Skip to content

Instantly share code, notes, and snippets.

@joshpayette
Created September 21, 2023 16:33
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save joshpayette/e3712f70efe3089897461b5fe2b8b85a to your computer and use it in GitHub Desktop.
Add/Remove Exchange Mailbox Delegate Access
<#
.SYNOPSIS
Assign full access to a mailbox with automapping disabled
.DESCRIPTION
Assigns full delegate access for a user to another user's mailbox,
with automapping disabled so that it doesn't pull into Outlook.
Must be run from Exchange Online PowerShell Module!!!
.PARAMETER adminAccount
The email of the administrator account with permission to perform this
.PARAMETER accountGainingAccess
The email of the user getting permission to delegate
.PARAMETER targetAccount
The email of the mailbox to grant delegate access to
.EXAMPLE
AddDelegateAccess
.EXAMPLE
AddDelegateAccess -adminAccount testadmin@test.com -targetAccount test@test.com -accountGainingAccess testuser@test.com
#>
function AddDelegateAccess {
param(
[Parameter(Mandatory = $true)]
[string] $adminAccount,
[Parameter(Mandatory = $true)]
[string] $accountGainingAccess,
[Parameter(Mandatory = $true)]
[string] $targetAccount
)
Connect-ExchangeOnline -UserPrincipalName $adminAccount
Add-MailboxPermission -Identity $targetAccount -User $accountGainingAccess -AccessRights FullAccess -AutoMapping:$false
Add-RecipientPermission -Identity $targetAccount -Trustee $accountGainingAccess -AccessRights SendAs
Get-PSSession | Remove-PSSession
}
Export-ModuleMember -Function AddDelegateAccess
<#
.SYNOPSIS
Remove access to a mailbox
.DESCRIPTION
Removes delegate access for a user to another user's mailbox
.PARAMETER adminAccount
The email of the administrator account with permission to perform this
.PARAMETER targetAccount
The name of the mailbox to remove access from
.PARAMETER accountLosingAccess
The user to remove access for
.EXAMPLE
RemoveDelegateAccess
.EXAMPLE
RemoveDelegateAccess -adminAccount testadmin@test.com -targetAccount test@test.com -accountLosingAccess testuser@test.com
#>
function RemoveDelegateAccess {
param(
[Parameter(Mandatory = $true)]
[string] $adminAccount,
[Parameter(Mandatory = $true)]
[string] $accountLosingAccess,
[Parameter(Mandatory = $true)]
[string] $targetAccount
)
Connect-ExchangeOnline -UserPrincipalName $adminAccount
Remove-MailboxPermission -Identity $targetAccount -User $accountLosingAccess -AccessRights FullAccess
Remove-RecipientPermission -Identity $targetAccount -Trustee $accountLosingAccess -AccessRights SendAs
Get-PSSession | Remove-PSSession
}
Export-ModuleMember -Function RemoveDelegateAccess
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment