Exchange 2010 PS: output to @{Add="<value1>", "<value2>", "<value3>"}
-
$user = read-host -Prompt "Add a user for send/full/send as! Who are we adding? (Ex: username)" $mailbox = Read-Host -Prompt "Which mailbox? (Mail alias, ex: sharedAlias)" $name = get-aduser $user |Select-Object -expandproperty name $sendas = get-mailbox $mailbox | Get-MailboxPermission | where {$_.user.tostring() -ne "NT AUTHORITY\SELF" -and $_.IsInherited -eq $false} Add-MailboxPermission -AccessRights FullAccess -Identity $mailbox -User $user -InheritanceType All -confirm Add-ADPermission $name -User $mailbox -Extendedrights "Send As" Add-MailboxFolderPermission -identity $mailbox':\' -user $user -AccessRights PublishingAuthor set-mailbox $mailbox -grantsendonbehalfto $sendasI'm working to debug this and I'm at the lastactionable portion, set-mailbox $mailbox -grantsendonbehalfto $sendas, and that's where it throws an error. It needs the output of $sendas to look like @{Add="<value1>", "<value2>", "<value3>"} so I was going to use add-member or out-string but neither has worked for me so far. I'm on day two of this BS and could use some help from anyone has any ideas on a different method?
-
Instead of
set-mailboxhave you considered tryingAdd-ADPermission?I know at face value, it looks misleading, but check the TechNet article out:
https://technet.microsoft.com/en-us/library/bb124403(v=exchg.141).aspx
Add-ADPermission -Identity "Ellen Adams" -User AaronPainter -AccessRights ExtendedRight -ExtendedRights "send as" -
So, here I would try:
Add-ADPermission -Identity $mailbox -User $sendas -AccessRights ExtendedRight -ExtendedRights "send as" -
@nerdydad said in Exchange 2010 PS: output to @{Add="<value1>", "<value2>", "<value3>"}:
So, here I would try:
Add-ADPermission -Identity $mailbox -User $sendas -AccessRights ExtendedRight -ExtendedRights "send as"I saw that, and the script has the option you mention. For full usage, each mailbox 'needs' send as, full access and send on behalf of. The send on behalf of item only seems to be able to be set through set-mailbox.
-
https://blogs.technet.microsoft.com/manjubn/2012/10/02/grantsendonbehalfto-permissions-for-mailbox-overwrites-existing-permission/ has some more detail on the problem. The issue I have is creating the array dynamically, pulled from the list of people that have 'fullaccess' already.
-
~Have you considered upgrading to 2016 Exchange server?~
-
@nerdydad said in Exchange 2010 PS: output to @{Add="<value1>", "<value2>", "<value3>"}:
~Have you considered upgrading to 2016 Exchange server?~
I tried. Management has this 0 downtime thing and won't let me do things. It's a little infuriating.
-
@grey said in Exchange 2010 PS: output to @{Add="<value1>", "<value2>", "<value3>"}:
$sendas = get-mailbox $mailbox | Get-MailboxPermission | where {$.user.tostring() -ne "NT AUTHORITY\SELF" -and $.IsInherited -eq $false}
This is where you're reading into an array the list of users who already have permission, right?
Looks like you need to use
-grantsendonbehalfto $($a.grantsendonbehalfto)to pull out the usernames only -
@grey said in Exchange 2010 PS: output to @{Add="<value1>", "<value2>", "<value3>"}:
@nerdydad said in Exchange 2010 PS: output to @{Add="<value1>", "<value2>", "<value3>"}:
~Have you considered upgrading to 2016 Exchange server?~
I tried. Management has this 0 downtime thing and won't let me do things. It's a little infuriating.
Sounds like an entirely different thread.
