locked
Grant Send on behalf powersehll (exchagne server 2010) RRS feed

  • Question

  • Hi ,

    We are using below powershell script to find emailids who have grant on send behalf permission on particular emailid

    (get-mailbox $LoggedUserName).grantsendonbehalfto | Get-Mailbox | FT PrimarySMTPAddress| fl | out-file $ExchangeUserFilePath
    $AllUsers = [string](Get-Content $ExchangeUserFilePath)

    Now out of 100 times approximately 99 times we get correct values

    but some times we get email addresses which are not set e.g

    if I have user abc@xyz.com who doesn't have grant on send behalf permission set for his account still

    our application using above powershell shows that lmn@xyz.com have send behalf permission  on abc@xyz.com

    Anythig wrong with command?

    Regards,

    Abhagwat

    Friday, May 9, 2014 2:14 PM

Answers

  • Your code sample is incomplete.  Some problems I notice with what you posted:

    1. We don't know where $loggedusername comes from
    2. You're doing a format list after a format table and then an out-file.  This doesn't make any sense.
    3. You're sending stuff to file and then sucking it back in, which doesn't make sense.

    Here is a very simple example that will list out all users and their respective authorized senders:

    $x = Get-Mailbox -Filter {GrantSendOnBehalfTo -ne $null}
    $x | FL Identity, GrantSendOnBehalfTo
    Please describe your desired output if this is not it.



    Mike Crowley | MVP
    My Blog -- Planet Technologies

    Friday, May 9, 2014 4:04 PM
  • Here is a much more robust report:

    #Console prep
    cd \
    cls
     
    #Getting a list of Recipients to work with
    $AllMailboxesWithGrantees = Get-Mailbox -Filter {GrantSendOnBehalfTo -ne $null}
     
    #Initializing variables
    $Threshold = 0
    $AttributeList = @()
    $UsersAndGrantees = @()
    $UpperLimit = 0
     
    #Examine each recipient
    $AllMailboxesWithGrantees | % {
     
        #Get a list of grantees for each user
        $GranteeList = $_.GrantSendOnBehalfTo
     
        #Create a new placeholder object with only their name
        $UserAndGranteeObject = New-Object PSObject -Property @{
            Name = $_.name
            }
     
        #Initialize the proxy counter
        $counter = 0
     
        #Begin breaking out grantee list
        $GranteeList | % {
     
            $FirstOne = $_ 
            $counter += 1
     
            if ($counter -eq 1) {$UserAndGranteeObject | Add-Member -MemberType NoteProperty -Name Grantee1 -Value $FirstOne}
     
            else {$UserAndGranteeObject | Add-Member -MemberType NoteProperty -Name (“Grantee” + $Counter) -Value $FirstOne}
     
            #Keep track of the highest grantee count
            if ($Counter -gt $UpperLimit) {$UpperLimit = ($UpperLimit + 1)}
     
        }
     
       #Add the custom object to the master array
       if ($counter -gt $Threshold) {$UsersAndGrantees += $UserAndGranteeObject}
    }
     
    $UpperLimitAttribute = ('Grantee' + $UpperLimit)
     
    $UpperLimitReference = $UpperLimit
     
    #Build output selection
    $AttributeList += "Name"
    $AttributeList += "Grantee1"
    while ($UpperLimit -gt 1) {
        $AttributeList += ("Grantee" + $UpperLimit)
        $UpperLimit = $UpperLimit -1
        }
     
    #Arrange attributes
    [array]::sort($AttributeList)
     
    #Output to file
    $UsersAndGrantees | select $AttributeList | Export-CSV $env:USERPROFILE\Desktop\UsersAndGrantees.csv -notype
     
    #Output to screen
    # $UsersAndGrantees | select $AttributeList
    Write-Host “”
    Write-Host "There are " -NoNewline -Fore DarkCyan
    Write-Host $UsersAndGrantees.count -Fore Cyan -NoNewline
    Write-Host " recipients. "  -NoNewline -Fore DarkCyan
    Write-Host (($UsersAndGrantees | sort $AttributeList[-1])[0]).name -NoNewline -fore Cyan
    Write-host " was the recipient(s) with the most amount of grantees (Total: " -NoNewline -Fore DarkCyan
    Write-Host $UpperLimitReference -Fore Cyan -NoNewline
    Write-Host ")." -Fore DarkCyan
    Write-Host “”
    Write-Host "The report has been saved here: " -NoNewline -Fore DarkCyan
    Write-Host "$env:USERPROFILE\Desktop\UsersAndGrantees.csv" -Fore Cyan
    Write-Host “”
    Sample console output:Grant Send On Behalf To Report

    Sample CSV output (with some manual column rearranging):

    Grant Send On Behalf To Report CSV Output



    Mike Crowley | MVP
    My Blog -- Planet Technologies


    Friday, May 9, 2014 4:27 PM

All replies

  • Your code sample is incomplete.  Some problems I notice with what you posted:

    1. We don't know where $loggedusername comes from
    2. You're doing a format list after a format table and then an out-file.  This doesn't make any sense.
    3. You're sending stuff to file and then sucking it back in, which doesn't make sense.

