运行 Get-ADPermission 时如何获取 PrimarySMTPAddress
How to get PrimarySMTPAddress when running Get-ADPermission
我想输出每个对邮箱具有 SendAs 权限的用户。但是,我想使用 primarySMTPAddress 作为标识符,它没有在 Get-ADPermission cmdlet 中公开。
我该如何修改这行代码来做到这一点:
$SendAs = Get-ADPermission $Mailbox.DistinguishedName | ? {$_.ExtendedRights -like "Send-As" -and $_.User -notlike "NT AUTHORITY\SELF" -and !$_.IsInherited} | % {$_.User}
我尝试过类似的方法但无济于事:
$SendAs = Get-ADPermission $Mailbox.DistinguishedName | ? {$_.ExtendedRights -like "Send-As" -and $_.User -notlike "NT AUTHORITY\SELF" -and !$_.IsInherited} | % {$_.User}
$sendAs| %{$uSendAs += ($(if($uSendAs){";"}) + (Get-mailbox $_))}
我正在尝试将其合并到此脚本中:
$OutFile = "C:\scripts\export.txt"
"DisplayName" + "," + "Alias" + "," + "Primary SMTP" + "," + "Full Access" + "," + "Send As" + "," + "Send on Behalf" | Out-File $OutFile -Force
$Mailboxes = Get-Mailbox -ResultSize:Unlimited | Select Identity, Alias, DisplayName, DistinguishedName, primarysmtpaddress
ForEach ($Mailbox in $Mailboxes)
{
$SendAs = Get-ADPermission $Mailbox.DistinguishedName | ? {$_.ExtendedRights -like "Send-As" -and $_.User -notlike "NT AUTHORITY\SELF" -and !$_.IsInherited} | % {$_.User}
$FullAccess = Get-MailboxPermission $Mailbox.Identity | ? {$_.AccessRights -eq "FullAccess" -and !$_.IsInherited} | % {$_.User}
$sendbehalf=Get-Mailbox $Mailbox.Identity | select-object -expand grantsendonbehalfto | select-object -expand rdn | % {$_.User}
if (!$SendAs -and !$FullAccess -and !$sendbehalf){continue}
$Mailbox.DisplayName + "," + $Mailbox.Alias + "," + $Mailbox.primarysmtpaddress + "," + $FullAccess + "," + $SendAs + "," + $sendbehalf | Out-File $OutFile -Append
}
使用Get-Recipient,因为可以将权限授予个人或组。所以,它会是这样的:
Get-ADPermission $Mailbox.Identity | where { ($_.ExtendedRights -like “*Send-As*”) -and ($_.IsInherited -eq $false) -and -not ($_.User -like “NT AUTHORITY\SELF”) } | Select @{n='Identity';e={(Get-Recipient $_.Identity).PrimarySmtpAddress}}
我想输出每个对邮箱具有 SendAs 权限的用户。但是,我想使用 primarySMTPAddress 作为标识符,它没有在 Get-ADPermission cmdlet 中公开。
我该如何修改这行代码来做到这一点:
$SendAs = Get-ADPermission $Mailbox.DistinguishedName | ? {$_.ExtendedRights -like "Send-As" -and $_.User -notlike "NT AUTHORITY\SELF" -and !$_.IsInherited} | % {$_.User}
我尝试过类似的方法但无济于事:
$SendAs = Get-ADPermission $Mailbox.DistinguishedName | ? {$_.ExtendedRights -like "Send-As" -and $_.User -notlike "NT AUTHORITY\SELF" -and !$_.IsInherited} | % {$_.User}
$sendAs| %{$uSendAs += ($(if($uSendAs){";"}) + (Get-mailbox $_))}
我正在尝试将其合并到此脚本中:
$OutFile = "C:\scripts\export.txt"
"DisplayName" + "," + "Alias" + "," + "Primary SMTP" + "," + "Full Access" + "," + "Send As" + "," + "Send on Behalf" | Out-File $OutFile -Force
$Mailboxes = Get-Mailbox -ResultSize:Unlimited | Select Identity, Alias, DisplayName, DistinguishedName, primarysmtpaddress
ForEach ($Mailbox in $Mailboxes)
{
$SendAs = Get-ADPermission $Mailbox.DistinguishedName | ? {$_.ExtendedRights -like "Send-As" -and $_.User -notlike "NT AUTHORITY\SELF" -and !$_.IsInherited} | % {$_.User}
$FullAccess = Get-MailboxPermission $Mailbox.Identity | ? {$_.AccessRights -eq "FullAccess" -and !$_.IsInherited} | % {$_.User}
$sendbehalf=Get-Mailbox $Mailbox.Identity | select-object -expand grantsendonbehalfto | select-object -expand rdn | % {$_.User}
if (!$SendAs -and !$FullAccess -and !$sendbehalf){continue}
$Mailbox.DisplayName + "," + $Mailbox.Alias + "," + $Mailbox.primarysmtpaddress + "," + $FullAccess + "," + $SendAs + "," + $sendbehalf | Out-File $OutFile -Append
}
使用Get-Recipient,因为可以将权限授予个人或组。所以,它会是这样的:
Get-ADPermission $Mailbox.Identity | where { ($_.ExtendedRights -like “*Send-As*”) -and ($_.IsInherited -eq $false) -and -not ($_.User -like “NT AUTHORITY\SELF”) } | Select @{n='Identity';e={(Get-Recipient $_.Identity).PrimarySmtpAddress}}