[英]Remove full access permissions of all disabled users on shared mailboxes with exchange management shell
I'm looking for a powershell exchange script to remove Full access permissions of all disabled users on all shared mailboxes in a specific OU. 我正在寻找一个Powershell交换脚本来删除特定OU中所有共享邮箱上所有禁用用户的完全访问权限。
This is what I got so far 这就是我到目前为止
Remove-MailboxPermission -Identity Sharedmailbox -AccessRights Fullaccess -InheritanceType all -user DisabledUser -Confirm:$false | where {$_.UseraccountControl -like "*accountdisabled*"}
Its seems to work but I'm not sure about the last piece of het script if it will check for “accountdisabled” 它似乎有效,但是我不确定最后一个het脚本是否会检查“ accountdisabled”
Then I created a variable so it will check only one specific OU 然后我创建了一个变量,因此它将仅检查一个特定的OU
$ou = Get-ADUser -SearchBase "OU=Functional Mailboxes,OU=Generalaccounts,DC=DOMAIN,DC=COM" -Filter * foreach ($user in $ou)
Remove-MailboxPermission -Identity "$ou" -AccessRights Fullaccess -InheritanceType all -Confirm:$false | where {$_.UseraccountControl -like "*accountdisabled*"}
The script is checking the right OU but I'm still looking for the last part where it will automatically remove full access permissions of the disabled users ONLY. 该脚本正在检查正确的OU,但我仍在寻找最后一部分,它将仅自动删除已禁用用户的完全访问权限。
Can someone show me the way? 有人可以给我指路吗?
Instead of trying to screen for disabled users after removing the mailbox permissions (which is what your Remove-MailboxPermission ... | Where-Object ...
appears to be intended to do - except that the way you wrote it, it's only checking for disabled state after removing the permissions), try selecting for the disabled accounts first , then passing only the disabled accounts to Remove-MailboxPermission
: 删除邮箱权限后,而不是尝试为禁用的用户筛选(这是您的
Remove-MailboxPermission ... | Where-Object ...
似乎要执行的操作-除了编写方式之外,它仅用于检查删除权限后禁用状态),尝试选择了禁用的帐户, 然后再通过只禁用帐户Remove-MailboxPermission
:
Get-ADUser -SearchBase ... -filter {Enabled -eq $false} | Remove-Mailbox ...
(replacing ...
with the appropriate SearchBase or parameters for Remove-Mailbox
, using $_
for the identity of the ADUser whose mailbox permissions you're removing.) (替换
...
用适当的SearchBase或参数Remove-Mailbox
,使用$_
对于其邮箱权限您要移除ADUser便有的身份。)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.