Script to remove security groups from shared mailboxes and add the group members directly to ACL

Hello, I was wondering if anyone can help as i am quite still learning powershell.

I have different "security groups" that has full access to different shared mailboxes. Since group access does not auto-map for users in office365, the idea is to make users have direct access to those shared mailboxes rather than using groups. I configured the script below but its not working when using variables. If i type in the mailbox and usergroup directly, it works.

  $MailBoxes= Get-Mailbox | select name | Sort-Object DisplayName  
  $directPermissions= Get-MailboxPermission $mailboxes | `
  Where IsInherited -EQ $false| Where User -NotIn ( "NT AUTHORITY\SELF", "FullAccessAdmin" )| `
  %{ Get-Recipient $_ . User -ErrorAction Ignore| Select DisplayName ,PrimarySmtpAddress , RecipientType} 
  $DL = Get-DistributionGroupMember $directpermissions | Select-Object -ExpandProperty Name
ForEach ($Member in $DL )
{
Add-MailboxPermission -Identity $mailboxes  -User $member -AccessRights FullAccess -InheritanceType All
}  Remove-MailboxPermission -Identity $mailboxes -user mynewgroup -AccessRights Fullaccess -InheritanceType all
 

I was wondering if there is someone who can help have a look at the script and tell me where i went wrong



August 28th, 2015 1:41pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics