Script Repository

Grant target user full access over specific mailbox

April 21, 2021

The script grants the target user full access over a specific mailbox. The script can be executed in a business rule, custom command or scheduled task.

In the script, the $mailboxDN variable specifies the distinguished name (DN) of the object that represents the mailbox to grant full access over. For information on how to get an object DN, see Get the DN of a directory object.

Edit Remove
$mailboxDN = "CN=John Smith,OU=Users,DC=Domain,DC=com" # TODO: modify me

# Create an instance of the 'AdmExchangeMailboxParameters' class
$mailboxParams = New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxParameters"

# Specify trustee
$objReference = New-Object "Softerra.Adaxes.Adsi.AdmObjectReference"
$objReference.ObjectDN = "%distinguishedName%"

# Specify permission
$permission = New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxPermission"
$permission.Trustee = $objReference

# Append to existing permissions
$permissionModification = New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxRightsModification"
$permissionModification.Operation = "ADS_PROPERTY_APPEND"
$permissionModification.Permission = $permission

# Update mailbox settings
$mailboxRights = $mailboxParams.MailboxRights
$mailboxParams.MailboxRights = $mailboxRights

# Save the changes
$user = $Context.BindToObjectByDN($mailboxDN)
$user.SetMailParameters($mailboxParams, "ADM_SET_EXCHANGE_PARAMS_FLAGS_NONE")

Comments ( 0 )
No results found.
Leave a comment