Exchange filter out folders with permission set to {None}

tony-wainwright · June 1, 2014, 9:45pm

Hi
Repurposing a script I found that takes a user name and displays the AccessRights to each folder in the mailbox. There are a lots of entries that have no AccessRights ({None}), usually for the Anonymous and Default user. I want to filter out these accounts. This is what I have:

Clear-Host


Ask for an existing user
$Msg = “Enter the name of the mailbox that requires permissions changing.”

$Msg += "`nThis must be in the format of firstname lastname: "

Write-Host $Msg -ForegroundColor Green -NoNewLine

$CurrentUser = Read-Host
Define Special (System) Folders
$SpecialExchangeFolders = “Top of Information Store|Recoverable Items|Deletions|Purges|Versions”
Get the folder list for the user
[string] $FolderPaths = Get-MailboxfolderStatistics $CurrentUser | % {$_.folderpath}
Add the folder list to the users and replace / with \
$ExchangeFolderPaths = $FolderPaths | % {$CurrentUser + “:” + $_.replace(‘/’,'')}
Remove the specila folders from folder list
$UsableExchangeFolderPaths = $ExchangeFolderPaths | where { $_ -notmatch $SpecialExchangeFolders }
Display only the foldername, user and their accessrights

$UsableExchangeFolderPaths | % { get-mailboxfolderPermission $_ } | Where {$_.AccessRights -ne “{None}”}| Select-Object FolderName, Identity, AccessRights

Running this code still shows all folders and users that have no AccessRights!
Thanks
Tony

system · June 1, 2014, 10:51pm

I don’t have an Exchange environment to test, but based one what I can see here, this is what I would investigate:

AccessRights is a collection, and the comparison operators work differently when the left operand is a collection. ($array -ne "{None}") basically says "If there are any elements in this array that are NOT equal to {None}, return True", not "Return true if none of the elements in this array are equal to {None}". For the second one, you would use this instead: (-not $array -eq "{None}")
"{None}" is probably the string representation of whatever the AccessRights variable actually contains, but you're comparing the AccessRights object to a string. You might have to make sure the text conversion is performed first, or figure out how to make the code work with the underlying objects instead. Something like Where { $_.AccessRights.Count -eq 0 } might work.

Like I said, I can’t test this myself right this minute, but hopefully these suggestions get you on the right track.

tony-wainwright · June 2, 2014, 3:01am

Thanks Dave. I’ve been playing around with this all afternoon and the resolution is too simple:
$UsableExchangeFolderPaths | % { get-mailboxfolderPermission $_ } | Where {$_.AccessRights -notlike “none”} | Select-Object FolderName, Identity, AccessRights
Simples!!
Cheers

Topic		Replies	Views
Find 'Deny' rights on a list of folders PowerShell Help	2	212	May 16, 2024
Filtering out hidden/system folders in EXO PowerShell Help	6	430	February 10, 2024
Need newby help with filtering object property values PowerShell Help	6	368	May 16, 2024
Getting folderlist of exchange online mailbox PowerShell Help	7	6415	June 23, 2024
Mailbox and Folder Permissions in Exchange Online (Microsoft 365) PowerShell Help	9	9161	March 29, 2024

Exchange filter out folders with permission set to {None}

Ask for an existing user

Define Special (System) Folders

Get the folder list for the user

Add the folder list to the users and replace / with \

Remove the specila folders from folder list

Display only the foldername, user and their accessrights

Related topics