We recently needed a way to see what delegate permissions a client had given across the vastness that is their mailbox and it’s folder structure.
Digging around online I found this script from John Hopkins which got me 90% of the way there.
Their script was missing three things for my use case:
- Delegate permissions on the root folder of the mailbox
- Exclude the actual user from the report
- Little tidier formatting of the output
This script has been tested against Exchange 2016 only.
# Use displayname
$mailbox = "<DISPLAY NAME>"
$permissions = @()
$folders = Get-Mailboxfolderstatistics $mailbox | % {$_.folderpath} | % {$_.replace("/","\")}
# Get the root folder of the mailbox
$folderKey = $mailbox + ":" + "\"
$permissions += Get-MailboxFolderPermission -identity $folderKey -ErrorAction SilentlyContinue | Where-Object {$_.User -notlike "Default" -and $_.User -notlike "Anonymous" -and $_.AccessRights -notlike "None" -and $_.User -notlike $mailbox}
# Get the rest of the folders
$list = ForEach ($folder in $folders)
{
$folderKey = $mailbox + ":" + $folder
$permissions += Get-MailboxFolderPermission -identity $folderKey -ErrorAction SilentlyContinue | Where-Object {$_.User -notlike "Default" -and $_.User -notlike "Anonymous" -and $_.AccessRights -notlike "None" -and $_.User -notlike $mailbox}
}
$permissions | Format-Table -AutoSize
Thanks a lot :)