Obtain a list of folders to apply permissions. The result is the FolderPath value that is returned in the format "/Folderpath".
Get-MailboxFolderStatistics owner | `
Where { $_.FolderPath.Contains("FolderName") -eq $true }
Add-MailboxFolderPermission or Remove-MailboxFolderPermission
Use the Add-MailboxFolderPermission or Remove-MailboxFolderPermission cmdlets to assign (remove) permissions from a set of folders. The format for the folder name is "Mailbox:FolderPath" so you need to modify the result from earlier to accommodate the expected value.
The following example illustrates the example where Rose, Juanita and Lupe's manager (Hector) wants to grant these users access to his "Work" folder and all of its sub-folders.
$targetmailbox="Hector"
#Reset Permissions
cls
$targetmailbox="mailbox_name"
ForEach($f in (Get-MailboxFolderStatistics $targetmailbox | Where { $_.FolderPath.Contains("Inbox") -eq $true })) {
$fname = $targetmailbox + ":" + $f.FolderPath.Replace("/","\");
$userlistArray = @()
#Purge existing permsissions and set defaults
ForEach($g in (Get-MailboxFolderPermission $fname | select User,AccessRights)) {
if ($g.User -like "NT User:domain\*") {
Remove-MailboxFolderPermission $fname -User $g.User -confirm: $false
}
elseif ($g.User -like "Default") {
Set-MailboxFolderPermission $fname -User $g.User -AccessRights Author
}
elseif ($g.User -notlike "Default") {
Remove-MailboxFolderPermission $fname -User $g.User -confirm: $false
}
}
#Set owner permissions (modify users and rights to assign other permission values to specific users)
$user=("Rose","Juanita","Lupe")
ForEach ($targetuser in $user){
Add-MailboxFolderPermission $fname -User $targetuser -AccessRights Owner
}
}
#Report Permissions
cls
$targetmailbox="mailbox_name"
ForEach($f in (Get-MailboxFolderStatistics $targetmailbox | Where { $_.FolderPath.Contains("Inbox") -eq $true })) {
$fname = $targetmailbox + ":" + $f.FolderPath.Replace("/","\");
write-host $fname -BackgroundColor "Green" -ForegroundColor "Black"
$userlistArray = @()
ForEach($g in (Get-MailboxFolderPermission $fname | select User,AccessRights)){
if ($g.User -like "NT User:domain\*") {
write-host " " $g.User ":" $g.AccessRights -BackgroundColor "Red" -ForegroundColor "Black"
}
elseif ($g.User -like "Default") {
write-host " " $g.User ":" $g.AccessRights -BackgroundColor "White" -ForegroundColor "Black"
}
elseif ($g.User -notlike "Default") {
write-host " " $g.User ":" $g.AccessRights
}
}
}
2 comments:
How do you that for all folders like outbox, sent items, etc
Try this Francois. It allows you to pass a username parameter to the script to search a single mailbox.
You can add more folder names to the $folders array to search more folders
param (
[string] $identity
)
$identity=$identity+"@mydomain.com"
$folders = @("Inbox","Calendar")
if ($identity -eq "@mydomain.com") {$identity = "*"}
ForEach ($m in (get-mailbox $identity | Select name,primarysmtpaddress | sort-object -property name)){
write-host $m.name -BackgroundColor "Green" -ForegroundColor "Black"
ForEach ($h in $folders) {
ForEach ($f in (Get-MailboxFolderStatistics -identity $m.primarysmtpaddress | where {$_.identity -eq $m.primarysmtpaddress+'\'+$h})) {
$fname = $m.name + ":" + $f.FolderPath.Replace("/","\");
write-host $f.FolderPath -BackgroundColor "Black" -ForegroundColor "Yellow"
ForEach($g in (Get-MailboxFolderPermission $fname | select User,Foldername,AccessRights)){
if (($g.User -like "Default") -or ($g.User -like "Anonymous")) {
write-host " " $g.User ":" $g.AccessRights -BackgroundColor "White" -ForegroundColor "Black"
}
elseif ($g.User -notlike "Default") {
write-host " " $g.User ":" $g.AccessRights -BackgroundColor "Red" -ForegroundColor "Black"
}
}
}
}
write-host "-------------------------------"
}
Post a Comment