This post is also available in: Polish
In previous post Exchange 2010 Mailbox Folder Permissions we explained how to add permissions to mailbox or mailbox folder.
After a while, when you add permissions to mailbox you will forget mailbox, permissions and users.
Exchange 2010 get list of mailboxes with assigned permissions
If you want to get list of all mailboxes with assigned Full Access permisions you need to use example like below:
Get-Mailbox -Server “MX01” -ResultSize Unlimited | Get-MailboxPermission | where {($_.AccessRights -eq “FullAccess”) -and ($_.IsInherited -eq $false) -and ($_.User.ToString() -ne “NT AUTHORITY\SELF”)}
Above example will list all mailboxes on server MX01 and check assigned permissions to those mailboxes. If any of those mailboxes will have assigned Full Access permission which is not Inherited and permission is not for user “NT Authority\Self” (it means for mailbox owner) then you will receive list of mailboxes with user account name and permissions.
We can also check belowed permissions instead of Full Access:
- DeletedItem
- ReadPermission
- ChangePermission
- ChangeOwner
- ExternalAccount
- SendAs permission
List Exchange 2010 mailboxes with Send-As permission assigned:
Exchange Mailbox Send-As permission is an Active Directory permission and to check this permission we have to use Get-ADPermission cmdlet.
To get list of all mailboxes on serwer MX01 with assigned permissions Send-As you can use:
Get-Mailbox -server MX01 -ResultSize unlimited | Get-ADPermission | Where {$_.ExtendedRights -like “Send-As” -and $_.User.ToString() -ne “NT AUTHORITY\SELF” -and $_.Deny -eq $false} | ft Identity,User,IsInherited -AutoSize
More examples:
To check permissions assigned for users to mailbox mailbox1 use:
Get-MailboxPermission mailbox1
English 
polski