Messaging Pro

All About Messaging and Collaboration Technologies

PowerShell Commands to get users having Full Access and Send As Permission

by Leave a Comment

Today got a task to collect the users with Full Access and Send-As permission in my organization and didn’t expect that I can finish the task but PowerShell make it as simple.

You have to use the PowerShell command below to get all the users who have Full Mailbox Permission for the user mailboxes or shared mailboxes, etc. other than their own NT account.

Get-Mailbox –Resultsize “Unlimited” | Get-MailboxPermission | Where-Object {($_.AccessRights –like ‘FullAccess’) –and –not ($_.user –like ‘NT Authority\Self’)}

NB: If you have multiple domains and you have to collect the information of mailboxes in the entire domain then use the PowerShell commands below to verify the mailboxes in the entire Forest:

Set-ADServerSettings -ViewEntireForest $true

You may get more rows and columns in the result and you may not be able to view all those information. To check all the information, just append Export-CSV to export the result in a CSV file.

Get-Mailbox –Resultsize “Unlimited” | Get-MailboxPermission | Where-Object {($_.AccessRights –like ‘FullAccess’) –and –not ($_.user –like ‘NT Authority\Self’)} | Export-CSV <File path followed by file name.csv>

If you have to verify any particular user has Full Mailbox access to any other User mailbox or Shared mailbox, etc. then use the PowerShell command below:

Get-Mailbox –Resultsize ‘Unlimited’| Get-MailboxPermission | Where-Object {($_.Accessrights -like ‘FullAccess’) -and ($_.user -like ‘domain\SamAccount’)} | Export-CSV <File path followed by file name.csv>

You have to use the PowerShell commands below to get all the users who have Send-As permission for User Mailboxes or Shared Mailboxes, etc. other than their own NT Account.

Get-Mailbox –Resultsize “Unlimited” | Get-ADPermission | Where-Object {($_.Extendedrights -like ‘Send-As’) -and –not ($_.User -like “NT Authority\Self”)}

You may get more rows and columns in the result and you may not be able to view all those information. To check all the information, just append Export-CSV to export the output in a CSV file.

Get-Mailbox –Resultsize “Unlimited” | Get-ADPermission | Where-Object {($_.Extendedrights -like ‘Send-As’) -and –not ($_.User -like “NT Authority\Self”)} | Export-CSV <File path followed by file name.csv>

Get-Mailbox –Resultsize “Unlimited” | Get-ADPermission | Where-Object {($_.Extendedrights -like ‘Send-As’) -and ($_.User -like “Domain\SamAccount”)} | Export-CSV <File path followed by file name.csv>

Please share your thoughts by clicking Leave a Comment and if you like the articles in this site, please subscribe to get Email notification when a new article has published. Thank You.

Tags

Active Directory Federation Server ADFS Auto Forward in public folder Cannot open your default e-mail folders cloud Commands DAG DAG switchover Daily Task DatabaseAvailabilityGroup DDL Dynamic Distribution group Enterprise Vault Enterprise voice EV plug-in EV plug-in IE java script error EV search archive issue Exchange 2007 Exchange 2013 exchange online Failover Hybrid environment LegacyExchangeDN Mail.que Mail Public Folders Rules migrated Migration Move mailbox O365 office 365 Outlook Rules PowerShell PS Public Folder Rules Safetynet search archive SFB Skype for business online SSO Token Sign In Certificate Troubleshooting WIA Windows Integrated Authentiaction Window Update Patching Command X500

Recent Posts

Our Latest Tweets