[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Exchange 2010 powershell

Posted on 2014-04-29
3
Medium Priority
?
288 Views
Last Modified: 2014-04-30
How can I display a users access to other users items in exchange powershell. Example - it was reported that a user named Brian has access to other user's mailbox items. I want to run a report on the user Brian to see what he has access to besides his own mailbox items.

Thanks,
Brian
0
Comment
Question by:bbayachek
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 18

Accepted Solution

by:
Steven Harris earned 1200 total points
ID: 40031071
You could use something along the lines of:

Get-Mailbox | Get-MailboxPermission | ?{($_.AccessRights -eq "FullAccess") -and ($_.User -like 'domainname\username') -and ($_.IsInherited -eq $false)} | ft Id* 

Open in new window


Replace "domainname\username" with that of the person in question.

This will query the user in question and retrieve a listing of mailboxes that the user has FullAccess permissions assigned.  Run on server...

Alternatively, another method is to run locally and query a particular server:

Get-Mailbox -Server “servername” | Get-MailboxPermission | where { ($_.AccessRights -eq “FullAccess”) -and ($_.IsInherited -eq $false) -and -not ($_.User -like “domainname\username”) }

Open in new window


Replacing "servername" and "domainname\username" respectively.
0
 
LVL 10

Expert Comment

by:Marshal Hubs
ID: 40031611
Microsoft Exchange Server 2010 provide the Get-MailboxPermission cmdlet that can be used to check the permissions granted on a mailbox to any user.

You need to run the following cmdlet to see what access Brian has besides his own mailbox items.

Get-MailboxPermission -Identity "User-Id" | Select Identity,User,@{Name='Access Rights';Expression={[string]::join(', ', $_.AccessRights)}} | Export-CSV -NoTypeInformation C:\permissions.csv
0
 
LVL 4

Expert Comment

by:SEHC
ID: 40031982
I have used this command in the past and it worked for me.


Get-Mailbox -resultsize unlimited | Get-MailboxPermission | where {$_.user.tostring() -ne "NT AUTHORITY\SELF" -and $_.IsInherited -eq $false} | Select Identity,User,@{Name='Access Rights';Expression={[string]::join(', ', $_.AccessRights)}} | Export-Csv -NoTypeInformation mailboxpermissions.csv


this will be for everyone you will just need to clean it up in Excel.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article I discuss my selections of the Top Four free Outlook OST File Viewers available. Open, view and read even damaged OST files by using these tools. They all provide a clear preview of all data such as emails, notes, tasks, calendars, e…
If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question