    Here is a very simple example that will list out all users and their respective authorized senders:

    $x = Get-Mailbox -Filter {GrantSendOnBehalfTo -ne $null}
    $x | FL Identity, GrantSendOnBehalfTo
    Please describe your desired output if this is not it.



    Mike Crowley | MVP
    My Blog -- Planet Technologies

    Friday, May 9, 2014 4:04 PM
  • Here is a much more robust report:

    #Console prep
    cd \
    cls
     
    #Getting a list of Recipients to work with
    $AllMailboxesWithGrantees = Get-Mailbox -Filter {GrantSendOnBehalfTo -ne $null}
     
    #Initializing variables
    $Threshold = 0
    $AttributeList = @()
    $UsersAndGrantees = @()
    $UpperLimit = 0
     
    #Examine each recipient
    $AllMailboxesWithGrantees | % {
     
        #Get a list of grantees for each user
        $GranteeList = $_.GrantSendOnBehalfTo
     
        #Create a new placeholder object with only their name
        $UserAndGranteeObject = New-Object PSObject -Property @{
            Name = $_.name
            }
     
        #Initialize the proxy counter
        $counter = 0
     
        #Begin breaking out grantee list
        $GranteeList | % {
     
            $FirstOne = $_ 
            $counter += 1
     
            if ($counter -eq 1) {$UserAndGranteeObject | Add-Member -MemberType NoteProperty -Name Grantee1 -Value $FirstOne}
     
            else {$UserAndGranteeObject | Add-Member -MemberType NoteProperty -Name (“Grantee” + $Counter) -Value $FirstOne}
     
            #Keep track of the highest grantee count
            if ($Counter -gt $UpperLimit) {$UpperLimit = ($UpperLimit + 1)}
     
        }
     
       #Add the custom object to the master array
       if ($counter -gt $Threshold) {$UsersAndGrantees += $UserAndGranteeObject}
    }
     
    $UpperLimitAttribute = ('Grantee' + $UpperLimit)
     
    $UpperLimitReference = $UpperLimit
     
    #Build output selection
    $AttributeList += "Name"
    $AttributeList += "Grantee1"
    while ($UpperLimit -gt 1) {
        $AttributeList += ("Grantee" + $UpperLimit)
        $UpperLimit = $UpperLimit -1
        }
     
    #Arrange attributes
    [array]::sort($AttributeList)
     
    #Output to file
    $UsersAndGrantees | select $AttributeList | Export-CSV $env:USERPROFILE\Desktop\UsersAndGrantees.csv -notype
     
    #Output to screen
    # $UsersAndGrantees | select $AttributeList
    Write-Host “”
    Write-Host "There are " -NoNewline -Fore DarkCyan
    Write-Host $UsersAndGrantees.count -Fore Cyan -NoNewline
    Write-Host " recipients. "  -NoNewline -Fore DarkCyan
    Write-Host (($UsersAndGrantees | sort $AttributeList[-1])[0]).name -NoNewline -fore Cyan
    Write-host " was the recipient(s) with the most amount of grantees (Total: " -NoNewline -Fore DarkCyan
    Write-Host $UpperLimitReference -Fore Cyan -NoNewline
    Write-Host ")." -Fore DarkCyan
    Write-Host “”
    Write-Host "The report has been saved here: " -NoNewline -Fore DarkCyan
    Write-Host "$env:USERPROFILE\Desktop\UsersAndGrantees.csv" -Fore Cyan
    Write-Host “”
    Sample console output:Grant Send On Behalf To Report

    Sample CSV output (with some manual column rearranging):

    Grant Send On Behalf To Report CSV Output



    Mike Crowley | MVP
    My Blog -- Planet Technologies


    Friday, May 9, 2014 4:27 PM
  • Hi Mike,

    Thanks for the reply.

     1.$loggedusername  comes from c# wcf code.

     2. we are writting the output in the file(I will check again)

     3. We are reading from file and sending that value back to WCF code and then to our application.

    I will again use the above described code and will check if it solves my problem.

    Regards,

    Abhagwat

    Monday, May 12, 2014 6:25 AM