asked on
Exchange Powershell question
So I'm trying to clean up permissions on the mailbox of one of our former employee, John Smith. There's an SID listed as having "Send As" permissions to his mailbox that I'm trying to remove. The command should be:
Remove-ADPermission -Identity "jsmith@domain.com" -User "S-0-0-00-0000000000-00000
But that gives me a " 'jsmith@domain.com' wasn't found" error, as does any other variant of his identity (jsmith, 'smith, john', etc.). His mailbox isn't hidden. Any suggestions?
Remove-ADPermission -Identity "jsmith@domain.com" -User "S-0-0-00-0000000000-00000
But that gives me a " 'jsmith@domain.com' wasn't found" error, as does any other variant of his identity (jsmith, 'smith, john', etc.). His mailbox isn't hidden. Any suggestions?
PowershellExchange
Last Comment
Paul MacDonald
ASKER
So, checking AD, under the Attributes Tab, I note that his CN was listed as “John Smith”, so I tried the command using that for identity. The command accepted that, but ultimately failed for a different reason, saying the SID specified is an inherited access control entry. I suspect it’s for a retired account, back from when we had a Blackberry server and that was the system account that had Send As permissions for everyone. I deleted the account along time ago, but these permissions seem to remain on users that were here back then.
Edit:
I guess the issue now isn't so much with PowerShell as inherited permissions in AD. That same SID has "Send As" permissions on certain users.
Edit:
I guess the issue now isn't so much with PowerShell as inherited permissions in AD. That same SID has "Send As" permissions on certain users.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Remove-MailboxPermission -Identity 'CN=John Smith,OU=Users,DC=MyDomain