Get user's mailbox access in Exchange online

Hi all,

I’m struggling with getting the following command, which worked flawlessly in Exchange On Prem, working in Exchange online:

Get-Mailbox -RecipientTypeDetails UserMailbox,SharedMailbox -ResultSize Unlimited | Get-MailboxPermission -User $user | fl identity

I’ve tried

Get-ExoMailbox -RecipientTypeDetails UserMailbox,SharedMailbox -ResultSize Unlimited | Get-ExoMailboxPermission -User $user | fl identity

but it seems to be a bit more complicated than that.

I’ve already got it working the other way around, getting all users with access to a specific mailbox, using the Exchange Online PowerShell V2 module, but with this I could use some help.

Many thanks in advance.

Borg.

Borg, can you please describe in a bit more detail what you are trying to see for your results? I am able to run the following code with the latest EXOV2 cmdlets and it works just fine. Just as a side note, unless you are calling a command specifically with EXO like Get-EXOMailbox you are still using the classic commands.

[30.36 s] C:> Get-Mailbox -RecipientTypeDetails UserMailbox,SharedMailbox -ResultSize Unlimited | Get-MailboxPermission -User $user | select -First 5 | ft

Identity User AccessRights IsInherited Deny

User1 NT AUTHORITY\SELF {FullAccess, ReadPermission} False False
User1 OnlineServer12\Administ… {FullAccess} True True
User1 OnlineServer12\Domain A… {FullAccess} True True

User2 NT AUTHORITY\SELF {FullAccess, ReadPermission} False False
User2 OnlineServer12\Administ… {FullAccess} True True
User2 OnlineServer12\Domain A… {FullAccess} True True
User2 OnlineServer12\Enterpri… {FullAccess} True True
User2 OnlineServer12\Organiza… {FullAccess} True True
User2 NT AUTHORITY\SYSTEM {FullAccess} True False

Dave
User2 NT AUTHORITY\NETW… {ReadPermission} True False

Hi Dave,

Sure. I need the result to be something like this:

Identity : domain.com/OU/Mailboxes/Displayname Mailbox 1

Identity : domain.com/OU/Mailboxes/Displayname Mailbox 2

etc

Borg

So you can do a few things here. I am just putting down the basics to show you how to get it. One way would be to do the following:

$mailboxes = Get-Mailbox - Get-Mailbox -RecipientTypeDetails UserMailbox,SharedMailbox -ResultSize Unlimited | Select-Object Identity, Alias

if you want something a bit more elegant you can create your own custom object with the following code to display whatever you want the output object to look like:

$mailboxes = Get-Mailbox - Get-Mailbox -RecipientTypeDetails UserMailbox,SharedMailbox -ResultSize Unlimited | Select-Object Identity, Alias

foreach($mbx in $mailboxs)

{

[PSCustomObject}@{

Identity = $mbx.Identity

Alias = $mbx.Alias}

“This this account disabled?” = $mbx.AccountDisabled

}

You can also use calculated properties (known as an expression) to achieve the same solution. To modify the output with calculated properties it will require a Hashtable object denoted by @{} and it will contain a Name and an Expression key. The name key is the property name that you want to use and the Expression key will be a scriptblock that is going to be executed when the Select-Object cmdlet receives input from the pipeline: Get-Mailbox - Get-Mailbox -RecipientTypeDetails UserMailbox,SharedMailbox -ResultSize Unlimited | Select-Object -Property Identity, @{Name =“DN”; Expression = {$_.DistinugishedName}}

You can keep building on to these examples to add all the rest of the data that you require. I hope this helps!

Dave