PowerShell » Exchange mailbox permission reports

PowerShell scripts for Exchange mailbox permission reports

Your download is in progress and it will be complete in just a few seconds! If you face any issues, download manually here
Stay informed about Exchange with
Exchange Reporter Plus
  • Please enter business email address
  •  
    By clicking 'Proceed to Download', you agree to processing of personal data according to the Privacy Policy. You can unsubscribe from our mails at anytime.

Exchange Online Reports

Mailbox permissions include send as, send on behalf of, and full access permissions. Besides these, there are certain other non-owner and owner permissions like folder access and read permissions for mailboxes. There are also a couple of PowerShell commands for configuring and monitoring mailbox permissions.

PowerShell cmdlets for configuring mailbox permissions

  1. Get-MailboxPermission [-Identity] <MailboxIdParameter> [-Owner] [-Credential <PSCredential>] [-DomainController <Fqdn>] [-ReadFromDomainController] [-ResultSize <Unlimited>] [<CommonParameters>]

    Using this cmdlet, you can find out which users in your Exchange organization have what permissions for a particular mailbox. This cmdlet also displays a list of all the mailbox permissions (owner and non-owner).

  2. Add-MailboxPermission [-Identity] <MailboxIdParameter> -AccessRights <MailboxRights[]> -User <SecurityPrincipalIdParameter> [-AutoMapping <Boolean>] [-Confirm] [-Deny] [-DomainController <Fqdn>] [-IgnoreDefaultScope] [-InheritanceType <ActiveDirectorySecurityInheritance>] [-WhatIf] [<CommonParameters>]

    This cmdlet can be used to provide mailbox permissions such as send as, send on behalf of, full access, or owner permissions to any user in your organization for a particular mailbox.

    These are just the basic scripts. To address other needs such as triggering real-time alerts on permission changes, or saving the report in a specific folder/network share, the scripts have to be modified. This will only make the script more complex. Exchange Reporter Plus offers purpose-built reports to meet such complex needs.

The Exchange Reporter Plus way

Exchange Reporter Plus provides real-time insights on mailbox permissions. You can schedule the reports to get regular updates on the mailbox permission changes. This way you can more effectively monitor access rights and keep your organization’s mailboxes secure. Exchange Reporter Plus facilitates granular monitoring of mailbox permissions with predefined reports such as:

powershell-scripts-for-mailbox-permission-reports

Permissions Based on Mailboxes

Get the list of all users who have mailbox access rights for specified mailboxes.

Permissions Based on Users

List all permissions that a particular user has on the mailboxes available in your Exchange organization.

Non-Owner Mailbox Permissions

Know all permissions that are assigned to the non-owners of a particular mailbox.

Shared Mailbox Permissions

Equip yourself with the list of users who have access permissions to a particular shared mailbox.

To generate these reports:

  1. Go to the Reporting tab in the top pane.
  2. Navigate to Exchange Server → Mailboxes → Permission Reports.
    Note: The Shared Mailbox Permissions report is available under: Exchange Server → Organization → Shared Mailboxes report.
  3. Choose a report from the list of reports available.
  4. Enter the Organization and Mailbox name for which you would like to generate the report.
  5. Click on OK.

That's it! With just a couple of clicks, Exchange Reporter Plus helps you get all the information you need to monitor mailbox permissions. To learn more about how Exchange Reporter Plus addresses complex Exchange functions, click here.

Office 365 Security Reports Office 365 Health Monitoring Exchange Audit Logs Skype for Business Reports