In case someone is looking for a script that works with mailbox permissions like this, here's a small example of what I came up with to help someone check that all mailboxes have the SELF right in the permissions:
#Script to check mailboxes for fullaccess rights for NT AUTHORITY\SELF
#Written by jtedoff@microsoft.com 4/21/2012
$logfile = "c:\selfrightstest.log"
if (test-path $logfile) {remove-item $logfile}
function WriteLog
{
PARAM($msg)
END
{
Add-Content -Path $logfile -encoding ASCII -value $msg
}
}
#Modify the next line to narrow the scope of the Get-Mailbox results
#For example, set it to -> $mailboxes = Get-Mailbox -server <servername> -resultsize unlimited <- to only check mailboxes on a particular server
$mailboxes = Get-ExchangeServer | ?{$_.ServerRole -like "*mailbox*"} | Get-Mailbox -resultsize unlimited
WriteLog "Checking for FullAccess rights for NT AUTHORITY\SELF"
$mailboxes | foreach {
$perms = get-mailboxpermission $_.identity | ?{$_.user -like "NT AUTHORITY\SELF" -and $_.accessrights -like "*fullaccess*"}
if ($perms) {
Write-Host "Mailbox for $_" -nonewline
Write-Host " OK" -foregroundcolor green
}
else { $erruser = $_.Identity
Write-Host "FullAccess right for NT AUTHORITY\SELF not detected on the mailbox for " -foregroundcolor red -nonewline
Write-Host $_.Identity -foregroundcolor red -backgroundcolor white
WriteLog "FullAccess right for NT AUTHORITY\SELF not detected on the mailbox for $erruser"
}
}
Great work man you have post a great post it will help people very much keep it do more for people like that become a funded account trader
ReplyDelete.
Best work you have done, this online website is cool with great facts and looks. I have stopped at this blog after viewing the excellent content. I will be back for more qualitative work https://truck-month-houston-tx.webnode.com/
ReplyDelete