I am trying to write a PS script that will allow our Help Desk and Desktop Support to gather Exchange data without having to ask our Exchange dept for it. I’m having a weird problem when I run the Get-MailboxPermission cmdlet - it thinks my list of Delegates (GrantSendOnBehalfTo field) is an array, and it throws the following error when I run it:
ERROR: Cannot process argument transformation on parameter ‘Identity’. Cannot convert the “System.Collections.ArrayList” value of type “System.Collections.ArrayList”
ERROR: to type “Microsoft.Exchange.Configuration.Tasks.MailboxIdParameter”.
I will post the function where it is called. I’m using a csv file to store the user and Distribution List data, so it won’t have to get all user data at once, which takes a long time. The issue seems to be when I get the list of Delegates for a specific user ID, where I split it (it’s just a field with a semicolon separating each userID . Any help would be appreciated.
I couldn’t find where to post the code, so here it is:
function Get-UserDelegatesAndPermissions
{
param
(
[parameter(Mandatory = $true)]
[string]$userID
)
$userDataFile = 'C:\Users\ABC1234\Documents\My PS Projects\ExchangeOnline-Explorer\UserMailboxData_10-9-21_ver2.csv'
$allUserData = Import-Csv $userDataFile
$distributionListFile = 'C:\Users\ABC1234\Documents\My PS Projects\ExchangeOnline-Explorer\DistributionList_10-10-21.csv'
$distributionList = Import-Csv $distributionListFile | select Identity
$userInfo = $allUserData | ? { $_.Identity -eq $userID }
$delegateList = [string[]]($userInfo.GrantSendOnBehalfTo -split '; ')
$delegateInfo = @()
$delegateInfo = New-Object System.Management.Automation.PSObject
$delegateInfo | Add-Member -MemberType NoteProperty "UserName" -Value $userInfo.DisplayName
foreach ($delegate in $delegateList)
{
#check if Identity is a DL
if($distributionList.Identity -contains $delegate) #Delegate is Distribution List
{
$delegateInfo | Add-Member -MemberType NoteProperty "Delegate Name" -Value $delegate + " (Distribution List)"
}
else
{
$delegateNameInfo = $allUserData | ? { $_.Identity -eq $delegate } | select Identity, DisplayName, UserPrincipalName
$delegateInfo | Add-Member -MemberType NoteProperty "User with access to mailbox" -Value $delegateNameInfo.DisplayName
#check for FullAccess permissions
$upn = $delegateNameInfo.UserPrincipalName
$delegateAccessRights = Get-MailboxPermission $userID -User $delegate.Identity | select AccessRights
#$delegateAccessRights = (Get-MailboxPermission $userID | ? { $_.User -like ($delegateNameInfo.Identity) }).AccessRights
if($delegateAccessRights -ne $null)
{
#Delegate has permissions to user's root of Mailbox
$delegateInfo | Add-Member -MemberType NoteProperty "Access Rights To Mailbox" -Value $delegateAccessRights
}
else
{
#no access to user's root of mailbox
}
#get Delegate permissions to Inbox and Calendar
$delegatePermissionsInbox = Get-MailboxFolderPermission $userID':\Inbox' -User $delegate.Identity | select AccessRights
$delegatePermissionsCalendar = Get-MailboxFolderPermission $userID':\Calendar' -User $delegate.Identity | select AccessRights, SharingPermissionFlags
$delegateInfo | Add-Member -MemberType NoteProperty "Delegate's Inbox Permissions" -Value $delegatePermissionsInbox
$delegateInfo | Add-Member -MemberType NoteProperty "Delegate's Calendar Permissions" -Value $delegatePermissionsCalendar
}
}
return $delegateInfo
}
Brian