Power Shell - Change mailbox permissions for everyone within a storage group or with a certain smtp alias.
I need to perform scenario 2 from
this blog. However the command doesnt work as advertised. It does work if you change the permissions on the users account. So to run the one command I need to perform 3 steps. One give permissions, two remove the content from all
the users and finally change the permissions back to how they were before the export took place. This is what I have so far...
Get-Mailbox -ResultSize Unlimited | add-MailboxPermission -User "administrator" -AccessRights FullAccess
get-mailbox | Export-Mailbox -ContentKeywords "content from email to be removed" -TargetMailbox "administrator" -TargetFolder 'Exported' -DeleteContent
Get-Mailbox -ResultSize Unlimited | Remove-MailboxPermission -User "administrator" -AccessRights FullAccess
I have tested the above and this works fine. My issue is this only needs to happen to about 1,000 users of the 20,000 users we have. Running my commands above will be applied to all 20,000 users which will be quite CPU intensive.
Can anyone suggest a better way to complete this task?
Some info that will be key into finding my target users: These users have a certain domain set as their main SMTP address (*@external.domain.com). The target users belong to one single mailbox database and storage group.
Many thanks for your help.
November 30th, 2010 9:45am
you can use
Get-Mailbox -Filter {EmailAddresses -Like '*@external.domain.com'}MCSE | MCITP - Server 2008 | MCITP - Exchange 2007 | MCTS - Exchange 2010
Free Windows Admin Tool Kit Click here and download it now
November 30th, 2010 10:31am
Or even better you could use
Get-Mailbox -Database SG/DB -Filter {EmailAddresses -Like '*@external.domain.com'} | add-MailboxPermission -User "administrator" -AccessRights FullAccess
Get-Mailbox -Database SG/DB -Filter {EmailAddresses -Like '*@external.domain.com'} | Export-Mailbox -ContentKeywords "content from email to be removed" -TargetMailbox "administrator" -TargetFolder 'Exported' -DeleteContent
Get-Mailbox -Database SG/DB -Filter {EmailAddresses -Like '*@external.domain.com'} | Remove-MailboxPermission -User "administrator" -AccessRights FullAccess
MCSE | MCITP - Server 2008 | MCITP - Exchange 2007 | MCTS - Exchange 2010
December 1st, 2010 2:43am
Thanks a lot. Works great.
I found though when I ran the first command it shows that some people were in different databases much to my surprise. My guess is that they are spread across two databases depending on their role.
Anyway thanks again. Voted.
Free Windows Admin Tool Kit Click here and download it now
December 1st, 2010 3:58am