Exchange Online / Exchange 2010 useful PowerShell Commands

Export the Access Rights / Permissions assigned to All user mailboxes in Office365.

Get-Mailbox -RecipientType 'UserMailbox' -ResultSize Unlimited | Get-MailboxPermission | Export-Csv -NoTypeInformation C:\temp\usermailboxpermission.csv

Export the Access Rights / Permissions assigned to All Shared Mailboxes in Office365

Get-Mailbox -RecipientType 'Shared' -ResultSize Unlimited | Get-MailboxPermission | Export-Csv -NoTypeInformation C:\temp\sharedmailboxpemission.csv

Export the Access Rights / Permissions assigned to All Shared Mailboxes in Office365

(Another Variation to Export only relevant information)

Get-Mailbox -RecipientType 'Shared' -ResultSize Unlimited | Get-MailboxPermission | Where {($_.User -ne 'NT AUTHORITY\SELF') -and ($_.IsInherited -eq $false) -and ($_.User -notlike 'admin') -and ($_.User -notlike 'S-1-5')} | Select Identity, User, AccessRights | Export-csv -NoTypeInformation C:\temp\Export01.csv

List the Access Rights / Permissions for a user on all other mailboxes

(Below command will list the full mailbox permissions which user1 have on all other mailboxes)

Get-mailbox -resultsize unlimited | Get-MailboxPermission -user user1@techpress.net | Select User, Identity, Accessrights

[jetpack_subscription_form title=”Subscribe to Blog via Email ” subscribe_text=””]

Export the Access Rights / Permissions for the Calendar Folder of all User Mailboxes.

ForEach ($Mailbox in (Get-Mailbox -ResultSize Unlimited)) { Get-MailboxFolderPermission -Identity "$($Mailbox.Name):\Calendar" | Select @{n='Mailbox';e={$Mailbox.Name}},User,AccessRights}

Another way to List Calendar Permissions

Get-Mailbox | %{Get-MailboxFolderPermission $_”:\calendar”} | ft Identity, User, AccessRights

You can filter the Calendar Folder Permissions to only list it for a particular user e.g. John. This will list all the users calendars where John is assigned any permission.

Get-Mailbox | %{Get-MailboxFolderPermission $_":\calendar"} | where {$_.user -like 'john*'} | ft Identity, User, AccessRights

Apply / Set Full Mailbox Permission for a Single User on All Mailboxes

Sometimes we have a requirement when performing User Mailbox Migration, we need to provide a user or administrator Full Mailbox rights so that we can use this account to migrate their emails. We can use below command to Add Full Mailbox Permission for a user e.g. admin_o365@techpress.net

Below command will provide admin_o365@techpress.net user Full Mailbox Permission on all user mailboxes except where the Alias is Admin.

Get-Mailbox -ResultSize unlimited -Filter {(RecipientTypeDetails -eq 'UserMailbox') -and (Alias -ne 'Admin')} | Add-MailboxPermission -User admin_365@techpress.net -AccessRights fullaccess -InheritanceType all -AutoMapping:$false

How to Remove Full Mailbox Permission for a Single user on all user mailboxes

If a particular user has been assigned Full Mailbox Permission on All the user mailboxes, This could be for Email Migration and once you complete the email migration you want to remove that user permission on all the mailboxes. You can use below command for this requirement.

Get-Mailbox -ResultSize unlimited | Remove-MailboxPermission -User emailmigadmin@techpress.com -AccessRights FullAccess -InheritanceType all

Export SendAs Permission for all the users (Exchange 2010)

Get-Mailbox -resultsize unlimited | Get-ADPermission | where { ($_.ExtendedRights -like “*Send-as*”) -and ($_.IsInherited -eq $false) -and -not ($_.User -like “NT AUTHORITY\SELF”) } | ft -wrap

Export SendAs Permission for all the users (Office365)

Get-RecipientPermission -Identity * -AccessRights SendAs | Where {$_.Trustee -ne 'NT Authority\Self' -and $_.Trustee -ne 'NULL SID'}

Apply / Set SendAs Permissions for a one User  (Office365)

Below Command will provide SendAs permissions to Jatin Makhija on John A Mailbox.

Add-RecipientPermission -Identity "John A" -Trustee "Jatin Makhija" -AccessRights SendAs

List SendOnBehalf Permission for all the users (Office365)

Get-Mailbox -Filter {GrantSendOnBehalfTo -ne $Null} | select DisplayName, PrimarySMTPAddress, GrantSendonbehalfto | ft -AutoSize -Wrap

Export SendOnBehalf Permission for all the users (Office365)

Get-Mailbox -Filter {GrantSendOnBehalfTo -ne $Null} | select DisplayName, PrimarySMTPAddress, GrantSendonbehalfto | Export-Csv -NoTypeInformation C:\temp\export-sendonbehalf.csv

Apply / Set SendOnBehalf Permission to a user (Office365)

Below command will provide Jmakhija@techpress.net GrantSendonBehalf Permission on John A Mailbox.

Set-Mailbox "John A" -GrantSendOnBehalfTo @{Add="jmakhija@techpress.net"}

Get Regional Configuration for Office365 Users

Get-mailbox -ResultSize unlimited | get-MailboxRegionalConfiguration

Set Regional Configuration, TimeZone, DateFormat, Language on All Office 365 / Exchange Online mailboxes

Get-mailbox -ResultSize unlimited | Set-MailboxRegionalConfiguration -Language 2057 -TimeZone "Greenwich Standard Time" -DateFormat dd/MM/yyyy -TimeFormat HH:mm

You can use below link to find more infomation about the Language ID (LCID) Information:

https://docs.microsoft.com/en-us/openspecs/office_standards/ms-oe376/6c085406-a698-4e12-9d4d-c3b0ee3dbc4a

Set User’s Photo on Office365

Set-UserPhoto -Identity <users emailID> -PictureData ([System.IO.File]::ReadAllBytes("<picture location"))

Example:

Set-UserPhoto -Identity jm@techpress.net -PictureData ([System.IO.File]::ReadAllBytes("c:\temp\jatinmakhija.png"))

Export of Custom Attributes for all Exchange Online user Mailboxes in CSV

Get-mailbox | Select DisplayName, *custom* | Export-csv "C:\temp\custom1.csv" -NoTypeInformation

SET custom attributes on user mailboxes. First get the list of users email address in a text file and then use a variable $usersmtp to store the list of values and loop through to apply the custom attribute. Modify the Custom Attribute number to update the respective custom attribute, for example for Custom Attribute 4 change set-mailbox switch to -CustomAttribute4

$ErrorActionPreference = "stop"
$usersmtp = Get-Content c:\temp\usersmtp.txt
foreach ($user in $usersmtp) {
try
  {
   set-mailbox -Identity $user -CustomAttribute1 "IT Support Admin"
  }
catch
  {
   write-host "$user is not found"
  }
}

Disable External Sharing on all SPO Sites

Get-SPOSite | Set-SPOSite -SharingCapability Disabled

Export External Sharing for all SPO Sites in CSV

Get-SPOSite | Select-object url, SharingCapability | Export-csv C:\temp\SPO_Extcapability.csv

0 0 vote
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments