View Which Mailboxes a User Has Access To Exchange Server 2016

In this blog post, I will show you how to run a PowerShell script and find all the mailboxes a user has access to In Exchange Server 2016 and Exchange Online.

In my case, I’m running the script In Exchange Server 2016 CU7, however, this script will work on Exchange Online, 2010 and 2013 as well.

It is very common that In large organizations users will move from one role to another and as a result permissions to a shared mailbox or other user mailboxes will need to be removed.

This script will help to find which mailboxes access needs to be removed or keep.

View Mailboxes
get-mailbox -ResultSize unlimited | Get-MailboxPermission -User admin | select identity, user, accessrights

Export To CSV

get-mailbox -ResultSize unlimited | Get-MailboxPermission -User admin | select identity, user | Export-Csv admin.csv

Remove Permissions

Now, that I know which mailboxes my admin user has access to, I’ll use the code below to remove the permissions

Import-Csv .\admin.csv | foreach{Remove-MailboxPermission $_.Identity -User $_.user -AccessRights FullAccess -Confirm:$false }

Code and conclusion

The code below lists the two steps needed to view and remove all permissions from a user mailbox.

The first line ads the Exchange PowerShell to PowerShell ISE console

2nd line will find all the mailboxes a user called Admin has access to and export the list to a .CSV file

The last line will remove the permissions from the mailboxes.

If needed the.CSV can be modified and only list the mailboxes needed to be removed.

Add-PSSnapin *exchange*
get-mailbox -ResultSize unlimited | Get-MailboxPermission -User admin | select identity, user | Export-Csv admin.csv
Import-Csv .\admin.csv | foreach{Remove-MailboxPermission $_.Identity -User $_.user -AccessRights FullAccess -Confirm:$false }

Processing…
Success! You're on the list.

Posted

in

,

by

Comments

One response to “View Which Mailboxes a User Has Access To Exchange Server 2016”

  1. Michelle Avatar
    Michelle

    Hi,
    This info is great and worked, however, could we add an extra title – access level?
    Also, on my results there are 2 entries per user mailbox, which means there are 3520 lines total. Any ideas why this could be?
    Thank you