We had a little bug go through our Exchange Server that really hosed our permissions on all mailboxes. I have everything working now, but am looking for a way to systematically clean up permissions.
For instance: NT Authority\Self is allowed FullAccess on all mailboxes...this is good. This allows each user full access to their own mailbox. On top of this, each user is listed ALSO with FullAccess permissions on their own mailboxes. This is unnecessary due to the NT Authority\Self permission.
If I were to use the Exchange Management Console to remove each user from their mailbox, EMC would actually remove their access entirely by stipulating a DENY - not good.
What I am looking to do is use PowerShell to run a loop. So that you may better understand what I am trying to do:
1. Get-Mailbox 2. Enumerate username associated with mailbox and assign $username variable 3. Remove-MailboxPermission –user $username –AccessRight FullAccess
Once the entire command is piped:
Get-Mailbox | $username = user | Remove-MailboxPermission -user $username -AccessRight FullAccess
Thus, it would remove the users' full-access permissions only from their own mailbox.
Can anyone help me accomplish this? I have searched and searched, but still come up empty.
Edited by Falcor, 16 March 2014 - 10:54 PM.