The script below will help you to find if a group of users have permissions on a mailbox hosted on an Exchange server. The group list is built by querying a specific OU in the Active Directory. In the example, the OU distinguished name is : OU=Users,DC=domain,DC=net
The Exchange database defined in the variable $exch_db can be either specific or generic using wildcard :
- $exch_db = “specific_Exch_dbname”
or
- $exch_db = “Exch_dbname*”
The script will check if each user found in OU=Users,DC=domain,DC=net have permissions on a mailbox hosted on the Exchange db specified above. At the end, a csv file is created containing for each line :
Mailbox_Identity , AD user account , Mailbox_LegacyDN , Mailbox_size_in_MB
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010 import-module activedirectory $list = Get-ADUser -SearchBase "OU=Users,DC=domain,DC=net" -Filter * $domain = "domain" $exch_db = "your_exchange_dbnames*" $exch_db_list = Get-MailboxDatabase | ? { $_.Name -like $exch_db} $mailboxperm_array = @() $mailboxperm = @() $exch_db_list | % { $exch_dbname = $_.Name $mailboxdb = Get-mailbox -database $exch_dbname | select guid,LegacyExchangeDN,Name $mailboxdb | % { $mb_guid = $_.Guid.tostring() $mb_legdn = $_.LegacyExchangeDN.tostring() $mailboxperm += Get-MailboxPermission $mb_guid | select Identity,User,@{label="LegacyDN";expression={$mb_legdn}},@{label="Guid";expression={$mb_guid}} } $mailboxperm_array += $mailboxperm | ? {if ($_.user -match "^$domain") { $list -match ($_.user).tostring().split("\")[1] } } } $mailboxsize_array = $mailboxperm_array | select Identity -uniq | % { get-mailbox $_.Identity | Get-MailboxStatistics | select LegacyDN,MailboxGuid, @{label="TotalSize(MB)";expression={($_.TotalDeletedItemSize.Value.ToMB() + $_.TotalItemSize.Value.ToMB())}} } $array = @() $mailboxperm_array | % { $array += $_ | select Identity,user,LegacyDN,@{label="TotalSize";expression={ ((($mailboxsize_array) -match [regex]::escape($_.LegacyDN))|select "TotalSize(MB)")."TotalSize(MB)" }} } $array | export-csv c:\temp\excharr.csv
Reference
My Powershell script categories
- Active Directory
- Cluster
- Database
- Exchange
- Files and folders
- Hardware
- Network
- Operating System
- PKI
- SCCM
- Service and process
- Tips
- VMWare
Check if a user account have permissions on an Exchange mailbox