Link to home
Start Free TrialLog in
Avatar of Michael Leonard
Michael LeonardFlag for United States of America

asked on

we have one shared mailbox with 100+ automapped profiles, how can we clear this with powershell

can someone provide a script we can use to clear 100+ automapped profiles from one of our exchange service account mailboxes?

thx in advance.
Avatar of Douglas Suyemoto
Douglas Suyemoto
Flag of United States of America image
Here is code for a script, keep in mind, in order to turn off automapping you have to remove full access for each account first, then add it back.  I provided for the fact that there may be additional permissions, but of course, test to make sure this will work for you, because it will basically take all users who have full access rights on that mailbox and remove and add back.

$users = get-mailboxpermission -identity [exchange_service_account] | ? { $_.AccessRights -like "*FullAccess*"} | select User,AccessRights
$users | % { Remove-MailboxPermission -Identity [exchange_service_account] -User $_.User -AccessRights FullAccess -Confirm:$false }
$users | % { add-mailboxpermission -Identity [exchange_service_account] -User $_.User -AccessRights $_.AccessRights -Automapping $false

Open in new window

Avatar of Michael Leonard
Michael Leonard
Flag of United States of America image

ASKER

hi Dsuyemoto - just looking at your script now

lets call the service account svc-exch  

when I log into "svc-exch" there are hundreds of profiles mapped, since this account was set to have full access on many accounts and automap set to $true

the script you provided shows what mailboxes have full access to svc-exch  .. the other way around.

I need to unmap hundreds of accounts that svc-exch has an automap setup with.
ASKER CERTIFIED SOLUTION
Avatar of Douglas Suyemoto
Douglas Suyemoto
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Michael Leonard
Michael Leonard
Flag of United States of America image

ASKER

hi dsuyemoto - when I run your script with the -whatIF   - this is the only output I am seeing [multiple entries]

domain.com/Accounts/Users/Employees/J, SMITH isn't a mailbox user.
    + CategoryInfo          : InvalidData: (:) [Get-MailboxPermission], ManagementObjectNotFoundException
    + FullyQualifiedErrorId : FB165A7F,Microsoft.Exchange.Management.RecipientTasks.GetMailboxPermission

Open in new window

Avatar of Douglas Suyemoto
Douglas Suyemoto
Flag of United States of America image
Try using RemoveAutoMap(get-mailbox) instead.
Avatar of Michael Leonard
Michael Leonard
Flag of United States of America image

ASKER

thanks dsuyemoto, where can I add the -resultsize unlimited parameter? otherwise looks good!
Avatar of Michael Leonard
Michael Leonard
Flag of United States of America image

ASKER

thx dsuyemoto - exactly what we were looking for.
Avatar of Douglas Suyemoto
Douglas Suyemoto
Flag of United States of America image
thanks dsuyemoto, where can I add the -resultsize unlimited parameter? otherwise looks good!

You can just do RemoveAutoMap(get-mailbox -resultsize 1000)