?
Solved

Powershell Exchange - How to list all mailboxes Full Access permission from a particular user name ?

Posted on 2016-08-14
12
Medium Priority
?
74 Views
Last Modified: 2016-10-18
Hi people,

I wonder if anyone here can share some Powershell script or tips in how to check if my AD user account got Full Permission access in some mailboxes ?

because for compliance reason, I need to audit if the certain AD user account has multiple Exchange mailbox Full access permission or not.

Thanks.
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
12 Comments
 
LVL 67

Expert Comment

by:sirbounty
ID: 41755800
1
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 41755808
Thanks Sir,

in my case here I need to know all DOMAIN\User1 mailbox full access across 2850 Exchange mailboxes.

So how do I use that command above ?
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 41756154
get-mailbox -resultsize unlimited | get-mailboxpermission | where {$_.accessrights -conains 'FullAcess'}
1
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 16

Expert Comment

by:FOX
ID: 41756353
get-MailboxPermission username  -filter "accessrights -eq 'FullAccess'"  | ft samaccountname, displayname,emailaddress,AccessRights | out-file 'c:\temp\FullAccess.csv'
1
 
LVL 67

Expert Comment

by:sirbounty
ID: 41774887
I see I had a type-o - conains, should be -contains, but presumably you'd find that.
Any update?  Still need help?
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 41777313
Hi All,

The script doesn't work ?

get-MailboxPermission MyName  -filter "accessrights -eq 'FullAccess'"  | ft samaccountname, displayname,emailaddress,AccessRights | out-file 'c:\temp\FullAccess.csv'

Open in new window


A parameter cannot be found that matches parameter name 'Filter'.
    + CategoryInfo          : InvalidArgument: (:) [Get-MailboxPermission], ParameterBindingException
    + FullyQualifiedErrorId : NamedParameterNotFound,Get-MailboxPermission
0
 
LVL 67

Accepted Solution

by:
sirbounty earned 2000 total points (awarded by participants)
ID: 41777397
Did you try what I suggested?
get-mailbox -resultsize unlimited | get-mailboxpermission | where {$_.accessrights -conains 'FullAcess'}

Open in new window

1
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 41777398
Hi Sir,

I just required my own username and certain username not all username.

But yes I'll try it anyway.
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 41797634
Did my solution work for you?
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 41819651
Hi ITSystemEngineer - do you need further help or help closing the question?
0
 
LVL 1

Expert Comment

by:LinuxDude
ID: 41821851
List all mailboxes to which a particular user has Full Access permissions:
PS C:\> Get-Mailbox | Get-MailboxPermission -User vasil

List all shared/user/room/whatever mailboxes to which particular user has Full Access permissions:
PS C:\> Get-Mailbox -RecipientTypeDetails UserMailbox,SharedMailbox -ResultSize Unlimited | Get-MailboxPermission -User vasil
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 41847916
I believe this answers the question - not sure why the OP never came back.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
Are you an Exchange administrator employed with an organization? And, have you encountered a corrupt Exchange database due to which you are not able to open its EDB file. This article will explain all the steps to repair corrupt Exchange database.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question