Created
December 12, 2017 11:32
-
-
Save mrik23/c866923d3760f39febff9af1555489e9 to your computer and use it in GitHub Desktop.
Exchange Online PowerShell script to remove added permissions on all foldders of an user's mailbox. Can be used with Exchange Online PowerShell module with MFA.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| EOL-RemoveAllMailboxFolderPermissions.ps1 | |
| .DESCRIPTION | |
| A script to remove permissions from all folders present in a particular user mailbox. | |
| .OUTPUTS | |
| Console output for progress. | |
| .PARAMETER Mailbox | |
| The mailbox that the folder permissions will be removed from. Format: [email protected] (UserPrincipalName or Primary SMTP address). | |
| .EXAMPLE | |
| .\EOL-RemoveAllMailboxFolderPermissions.ps1 -Mailbox [email protected] | |
| This will remove all users permissions on al folders of John Doe mailbox. | |
| .NOTES | |
| Original script by: Paul Cunningham | |
| Original source: https://github.com/cunninghamp/Powershell-Exchange/tree/master/MailboxFolderPermissions | |
| #> | |
| [CmdletBinding()] | |
| param ( | |
| [Parameter( Mandatory=$true)] | |
| [string]$Mailbox | |
| ) | |
| $exclusions = @("/Sync Issues", | |
| "/Sync Issues/Conflicts", | |
| "/Sync Issues/Local Failures", | |
| "/Sync Issues/Server Failures", | |
| "/Recoverable Items", | |
| "/Deletions", | |
| "/Purges", | |
| "/Versions", | |
| "/PersonMetadata", | |
| "/Quick Step Settings", | |
| "/Suggested Contacts", | |
| "/Yammer", | |
| "/Yammer Root", | |
| "/Yammer Root/Feeds", | |
| "/Yammer Root/Inbound", | |
| "/Yammer Root/Outbound", | |
| "/Calendar Logging" | |
| ) | |
| $mailboxfolders = Get-MailboxFolderStatistics $Mailbox | Where {!($exclusions -icontains $_.FolderPath)} | Select FolderPath | |
| foreach ($mailboxfolder in $mailboxfolders) | |
| { | |
| $folder = $mailboxfolder.FolderPath.Replace("/","\") | |
| if ($folder -match "Top of Information Store") | |
| { | |
| $folder = $folder.Replace(“\Top of Information Store”,”\”) | |
| } | |
| $identity = "$($mailbox):$folder" | |
| Write-Host "Getting permissions on $identity" -ForegroundColor Gray | |
| $folderPermission = Get-MailboxFolderPermission -Identity $identity | Where-Object {$_.User -notmatch "Default" -and $_.User -notmatch "Anonymous"} | |
| if ($folderPermission) | |
| { | |
| try | |
| { | |
| $folderPermission | ForEach-Object { | |
| Remove-MailboxFolderPermission -Identity $identity -User $_.User.ADRecipient.UserPrincipalName -Confirm:$false -ErrorAction STOP | |
| Write-Host "Removed permissions of $($_.User) on $($identity)" -ForegroundColor Green | |
| } | |
| } | |
| catch | |
| { | |
| Write-Warning $_.Exception.Message | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment