Exchange Shell – Finding Mailboxes With Send As And Full Access Permission…

MS Exchange

Exchange 2007 SP1 brings the option to configure Send-As and FullAccess permission to a mailbox using the EMC. I have come across scenarios where you have to find all users with send-as permission in your organization.

Things are easy now with the help of powershell. Run the command in order to find out all users who have send-as permission assigned to mailboxes other than their own.

Get-Mailbox | Get-ADPermission | Where-Object { ($_.ExtendedRights -like “*send-as*”) -and -not ($_.User -like “nt authorityself”) }

You can customize the output to get only the fields you need.

Get-Mailbox | Get-ADPermission | Where-Object { ($_.ExtendedRights -like “*send-as*”) -and -not ($_.User -like “nt authorityself”) } | Select Identity, User

You can export the output to a CSV file.

Get-Mailbox | Get-ADPermission | Where-Object { ($_.ExtendedRights -like “*send-as*”) -and -not ($_.User -like “nt authorityself”) } | Select Identity, User | Export-CSV c:sendas.cvs

What if you want to find out all users who have FullAccess to other mailboxes in your organization.
Run the following command.

Get-Mailbox | Get-MailboxPermission | Where-Object { ($_.AccessRights -eq “*fullaccess*”) -and ($_.IsInherited -eq $false) -and -not ($_.User -like “*nt authorityself*”) }

Another variation of the above request is to find to which all mailboxes a user has fullaccess. For example, I have a user named Rajith Jose. I want to know to which all mailboxes Rajith Jose have full access to. Run the following for the same

Get-Mailbox | Get-MailboxPermission | Where-Object { ($_.AccessRights -eq “*fullaccess*”) -and ($_.User -like “*rajith*”) }

You can always select the output by pipelining the above command to a select statement and export it to a csv file by using Export-CSV filepath switch.

Other Popular Articles


MS Exchange

Scripting Agent Initialization Failed: “File is not found” Error During Exchange 2016 Setup

MS Exchange

EAC Access While Co-Existing Exchange 2013 With 2010

MS Exchange

Delete All Calendar Entries In An Exchange 2010 Mailbox

11 thoughts on “Exchange Shell – Finding Mailboxes With Send As And Full Access Permission…”

  1. Hi ,

    I need a shell command to get mailbox permission with a CSV output as below please help.

    user ID Primarysmtpaddress which user has permission on user ID what permission

    Reply
  2. hey there, just wanted to mention that the csv export option above has an extension of cvs instead of csv – otherwise, exactly what I was looking for, thanks!

    -Rafael

    Reply
  3. Hey thanks for this post, this was a big help, do you have a exchange power shell book you recommend?

    i did change eq to LIKE in your command

    Get-Mailbox | Get-MailboxPermission | Where-Object { ($_.AccessRights -like "*fullaccess*") -and ($_.User -like "*rajith*") }

    thats how it works for me

    Reply

Leave a Comment