Get user’s mailbox access in Exchange online

Welcome Forums General PowerShell Q&A Get user’s mailbox access in Exchange online

  • This topic has 3 replies, 2 voices, and was last updated 1 month ago by
    Inactive
    .
Viewing 3 reply threads
  • Author
    Posts
    • #240857
      Participant
      Topics: 2
      Replies: 3
      Points: 16
      Rank: Member

      Hi all,

       

      I’m struggling with getting the following command, which worked flawlessly in Exchange On Prem, working in Exchange online:

      Get-Mailbox -RecipientTypeDetails UserMailbox,SharedMailbox -ResultSize Unlimited | Get-MailboxPermission -User $user | fl identity

       

      I’ve tried

      Get-ExoMailbox -RecipientTypeDetails UserMailbox,SharedMailbox -ResultSize Unlimited | Get-ExoMailboxPermission -User $user | fl identity

      but it seems to be a bit more complicated than that.

       

      I’ve already got it working the other way around, getting all users with access to a specific mailbox, using the Exchange Online PowerShell V2 module, but with this I could use some help.

       

      Many thanks in advance.

       

      Borg.

    • #240866
      Inactive
      Topics: 0
      Replies: 5
      Points: 0
      Rank: Member

      Borg, can you please describe in a bit more detail what you are trying to see for your results? I am able to run the following code with the latest EXOV2 cmdlets and it works just fine. Just as a side note, unless you are calling a command specifically with EXO like Get-EXOMailbox you are still using the classic commands.

      [30.36 s] C:\> Get-Mailbox -RecipientTypeDetails UserMailbox,SharedMailbox -ResultSize Unlimited | Get-MailboxPermission -User $user |  select -First 5 | ft

      Identity User AccessRights IsInherited Deny
      ——– —- ———— ———– —-
      User1 NT AUTHORITY\SELF {FullAccess, ReadPermission} False False
      User1 OnlineServer12\Administ… {FullAccess} True True
      User1 OnlineServer12\Domain A… {FullAccess} True True

      User2 NT AUTHORITY\SELF {FullAccess, ReadPermission} False False
      User2 OnlineServer12\Administ… {FullAccess} True True
      User2 OnlineServer12\Domain A… {FullAccess} True True
      User2 OnlineServer12\Enterpri… {FullAccess} True True
      User2 OnlineServer12\Organiza… {FullAccess} True True
      User2 NT AUTHORITY\SYSTEM {FullAccess} True False

      Dave
      User2 NT AUTHORITY\NETW… {ReadPermission} True False

    • #240968
      Participant
      Topics: 2
      Replies: 3
      Points: 16
      Rank: Member

      Hi Dave,

       

      Sure. I need the result to be something like this:

      Identity : domain.com/OU/Mailboxes/Displayname Mailbox 1

      Identity : domain.com/OU/Mailboxes/Displayname Mailbox 2

      etc

       

      Borg

       

    • #241064
      Inactive
      Topics: 0
      Replies: 5
      Points: 0
      Rank: Member

      So you can do a few things here. I am just putting down the basics to show you how to get it. One way would be to do the following:

      $mailboxes = Get-Mailbox – Get-Mailbox -RecipientTypeDetails UserMailbox,SharedMailbox -ResultSize Unlimited | Select-Object Identity, Alias

      if you want something a bit more elegant you can create your own custom object with the following code to display whatever you want the output object to look like:

      $mailboxes = Get-Mailbox – Get-Mailbox -RecipientTypeDetails UserMailbox,SharedMailbox -ResultSize Unlimited | Select-Object Identity, Alias

      foreach($mbx in $mailboxs)

      {

      [PSCustomObject}@{

      Identity = $mbx.Identity

      Alias = $mbx.Alias}

      “This this account disabled?” = $mbx.AccountDisabled

      }

      You can also use calculated properties (known as an expression) to achieve the same solution. To modify the output with calculated properties it will require a Hashtable object denoted by @{} and it will contain a Name and an Expression key. The name key is the property name that you want to use and the Expression key will be a scriptblock that is going to be executed when the Select-Object cmdlet receives input from the pipeline: Get-Mailbox – Get-Mailbox -RecipientTypeDetails UserMailbox,SharedMailbox -ResultSize Unlimited | Select-Object -Property Identity, @{Name =”DN”; Expression = {$_.DistinugishedName}}

       

      You can keep building on to these examples to add all the rest of the data that you require. I hope this helps!

      Dave

Viewing 3 reply threads
  • You must be logged in to reply to this topic.