send as permissions for the same user exchange 2007

Greetings all I have an issue and need assistance with. In our company we make it mandatory that users need to be explicitly added to send as permissions to even a user to send from its own mailbox. One of the challenges is we use a numeric value for the users logon EX: 12457 and the user has an alias for its email address. So for example a user could have the following


You pull this user up in the exchange tools by the email alias "John.Doe"  and his numeric AD logon that gets associated to his account for access is 12457. you go to view his send as access by right clicking and selecting send as permission. Here is what you get

NT/Authority-Self
94512
global-admins

Note: that the numeric logon 12457 is not present. I am trying to find all accounts with this problem and report to management and then come back later and add those numeric logons to the users send as access.  I did notice that the  samaccountname has this numeric value also.

Problem is when the accounts were setup originally one by one helpdesk missed this step with some of the users. What I am trying to do is print a report with those numeric logons not present on that user and or the exchange accounts missing that value. It would be nice to get something of the following.


users email alias         users numeric value       ispartofsendas
john.doe                           12457                                 false
mary.doe                          35427                                 false
jimmy.johnson                 21478                                 true


I started with this powershell command but cannot get the rest



get-content c:\temp\alias.csv | foreach {Get-ADPermission $_ }| where {($_.ExtendedRights -like “*Send-As*”) -and ($_.IsInherited -eq $false) -and -not ($_.User -like “NT AUTHORITY\SELF”)}
techdriveAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jian An LimSolutions ArchitectCommented:
get-content c:\temp\alias.csv | foreach {Get-ADPermission $_ | where {($_.ExtendedRights -like “*Send-As*”) -and ($_.IsInherited -eq $false) -and  ($_.User -notlike “NT AUTHORITY\SELF”)}}

assume the alias.csv is all your username.
0
techdriveAuthor Commented:
sorry but it looks like you copied my command and just pasted this in. This does not work
0
Jian An LimSolutions ArchitectCommented:
I remove the } after $_

and i test the command it works on mine.

if you worry, you should try the command in foreach

Get-ADPermission <replace with user> | ? {($_.ExtendedRights -like “*Send-As*”) -and ($_.IsInherited -eq $false) -and  ($_.User -notlike “NT AUTHORITY\SELF”)}  

to confirm this command works or not
if you cannot get the result you want, then get-content won't work

after you confirm the first part working, then revalidate with get-content

if not, i will try
get-mailbox <numeric> to see whether it found a mailbox

if it is good, then you can use the below

get-mailbox <numeric>  | Get-ADPermission | ? {($_.ExtendedRights -like “*Send-As*”) -and ($_.IsInherited -eq $false) -and  ($_.User -notlike “NT AUTHORITY\SELF”)}
0
What were the top attacks of Q1 2018?

The Threat Lab team analyzes data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide insightful analysis about the top threats on the Internet. Check out our Q1 2018 report for smart, practical security advice today!

techdriveAuthor Commented:
limjianan does your example list the columns that I wanted in my original post above. Please check that post.
0
Jian An LimSolutions ArchitectCommented:
aa.. sorry .. let's try again

get-mailbox <username> | select-object `
@{Label="users email alias";Expression={$_.alias}},`
@{Label="users numeric value";Expression={$_.samaccountname}},`
@{Label="ispartofsendas";Expression={(get-mailbox $_  | Get-ADPermission | ? {($_.ExtendedRights -like “*Send-As*”) -and ($_.IsInherited -eq $false) -and  ($_.User -notlike “NT AUTHORITY\SELF”) | measure-object).count}}}
\\hopefully there is no syntax error as i am typing from home (without server access)

if 0 means false
if 1 means true

(mailbox alias)              *mailbox samaccoutname     *your sendas right*
users email alias         users numeric value       ispartofsendas
john.doe                           12457                                 0
mary.doe                          35427                                 1
jimmy.johnson                 21478                                 1
0
techdriveAuthor Commented:
thank you sir will try it in a moment.
0
techdriveAuthor Commented:
I am getting errors when using this code.
0
Jian An LimSolutions ArchitectCommented:
what is your error?
0
techdriveAuthor Commented:
I tried this by adding a bracket and then removed it. It is still not working and sorry for taking so long.

[PS] C:\temp>.\mailboxstater.ps1
At C:\temp\mailboxstater.ps1:4 char:78
+ @{Label="ispartofsendas";Expression={(get-mailbox $_  | Get-ADPermission | ? {($ ...
+                                                                              ~
Missing closing '}' in statement block.
At C:\temp\mailboxstater.ps1:4 char:220
+ ... object).count}}}
+                    ~
Unexpected token '}' in expression or statement.
    + CategoryInfo          : ParserError: (:) [], ParseException
    + FullyQualifiedErrorId : MissingEndCurlyBrace

[PS] C:\temp>.\mailboxstater.ps1
At C:\temp\mailboxstater.ps1:4 char:78
+ @{Label="ispartofsendas";Expression={(get-mailbox $_  | Get-ADPermission | ? {($ ...
+                                                                              ~
Missing closing '}' in statement block.
    + CategoryInfo          : ParserError: (:) [], ParseException
    + FullyQualifiedErrorId : MissingEndCurlyBrace
0
Jian An LimSolutions ArchitectCommented:
Okay, i miss a } before the where command so this will definitely work accordingly.

let me know




get-mailbox <username> | select-object `
@{Label="users email alias";Expression={$_.alias}},`
@{Label="users numeric value";Expression={$_.samaccountname}},`
@{Label="ispartofsendas";`
Expression={(get-mailbox $_  | Get-ADPermission | `
? {($_.ExtendedRights -like “*Send-As*”) -and `
($_.IsInherited -eq $false) -and `
($_.User -notlike “NT AUTHORITY\SELF”)} | `
measure-object).count}}
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Powershell

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.