Solved

Exchange 2010 powershell

Posted on 2014-04-29
3
282 Views
Last Modified: 2014-04-30
How can I display a users access to other users items in exchange powershell. Example - it was reported that a user named Brian has access to other user's mailbox items. I want to run a report on the user Brian to see what he has access to besides his own mailbox items.

Thanks,
Brian
0
Comment
Question by:bbayachek
3 Comments
 
LVL 18

Accepted Solution

by:
Steven Harris earned 300 total points
ID: 40031071
You could use something along the lines of:

Get-Mailbox | Get-MailboxPermission | ?{($_.AccessRights -eq "FullAccess") -and ($_.User -like 'domainname\username') -and ($_.IsInherited -eq $false)} | ft Id* 

Open in new window


Replace "domainname\username" with that of the person in question.

This will query the user in question and retrieve a listing of mailboxes that the user has FullAccess permissions assigned.  Run on server...

Alternatively, another method is to run locally and query a particular server:

Get-Mailbox -Server “servername” | Get-MailboxPermission | where { ($_.AccessRights -eq “FullAccess”) -and ($_.IsInherited -eq $false) -and -not ($_.User -like “domainname\username”) }

Open in new window


Replacing "servername" and "domainname\username" respectively.
0
 
LVL 9

Expert Comment

by:Marshal Hubs
ID: 40031611
Microsoft Exchange Server 2010 provide the Get-MailboxPermission cmdlet that can be used to check the permissions granted on a mailbox to any user.

You need to run the following cmdlet to see what access Brian has besides his own mailbox items.

Get-MailboxPermission -Identity "User-Id" | Select Identity,User,@{Name='Access Rights';Expression={[string]::join(', ', $_.AccessRights)}} | Export-CSV -NoTypeInformation C:\permissions.csv
0
 
LVL 4

Expert Comment

by:SEHC
ID: 40031982
I have used this command in the past and it worked for me.


Get-Mailbox -resultsize unlimited | Get-MailboxPermission | where {$_.user.tostring() -ne "NT AUTHORITY\SELF" -and $_.IsInherited -eq $false} | Select Identity,User,@{Name='Access Rights';Expression={[string]::join(', ', $_.AccessRights)}} | Export-Csv -NoTypeInformation mailboxpermissions.csv


this will be for everyone you will just need to clean it up in Excel.
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Utilizing an array to gracefully append to a list of EmailAddresses
If you don't know how to downgrade, my instructions below should be helpful.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now