Add get-mailbox-with-permissions.ps1

2024-11-29 11:21:40 +01:00 · 2024-11-29 11:21:40 +01:00 · 1e494849ff
commit 1e494849ff
parent ed7140e52c
1 changed files with 65 additions and 0 deletions
--- a/get-mailbox-with-permissions.ps1
+++ b/get-mailbox-with-permissions.ps1
@ -0,0 +1,65 @@
+# Output file
+$OutputFile = "MailboxPermissionsWithSMTPAndName.csv"
+
+# Initialize an array for the results
+$Results = @()
+
+# Retrieve all mailboxes (all types)
+$Mailboxes = Get-Mailbox -RecipientTypeDetails UserMailbox,SharedMailbox -ResultSize Unlimited
+
+# Loop through all mailboxes
+foreach ($Mailbox in $Mailboxes) {
+    # Retrieve the primary SMTP address and display name
+    $PrimarySmtpAddress = $Mailbox.PrimarySmtpAddress
+    $DisplayName = $Mailbox.DisplayName
+
+    # Retrieve mailbox permissions
+    $Permissions = Get-MailboxPermission -Identity $Mailbox.Identity
+
+    # Check if specific permissions are set
+    if ($Permissions.Count -eq 0) {
+        # Add mailbox without additional permissions
+        $Results += [PSCustomObject]@{
+            DisplayName        = $DisplayName
+            MailboxType        = $Mailbox.RecipientTypeDetails
+            PrimarySmtpAddress = $PrimarySmtpAddress
+            User               = "Default owner"
+            AccessRights       = "FullAccess"
+            IsInherited        = "N/A"
+        }
+    } else {
+        # Add permissions
+        foreach ($Permission in $Permissions) {
+            # Filter default permissions such as NT AUTHORITY\SELF
+            if ($Permission.User -notlike "NT AUTHORITY\SELF") {
+                $Results += [PSCustomObject]@{
+                    DisplayName        = $DisplayName
+                    MailboxType        = $Mailbox.RecipientTypeDetails
+                    PrimarySmtpAddress = $PrimarySmtpAddress
+                    User               = $Permission.User
+                    AccessRights       = $Permission.AccessRights -join ", "
+                    IsInherited        = $Permission.IsInherited
+                }
+            }
+        }
+    }
+}
+
+# Add mailboxes that may not have displayed permissions
+foreach ($Mailbox in $Mailboxes) {
+    if (-not ($Results.DisplayName -contains $Mailbox.DisplayName)) {
+        $Results += [PSCustomObject]@{
+            DisplayName        = $Mailbox.DisplayName
+            MailboxType        = $Mailbox.RecipientTypeDetails
+            PrimarySmtpAddress = $Mailbox.PrimarySmtpAddress
+            User               = "Default owner"
+            AccessRights       = "FullAccess"
+            IsInherited        = "N/A"
+        }
+    }
+}
+
+# Export the results to a CSV file
+$Results | Export-Csv -Path $OutputFile -NoTypeInformation -Encoding UTF8
+
+Write-Host "All mailboxes, permissions, names, and SMTP addresses have been exported to $OutputFile"