Exchange Powershell - grant full mailbox access and Send As - import csv?

I can't find this one powershell script I found online a while ago, so was checking here to see if anyone has a script similar to what I'm looking for;

I want to be able to grant full mailbox permissions for a few different users to the same few mailboxes.

So for example, I have mailbox 1, mailbox 2, mailbox 3, mailbox 4.
What I'm trying to do is grant John, Bob, Sally, Rick and Jason all full mailbox access and SendAs access to those mailboxes (1 -4).

Would this have to be done by having a 2 column CSV file and what would the script/commands be?

These are the 2 commands I have from another script;

Add-MailboxPermission $mailbox -User $employee -AccessRights:FullAccess -confirm: $false
Add-ADPermission -Identity $mailbox -User $employee -AccessRights ExtendedRight -ExtendedRights "send as"

Open in new window

garryshapeAsked:
Who is Participating?
 
Meir RivkinConnect With a Mentor Full stack Software EngineerCommented:
having csv like:

user, mailbox
john,<johnmailbox>
bob, <bobmailbox>

make sure to have the headers in the csv file (user, mailbox)

the following script will do what u want:
Import-Csv c:\scripts\test.txt | foreach {
Add-MailboxPermission $_.mailbox -User $_.user -AccessRights:FullAccess -confirm: $false
Add-ADPermission -Identity $_.mailbox -User $_.user -AccessRights ExtendedRight -ExtendedRights "send as"
}

Open in new window

0
 
garryshapeAuthor Commented:
Thanks sedgwick, yes that seems to work. Now all I have to do is add usernames instead of manually typing each command.

One other question to complement this code, do you know how I could then add the command to remove the mailbox automapping in this script for the users who were just granted the access?

Something like this?

$Thelist = Import-csv “C:\thelist.csv”
ForEach($theobject in $thelist) {$theMBDN = (Get-Mailbox $theobject.themailbox).distinguishedname;
Add-ADPermission $thembDN -Extendedrights “Send As” -User $theobject.theuser;
Add-MailboxPermission $thembDN -Accessrights “FullAccess” -User $theobject.theuser
}

# Remove the auto-mapping of the new granted mailboxes

$DomainController = $Mailbox.OriginatingServer
$LDAPUser=[ADSI]"LDAP://$($DomainController)/$($TheUser)"
$LDAPUser.msExchDelegateListLink.Remove(((Get-Mailbox $TheMailbox)))
$LDAPUser.SetInfo()

Open in new window

0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
garryshapeAuthor Commented:
or will the -AutoMapping:$false work for the Add-MailboxPermission command?
0
 
garryshapeAuthor Commented:
I'm sorry, I mean this. Would this work?

$Thelist = Import-csv “H:\MailboxAccess.csv”
ForEach($theobject in $thelist) {$theMBDN = (Get-Mailbox $theobject.themailbox).distinguishedname;
Add-ADPermission $thembDN -Extendedrights “Send As” -User $theobject.theuser;
Add-MailboxPermission $thembDN -Accessrights “FullAccess” -User $theobject.theuser 
}

# Remove the auto-mapping of the mailbox from the user's account
$DomainController = $TheMailbox.OriginatingServer
$LDAPUser=[ADSI]"LDAP://$($DomainController)/$($TheMailbox.DistinguishedName)"
$LDAPUser.msExchDelegateListLink.Remove(((Get-Mailbox $TheUser).DistinguishedName))
$LDAPUser.SetInfo()

Open in new window

0
 
Meir RivkinFull stack Software EngineerCommented:
i think u missed something cause my code reads list of users, u don't have to run the script for each one separately.

read my post again, i described how the csv should look like with the headers and stuff.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.