Script checks mailbox permissions on Exchange 2010. I was writing it using as a base script wrote by Paul Cunningham for mailbox report.

Worth mentioning is that script is also checking groups recursively, and has - let me call it - anti-loop protection :] so if someone creates "Group_A" and "Group_B" and put A in B and B in A the script will notice that particular group has been already reported in that particular cycle, and won't go deeper.

.PARAMETER mailbox
Generates a report only for the specified mailbox.

.PARAMETER filename
(Optional) Specifies the CSV file name to be used for the report.
If no file name specificed then a unique file name is generated by the script

.PARAMETER server
Generates a report for all mailboxes on the specified server.

.PARAMETER all
Generates a report for all mailboxes in the organization.

.EXAMPLE
.\Get-MailboxPermissions.ps1 -database HO-MB-01
Returns a report with the mailbox statistics for all mailbox users in
database HO-MB-01

.EXAMPLE
.\Get-MailboxPermissions.ps1 -server ex2010-mb1
Generates a report with the mailbox statisitcs for all mailbox users
on ex2010-mb1

.EXAMPLE
.\Get-MailboxPermissions.ps1 -server ex2010-mb1 -filename ex2010-mb1.csv
Generates a report with the mailbox statisitcs for all mailbox users
on ex2010-mb1, and uses the custom file name of ex2010-mb1.csv

 

PowerShell
Edytuj|UsuĊ„
<# 
.SYNOPSIS 
Get-MailboxPermissions.ps1 - Mailbox permisions report generation script. 
 
.PARAMETER mailbox 
Generates a report only for the specified mailbox. 
 
.PARAMETER filename 
(Optional) Specifies the CSV file name to be used for the report. 
If no file name specificed then a unique file name is generated by the script 
 
.PARAMETER server 
Generates a report for all mailboxes on the specified server. 
 
.PARAMETER all 
Generates a report for all mailboxes in the organization. 
 
.EXAMPLE 
.\Get-MailboxPermissions.ps1 -database HO-MB-01 
Returns a report with the mailbox statistics for all mailbox users in 
database HO-MB-01 
 
.EXAMPLE 
.\Get-MailboxPermissions.ps1 -server ex2010-mb1 
Generates a report with the mailbox statisitcs for all mailbox users 
on ex2010-mb1 
 
.EXAMPLE 
.\Get-MailboxPermissions.ps1 -server ex2010-mb1 -filename ex2010-mb1.csv 
Generates a report with the mailbox statisitcs for all mailbox users 
on ex2010-mb1, and uses the custom file name of ex2010-mb1.csv 
 
.LINK 
 
 
.NOTES 
Written By: Pawel Jarosz based on Paul Cunningham "MailboxReport" script from: 
http://exchangeserverpro.com/powershell-script-create-mailbox-size-report-exchange-server-2010 
 
Website:    http://paweljarosz.wordpress.com 
 
Change Log 
V1.00, 04/03/2016 - Initial version 
#> 
 
 
#*********************** 
# PARAMETERS 
#*********************** 
 
param( 
    [Parameter(ParameterSetName='database')] [string]$database, 
    [Parameter(ParameterSetName='mailbox')] [string]$mailbox, 
    [Parameter(ParameterSetName='server')] [string]$server, 
    [Parameter(ParameterSetName='all')] [switch]$all, 
    [string]$filename 
) 
 
#*********************** 
# VARIABLES 
#*********************** 
 
$ErrorActionPreference = "SilentlyContinue" 
$WarningPreference = "SilentlyContinue" 
$report = @() 
 
#GENERATING FILENAME IF NO "FILENAME" HAS BEEN SPECIFIED 
if ($filename) 
{ 
    $reportfile = $filename 
} 
else 
{ 
    $timestamp = Get-Date -UFormat %Y%m%d-%H%M 
    $random = -join(48..57+65..90+97..122 | ForEach-Object {[char]$_| Get-Random -Count 6) 
    $reportfile = "MailboxReport-$timestamp-$random.csv" 
} 
 
 
Write-Host -ForegroundColor White "Collecting mailbox list" 
 
if($all) { $mailboxes = @(Get-Mailbo -resultsize unlimited -IgnoreDefaultScope) } 
if($server) { $mailboxes = @(Get-Mailbox -server $server -resultsize unlimited -IgnoreDefaultScope) } 
if($database){ $mailboxes = @(Get-Mailbox -database $database -resultsize unlimited -IgnoreDefaultScope) } 
if($mailbox) { $mailboxes = @(Get-Mailbox $mailbox) } 
 
$mailboxcount = $mailboxes.count 
$i = 0 
 
ForEach ($mb in $mailboxes) { 
 
$MbPerms = Get-MailboxPermission $mb 
$i = $i + 1 
$pct = $i/$mailboxcount * 100 
Write-Progress -Activity "Collecting mailbox details" -Status "Processing mailbox $i of $mailboxcount - $mb" -PercentComplete $pct 
     
     
    ForEach ($MbPerm in $MBPerms) { 
     
    $User = $Mbperm.user.tostring() 
    $Domain,$Username = $User.split('\',2) 
    
    $a = get-aduser $Username -erroraction silentlycontinue 
     
        if ($a.name) { 
         
        $Perms = [string]::Join("|",$mbPerm.AccessRights) 
         
        $userObj = New-Object PSObject 
        $userObj | Add-Member NoteProperty -Name "Name" -Value $mb 
        $userObj | Add-Member NoteProperty -Name "UserAccess" -Value $a.name 
        $userObj | Add-Member NoteProperty -Name "AccessRights" -Value $Perms   
        $userObj | Add-Member NoteProperty -Name "IsInherited" -Value $mbPerm.IsInherited 
        $userObj | Add-Member NoteProperty -Name "Deny" -Value $mbPerm.Deny 
        $report = $report +$userObj 
        
