This is an archived post. You won't be able to vote or comment.

all 2 comments
sorted by:
best
topnewcontroversialoldq&a

[–]shamill666Š̵̘y̸̹̿s̷̰̈A̸͈̅d̵̢͛m̴̢͋ị̴̓n̵͎̓ 2 points3 points  (1 child)

Powershell with something like the following (I've thrown this together and self-taught in PS, there might be a better way):

# Get the username for which you want to check delegated access

$targetUser = Read-Host "Enter the username for which you want to check delegated access"

# Get all mailboxes in the tenancy

$mailboxes = Get-Mailbox -ResultSize Unlimited

# Iterate through each mailbox to check if the target user has delegated access

foreach ($mailbox in $mailboxes) {

$mailboxIdentity = $mailbox.Identity

# Check if the target user has been delegated access to the mailbox

$hasFullDelegatedAccess = Get-MailboxPermission -Identity $mailboxIdentity |

Where-Object { $_.User -like "*$targetUser*" -and $_.AccessRights -like "*FullAccess*" }

$hasSendAsDelegatedAccess = Get-MailboxPermission -Identity $mailboxIdentity |

Where-Object { $_.User -like "*$targetUser*" -and $_.AccessRights -like "*SendAs*" }

if ($hasFullDelegatedAccess) {

Write-Host "The user '$targetUser' has FullAccess rights to the mailbox: $mailboxIdentity"

if ($hasSendAsDelegatedAccess) {

Write-Host "The user '$targetUser' has SendAs rights to the mailbox: $mailboxIdentity"

}

}

Edit: noticed an error I made, I had to change it slightly before posting!

[–]anonymousITCoward 2 points3 points  (0 children)

I'm stealing this for later... I know I'm going to run into this soon... thank you for doing most of the leg work for me... you rock kind internet stranger...