Solved

HTA or Powershell - Delivery option (send on behalf) and full mailbox access to generic mailbox

Posted on 2014-04-14
20
570 Views
Last Modified: 2014-06-20
Hi Team,

seeking for your help in script HTA or PowerShell..
Looking for an script to grant genric mailbox access.

Scenario:
User should given access to the delivery option (send on behalf) and full mailbox access to generic mailbox.

Is it possible to have this done in  HTA or PowerShell?

Here input will be
Generic account's email address
User's samaccountname

Input should prompt.

Exchange 2007

Thanks in advance,
Prem
0
Comment
Question by:Premkumar Yogeswaran
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 4
  • 3
  • +1
20 Comments
 
LVL 19

Expert Comment

by:Raheman M. Abdul
ID: 40000217
Try this  (untested)
set-mailbox "genericMailboxName" -GrantSendOnBehalfTo "username"
Add-mailboxpermission -identity genericMailboxName -user username -accessright Fullaccess

For details: refer: http://technet.microsoft.com/en-us/library/a9aacbf5-5e6c-47ef-95d6-e24547e95d01.aspx
0
 
LVL 17

Author Comment

by:Premkumar Yogeswaran
ID: 40001254
Hi Raheman,

Thanks for your reply, am looking for the powershell script which will prompt for input
or HTA script which will be easy for input in GUI..
0
 
LVL 19

Expert Comment

by:Raheman M. Abdul
ID: 40002322
$genericMailboxName=Read-host "Enter Generic Mailbox name: "
$username = Read-host "Enter username: "
set-mailbox $genericMailboxName -GrantSendOnBehalfTo $username
Add-mailboxpermission -identity $genericMailboxName -user $username -accessright Fullaccess
0
PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

 
LVL 17

Author Comment

by:Premkumar Yogeswaran
ID: 40003664
I have almost created a script to achieve my requirement.
Looking for some modification in this script to store the output in a location and it should append on every execution

Output example:
Date
Generic Mailbox name
Access to User
Success or Failure
Or the error message occured


Also , kindly let me know do you find any issue in the below script or something could be modified for better execution?

Thanks,
Prem

# Mailbox Access

PARAM(
[string] $Gemail = $(Read-Host -Prompt 'Generic Mailbox Email'),
[string] $UserID = $(Read-Host -Prompt 'User SamID')
)

$Genricmail = $Gemail
$UsersamID = $UserID

$genricDN = (get-mailbox $Genricmail).distinguishedname
$genricsamID = (get-mailbox $Genricmail).samaccountname

#Mailbox access permission
Function MBAccess {
Param($mailboxaccess)

 try
        {
            #Check if user already exists
            $FilterStrng = "samAccountName -like `"" + $genricsamID + "`""
            $user = Get-ADUser -Filter $FilterStrng
          
        #If Genric mailbox exist, proceed with access permission
        if ($user -ne $null)
        {
                write-host "user" $UsersamID "Has been granted access to Genric Mailbox" $Genricmail -ForegroundColor Green
              
                #Grant send on behalf and Full mailbox permission to Genric mailbox
		set-mailbox $Genricmail -GrantSendOnBehalfTo $usersamID
		Add-mailboxpermission -identity $genericDN -user $UsersamID -accessright Fullaccess 
         
        }
        else
            {
                write-host "Generic mailbox" $Genricmail "does not exist, please check" -ForegroundColor Red
            }
	}
        catch
        {
            	write-host "There was a problem in providing the access permission to Generic mailbox "-" $_ -ForegroundColor red
        }
    }
        if ($Genricmail -like '*') 
        {
            #Call the function to grant mailbox access
            MBAccess
        }
         
}

Open in new window

0
 
LVL 17

Author Comment

by:Premkumar Yogeswaran
ID: 40008448
Dear PowerShell experts,

Kindly help me to modify with my script with below requirement

I have almost created a script to achieve my requirement.
Looking for some modification in this script to store the output in a location and it should append on every execution

Output example:
Date
Generic Mailbox name
Access to User
Success or Failure
Or the error message occured

Thanks,
Prem
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 40008891
For writing text to a file, just use "Some text" | Out-File C:\PathTo\File.txt -Append. You might want to write another function managing both output to the screen and the file, to make it much easier; but keep in mind you cannot use colours in files (of course).
0
 
LVL 16

Assisted Solution

by:Enphyniti
Enphyniti earned 200 total points
ID: 40009063
Try this:

# Mailbox Access

$logFile = "X:\path\to\log.txt

PARAM(
[string] $Gemail = $(Read-Host -Prompt 'Generic Mailbox Email'),
[string] $UserID = $(Read-Host -Prompt 'User SamID')
)

$Genricmail = $Gemail
$UsersamID = $UserID

$genricDN = (get-mailbox $Genricmail).distinguishedname
$genricsamID = (get-mailbox $Genricmail).samaccountname

#Mailbox access permission
Function MBAccess {
Param($mailboxaccess)

 try
        {
            #Check if user already exists
            $FilterStrng = "samAccountName -like `"" + $genricsamID + "`""
            $user = Get-ADUser -Filter $FilterStrng
          
        #If Genric mailbox exist, proceed with access permission
        if ($user -ne $null)
        {
                write-host "user" $UsersamID "Has been granted access to Genric Mailbox" $Genricmail -ForegroundColor Green
                write "user" $UsersamID "was granted access to Generic Mailbox" $GenricMail | out-file -append $logfile
              
                #Grant send on behalf and Full mailbox permission to Genric mailbox
		set-mailbox $Genricmail -GrantSendOnBehalfTo $usersamID
		Add-mailboxpermission -identity $genericDN -user $UsersamID -accessright Fullaccess 
         
        }
        else
            {
                write-host "Generic mailbox" $Genricmail "does not exist, please check" -ForegroundColor Red
                write "Attempt to grant" $UsersamID "access to" $GenricMail "failed" | out-file -append $logfile
            }
	}
        catch
        {
            	write-host "There was a problem in providing the access permission to Generic mailbox "-" $_ -ForegroundColor red
            	write "There was a problem in providing the access permission to Generic mailbox "-" $_ | out-file -append $logfile
        }
    }
        if ($Genricmail -like '*') 
        {
            #Call the function to grant mailbox access
            MBAccess
        }
         
}
                                            

Open in new window

0
 
LVL 17

Author Comment

by:Premkumar Yogeswaran
ID: 40009955
Hi Qlemo & Enphyniti,

Thanks for your input, let me try and come back to you...

Cheers,
Prem
0
 
LVL 17

Author Comment

by:Premkumar Yogeswaran
ID: 40009968
Hi,

After adding the output statement, i am getting this error, earlier, my script executed without error.

Kindly find the error below: Also let me know the option to add the date to the log..

Unexpected token 'samAccountName' in expression or statement.
At C:\temp\Copy of Mailbox_Final_1.PS1:23 char:43
+             $FilterStrng = "samAccountName <<<<  -like `"" + $genericG + "`""
    + CategoryInfo          : ParserError: (samAccountName:String) [], ParseEx
   ception
    + FullyQualifiedErrorId : UnexpectedToken

Regards,
Prem
0
 
LVL 17

Author Comment

by:Premkumar Yogeswaran
ID: 40010094
Dear Expert,
Kindly find my updated script with output attributes, am am getting above mentioned error

#Mailbox access permission

$logFile = "C:\temp\MailboxAccess_Log\MBAccesslog.txt

PARAM(
[string] $Gemail = $(Read-Host -Prompt 'Generic Mailbox Email'),
[string] $UserID = $(Read-Host -Prompt 'User email or SamID')
)

$genericmail = $Gemail

$genericDN = (get-mailbox $genericmail).distinguishedname
$genericG = (get-mailbox $genericmail).samaccountname
$genericY = (get-mailbox $genericmail)

$SendList = $genericY.GrantSendOnBehalfTo

$UserG = (get-mailbox $UserID).samaccountname
$UserY = (get-mailbox $UserID)

$SendList2 = $SendList + $UserY

#Mailbox access permission
Function MBAccess {
Param($mailboxaccess)

 try
        {
            #Check if user already exists
            $FilterStrng = "samAccountName -like `"" + $genericG + "`""
            $user = Get-mailbox -Filter $FilterStrng
          
        #If generic mailbox exist, proceed with access permission
        if ($user -ne $null)
        {
                write-host "user" $UserG "Has been granted access to generic Mailbox" $genericmail -ForegroundColor Green
                write "user" $UserG "was granted access to Generic Mailbox" $GenericMail | out-file -append $logfile

                #Grant Full mailbox permission to generic mailbox
		        Add-mailboxpermission -identity $genericDN -user $UserG -accessright Fullaccess
                              
                #Grant send on behalf to generic mailbox
		        set-mailbox $genericDN -GrantSendOnBehalfTo $SendList2
                         
        }
        else
            {
                write-host "Generic mailbox" $genericmail "does not exist, please check" -ForegroundColor Red
                write "Attempt to grant" $UserG "access to" $GenericMail "failed" | out-file -append $logfile
            }
	}
        catch
        {
            	write-host "There was a problem in providing the access permission to Generic mailbox" "-" $_ -ForegroundColor red
                write "There was a problem in providing the access permission to Generic mailbox "-" $_ | out-file -append $logfile
        }
    }
        if ($genericmail -like '*') 
        {
            #Call the function to grant mailbox access
            MBAccess
        }
        

Open in new window


Error occured:

Unexpected token 'samAccountName' in expression or statement.
At C:\temp\Copy of Copy of Mailbox_Final_1.PS1:30 char:43
+             $FilterStrng = "samAccountName <<<<  -like `"" + $genericG + "`""
    + CategoryInfo          : ParserError: (samAccountName:String) [], ParentContainsErrorRecordException
    + FullyQualifiedErrorId : UnexpectedToken

Regards,
Prem
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 40010097
Please post the complete code, as this seems to be an error caused somewhere before the shown statement.
0
 
LVL 17

Author Comment

by:Premkumar Yogeswaran
ID: 40010103
Hi Qlemo,

I have posted the complete script and error above to your comment.
with new error
0
 
LVL 16

Expert Comment

by:Enphyniti
ID: 40010272
Your missing a quote at the end of your logfile definition.
0
 
LVL 16

Expert Comment

by:Enphyniti
ID: 40010360
*You're.

wish I could edit on mobile...
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 40010389
Correct (line 3).
You should also move the logfile definition past the PARAM clause.
0
 
LVL 17

Author Comment

by:Premkumar Yogeswaran
ID: 40011030
Hi Enphyniti & Qlemo,

Thank you missed to notice that.. :)  i will check and update you..

Cheers,
Prem
0
 
LVL 17

Author Comment

by:Premkumar Yogeswaran
ID: 40054673
Hi Enphyniti & Qlemo,

Sorry for my delay in response.
My script is working great now...

Before closing this question, i have last query. looking for your help..
In the below funtion, we are testing whether One of the input is exist or not, it is possible to modify this function to check both the input (Genric mailbox and the usre mailbox) is present or not?

 try
        {
            #Check if user already exists
            $FilterStrng = "samAccountName -like `"" + $genricsamID + "`""
            $user = Get-ADUser -Filter $FilterStrng


Thanks,
Prem
0
 
LVL 70

Accepted Solution

by:
Qlemo earned 300 total points
ID: 40135249
Your request doesn't make sense. You are already requesting the mailbox info of both accounts, so no LDAP search required at all. Just check for the corresponding mailbox vars to contain anything.
The simplified script checking for both accounts is:
PARAM(
[string] $GenericMail = $(Read-Host -Prompt 'Generic Mailbox Email'),
[string] $UserID      = $(Read-Host -Prompt 'User email or SamID')
)

function Write-Log ([String] $text, [String] $FgColor)
{
  $logFile = "C:\temp\MailboxAccess_Log\MBAccesslog.txt"
  
  Write-Host -ForegroundColor $FgColor $test
  Out-File $logfile -Append -InputObject $text 
}

$GenUser = get-mailbox $GenericMail
$User    = get-mailbox $UserID

if (!$User  ) { Write-Log "User $UserID has no mailbox" "Red" }
if (!GenUser) { Write-Log "Generic mailbox $GenericMail not found" "Red" }
if ($User -and $GenUser) {
  Add-MailBoxPermission $GenUser.DistinguisedName -user $User.SamAccountName -AccessRights FullAccess
  Set-MailBox $GenUser.DistinguisedName -GrantSendOnBehalfTo ($GenUser.GrantSendOnBehalfTo + $User)
  Write-Log "User $UserID was grantd access to generic mailbox $GenericMail" "Green"
}

Open in new window

0
 
LVL 17

Author Closing Comment

by:Premkumar Yogeswaran
ID: 40148870
Thanks guys... Sorry for the delay...
0

Featured Post

Enroll in May's Course of the Month

May’s Course of the Month is now available! Experts Exchange’s Premium Members and Team Accounts have access to a complimentary course each month as part of their membership—an extra way to increase training and boost professional development.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A recent project that involved parsing Tableau Desktop and Server log files to extract reusable user queries for use in other systems. I chose to use PowerShell to gather the data, and SharePoint to present it...
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question