        } 
    csl UserObj 
    clv a 
    
    } 
#Catch zero item results 
$reportcount = $report.count 
 
} 
 
if ($reportcount -eq 0) 
{ 
    Write-Host -ForegroundColor Yellow "No mailboxes were found matching that criteria." 
} 
else 
{ 
    #Output single mailbox report to console, otherwise output to CSV file 
    if ($mailbox)  
    { 
        $report | Format-List 
    } 
    else 
    { 
        $report | Export-Csv -Path $reportfile -NoTypeInformation -Delimiter ";" 
        Write-Host -ForegroundColor White "Report written to $reportfile in current path." 
        Get-Item $reportfile 
    } 
} 
 
 

 

 

 

 

<#
.SYNOPSIS
Get-MailboxPermissions.ps1 - Mailbox permisions report generation script.

.PARAMETER mailbox
Generates a report only for the specified mailbox.

.PARAMETER filename
(Optional) Specifies the CSV file name to be used for the report.
If no file name specificed then a unique file name is generated by the script

.PARAMETER server
Generates a report for all mailboxes on the specified server.

.EXAMPLE
.\Get-MailboxPermissions.ps1 -database HO-MB-01
Returns a report with the mailbox statistics for all mailbox users in
database HO-MB-01

.EXAMPLE
.\Get-MailboxPermissions.ps1 -server ex2010-mb1
Generates a report with the mailbox statisitcs for all mailbox users
on ex2010-mb1

.EXAMPLE
.\Get-MailboxPermissions.ps1 -server ex2010-mb1 -filename ex2010-mb1.csv
Generates a report with the mailbox statisitcs for all mailbox users
on ex2010-mb1, and uses the custom file name of ex2010-mb1.csv

.LINK


.NOTES
Written By: Pawel Jarosz based on Paul Cunningham "MailboxReport" script from:
http://exchangeserverpro.com/powershell-script-create-mailbox-size-report-exchange-server-2010

Website:    http://paweljarosz.wordpress.com

Change Log
V1.00, 04/03/2016 - Initial version
#>


#***********************
# PARAMETERS
#***********************

param(
    [Parameter(ParameterSetName='database')] [string]$database,
    [Parameter(ParameterSetName='mailbox')] [string]$mailbox,
    [Parameter(ParameterSetName='server')] [string]$server,
    [Parameter(ParameterSetName='all')] [switch]$all,
    [string]$filename
)

#***********************
# VARIABLES
#***********************

$ErrorActionPreference = "SilentlyContinue"
$WarningPreference = "SilentlyContinue"
$report = @()

#GENERATING FILENAME IF NO "FILENAME" HAS BEEN SPECIFIED
if ($filename)
{
    $reportfile = $filename
}
else
{
    $timestamp = Get-Date -UFormat %Y%m%d-%H%M
    $random = -join(48..57+65..90+97..122 | ForEach-Object {[char]$_} | Get-Random -Count 6)
    $reportfile = "MailboxReport-$timestamp-$random.csv"
}


Write-Host -ForegroundColor White "Collecting mailbox list"

if($all) { $mailboxes = @(Get-Mailbo -resultsize unlimited -IgnoreDefaultScope) }
if($server) { $mailboxes = @(Get-Mailbox -server $server -resultsize unlimited -IgnoreDefaultScope) }
if($database){ $mailboxes = @(Get-Mailbox -database $database -resultsize unlimited -IgnoreDefaultScope) }
if($mailbox) { $mailboxes = @(Get-Mailbox $mailbox) }

$mailboxcount = $mailboxes.count
$i = 0

ForEach ($mb in $mailboxes) {

$MbPerms = Get-MailboxPermission $mb
$i = $i + 1
$pct = $i/$mailboxcount * 100
Write-Progress -Activity "Collecting mailbox details" -Status "Processing mailbox $i of $mailboxcount - $mb" -PercentComplete $pct
   
   
    ForEach ($MbPerm in $MBPerms) {
   
    $User = $Mbperm.user.tostring()
    $Domain,$Username = $User.split('\',2)
  
    $a = get-aduser $Username -erroraction silentlycontinue
   
        if ($a.name) {
       
        $Perms = [string]::Join("|",$mbPerm.AccessRights)
       
        $userObj = New-Object PSObject
        $userObj | Add-Member NoteProperty -Name "Name" -Value $mb
        $userObj | Add-Member NoteProperty -Name "UserAccess" -Value $a.name
        $userObj | Add-Member NoteProperty -Name "AccessRights" -Value $Perms 
        $userObj | Add-Member NoteProperty -Name "IsInherited" -Value $mbPerm.IsInherited
        $userObj | Add-Member NoteProperty -Name "Deny" -Value $mbPerm.Deny
        $report = $report += $userObj
      
        }
    csl UserObj
    clv a
  
    }
#Catch zero item results
$reportcount = $report.count

}

if ($reportcount -eq 0)
{
    Write-Host -ForegroundColor Yellow "No mailboxes were found matching that criteria."
}
else
{
    #Output single mailbox report to console, otherwise output to CSV file
    if ($mailbox)
    {
        $report | Format-List
    }
    else
    {
        $report | Export-Csv -Path $reportfile -NoTypeInformation -Delimiter ";"
        Write-Host -ForegroundColor White "Report written to $reportfile in current path."
        Get-Item $reportfile
    }
}