Public/TenantConfiguration/Export/Export-TenantMailboxPermissions.ps1
|
function Export-TenantMailboxPermissions() { param( [Parameter(Mandatory)] [string]$TenantId ) Connect-CustomerExchange -CustomerTenantId $TenantId $DesktopPath = [Environment]::GetFolderPath("Desktop") $OrganizationName = (Get-ConnectionInformation).DelegatedOrganization $ExportPath = "$($DesktopPath)\$($OrganizationName) Mailbox Permissions.xlsx" $Mailboxes = Get-Mailbox -ResultSize Unlimited $MailboxPermissionsList = New-Object System.Collections.ArrayList # Get the permissions for each mailbox foreach($Mailbox in $Mailboxes) { if($Mailbox.RecipientTypeDetails -eq "DiscoveryMailbox") { continue } Write-Host "Processing mailbox $($Mailbox.PrimarySmtpAddress)" -ForegroundColor Cyan $MailboxPermissionsObject = [PSCustomObject]@{ "Type" = $Mailbox.RecipientTypeDetails Mailbox = $Mailbox.PrimarySmtpAddress "Display name" = $Mailbox.DisplayName "Full Access" = "" "Send As" = "" "Send on Behalf" = "" } $MailboxPermissions = Get-MailboxPermission -Identity $Mailbox.DistinguishedName foreach($MailboxPermission in $MailboxPermissions) { if($MailboxPermission.User -like "NT AUTHORITY\SELF") { continue } if($MailboxPermission.AccessRights -contains "FullAccess") { $MailboxPermissionsObject."Full Access" += $MailboxPermission.User + ";" } if($MailboxPermission.AccessRights -contains "SendAs") { $MailboxPermissionsObject."Send As" += $MailboxPermission.User + ";" } if($MailboxPermission.AccessRights -contains "SendOnBehalf") { $MailboxPermissionsObject."Send on Behalf" += $MailboxPermission.User + ";" } } $MailboxPermissionsList.Add($MailboxPermissionsObject) | Out-Null } $MailboxPermissionsList | Export-Excel -Path $ExportPath -AutoSize -AutoFilter -FreezeTopRow -BoldTopRow -WorksheetName "Mailbox Permissions" Write-Host "Report saved to $($ExportPath)" -ForegroundColor Green } |