locked
Remove a user from all mailboxes RRS feed

  • Question

  • I have had a user as an Exchange view only administrator, because of Blackberry services. I now removed this user on organizational level, but the user is still in the Manage Full Access permissions of all users.

    How can i remove this user from all mailboxes? 

    Friday, July 22, 2011 11:42 AM

Answers

All replies

  • Hi,

    Is should be possible with a little script, something like:

    get-mailbox | remove-adpermissions

    with the get-mailbox you should get all mailboxes. You then remove the desired user using the remove-adpermissions

    http://technet.microsoft.com/en-us/library/aa996048.aspx

    Leif


    Friday, July 22, 2011 12:13 PM
  • Hello Leif,

    I must give an identity. what is the identity for all mailboxes?

     

    Ruud

    Friday, July 22, 2011 12:19 PM
  • you shouldnt have to as youre pipeing | all to the next command
    Sukh
    Friday, July 22, 2011 12:24 PM
  • Hello Leif

    I'm not familiar with these commands in Powershell. Excuses.

    If i would have the user Soserv, what would then be the syntax?

     

    thanks

    Ruud

    Friday, July 22, 2011 12:47 PM
  • Hi RZO,

     

    If you want to remove user’s full access permission on all the mailboxes, you can use this command to achieve the goal:

     

    Get-mailbox –resultsize unlimited| foreach-Object{ Remove-MailboxPermission –identity $_.identity –User username –AccessRights FullAccess –InheritanceType All}

     

    Some related documents for you:

     

    Get-Mailbox

    http://technet.microsoft.com/en-us/library/bb123685(EXCHG.80).aspx

     

    Remove-MailboxPermission

    http://technet.microsoft.com/en-us/library/bb125153(EXCHG.80).aspx

     

    Thanks,

     

    Evan Liu

     

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact tngfb@microsoft.com  

    • Marked as answer by RZO Monday, July 25, 2011 10:21 AM
    Monday, July 25, 2011 2:18 AM
  • Hello Evan,

    I have used the command, but  the user is still in the list of full access.

    Do i have to stop/start the information store to see the change?

    regards

     

    Ruud

     

    Monday, July 25, 2011 9:44 AM
  • Hello Evan,

     

    I just have to wait a little longer. The command worked. Thank you very much.

     

    regards

     

    Ruud

    Monday, July 25, 2011 10:21 AM