CSV file and what would the script/commands be?

These are the 2 commands I have from another script;

Add-MailboxPermission $mailbox -User $employee -AccessRights:FullAccess -confirm: $false
Add-ADPermission -Identity $mailbox -User $employee -AccessRights ExtendedRight -ExtendedRights "send as"

Open in new window

Question by:garryshape
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
LVL 42

Accepted Solution

sedgwick earned 2000 total points
ID: 37828086
having csv like:

user, mailbox
bob, <bobmailbox>

make sure to have the headers in the csv file (user, mailbox)

the following script will do what u want:
Import-Csv c:\scripts\test.txt | foreach {
Add-MailboxPermission $_.mailbox -User $_.user -AccessRights:FullAccess -confirm: $false
Add-ADPermission -Identity $_.mailbox -User $_.user -AccessRights ExtendedRight -ExtendedRights "send as"

Open in new window


Author Comment

ID: 37828199
Thanks sedgwick, yes that seems to work. Now all I have to do is add usernames instead of manually typing each command.

One other question to complement this code, do you know how I could then add the command to remove the mailbox automapping in this script for the users who were just granted the access?

Something like this?

$Thelist = Import-csv “C:\thelist.csv”
ForEach($theobject in $thelist) {$theMBDN = (Get-Mailbox $theobject.themailbox).distinguishedname;
Add-ADPermission $thembDN -Extendedrights “Send As” -User $theobject.theuser;
Add-MailboxPermission $thembDN -Accessrights “FullAccess” -User $theobject.theuser

# Remove the auto-mapping of the new granted mailboxes

$DomainController = $Mailbox.OriginatingServer
$LDAPUser.msExchDelegateListLink.Remove(((Get-Mailbox $TheMailbox)))

Open in new window

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.


Author Comment

ID: 37828231
or will the -AutoMapping:$false work for the Add-MailboxPermission command?

Author Comment

ID: 37828286
I'm sorry, I mean this. Would this work?

$Thelist = Import-csv “H:\MailboxAccess.csv”
ForEach($theobject in $thelist) {$theMBDN = (Get-Mailbox $theobject.themailbox).distinguishedname;
Add-ADPermission $thembDN -Extendedrights “Send As” -User $theobject.theuser;
Add-MailboxPermission $thembDN -Accessrights “FullAccess” -User $theobject.theuser 

# Remove the auto-mapping of the mailbox from the user's account
$DomainController = $TheMailbox.OriginatingServer
$LDAPUser.msExchDelegateListLink.Remove(((Get-Mailbox $TheUser).DistinguishedName))

Open in new window

LVL 42

Expert Comment

ID: 37831227
i think u missed something cause my code reads list of users, u don't have to run the script for each one separately.

read my post again, i described how the csv should look like with the headers and stuff.

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
In this fourth video of the Xpdf series, we discuss and demonstrate the PDFinfo utility, which retrieves the contents of a PDF's Info Dictionary, as well as some other information, including the page count. We show how to isolate the page count in a…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question