powershell - 结合 PowerShell 脚本列出 MailboxName、PrimarySMTPAddress、Who Got Access、AccessPermissions 和 SizeInMB
问题描述
我想修改一个 PowerShell 脚本以导出具有除用户本身以外的多个人的完全代表访问权限的 UserMailbox 列表。
下面的脚本以某种方式返回结果:
Get-Mailbox -ResultSize Unlimited -RecipientTypeDetails UserMailbox |
Get-MailboxPermission |
Where-Object { ($_.AccessRights -like "*FullAccess*") -and
(-not $_.IsInherited) -and
($_.User -ne "NT AUTHORITY\SELF") -and
($_.User -notlike '*Discovery Management*') } |
Select @{Name="User Name";expression={(Get-Recipient $_.User.tostring()).displayname}},
Identity,
@{Name='Access Rights';Expression={[string]::join(', ', $_.AccessRights)}},
@{Name="PrimarySMTPAddress";expression={(Get-Recipient $_.User).PrimarySMTPAddress}} |
Export-Csv -path C:\EE\Results.csv -NoTypeInformation
和
$filter = '(Enabled -eq $false) -and (msExchRecipientTypeDetails -ne 4) -and (homeMDB -ne "$null")'
$properties = @('homeMDB', 'mailNickName', 'mail', 'DisplayName', 'SamAccountName', 'ProxyAddresses')
Get-ADUser -Filter $filter -Properties $properties |
ForEach-Object {
$stat = Get-MailboxStatistics $_.SamAccountName
$smtpAddresses = ($_.ProxyAddresses | Where-Object {$_ -like "*smtp:*" }) -replace 'smtp:'
New-Object -TypeName PSObject -Property ([ordered]@{
DisplayName = $_.DisplayName
mailNickName = $_.mailNickName
SamAccountName = $_.SamAccountName
mail = $_.mail
ProxyAddresses = $smtpAddresses -join ';'
HomeMDB = $_.homeMDB.Split(',=')[1]
MBytes = $stat.TotalItemSize.Value.ToMB()
LastLogonTime = $stat.LastLogonTime
LastLoggedOnUserAccount = $stat.SamAccountName
DisconnectDate = $stat.DisconnectDate
})
} |
Sort-Object MBytes -Descending |
Export-Csv C:\EE\Results.csv -NoTypeInformation
但我需要一些帮助来修改其他列,以便它显示:
具有多个完全代理访问权限的用户邮箱:此列将显示多个用户访问的邮箱的显示名称。(仅显示名称)
Primary SMTP Address:此列将显示第一列的 PrimarySMTPAddress(身份)或第一列中邮箱的电子邮件地址。
谁获得了访问权限:此列显示拥有 UserMailbox(显示名称)的人员的用户名。
访问权限:显示代表的访问权限。[这已经是正确的]
以 MB 为单位的大小:此列将在第 1 列中显示邮箱的大小(以兆字节为单位)。
解决方案
我认为这可能会让你继续前进:
$filter = '(Enabled -eq $false) -and (msExchRecipientTypeDetails -ne 4) -and (homeMDB -ne "$null")'
$properties = @('homeMDB', 'mailNickName', 'mail', 'DisplayName', 'SamAccountName', 'ProxyAddresses')
Get-ADUser -Filter $filter -Properties $properties |
ForEach-Object {
$stat = Get-MailboxStatistics $_.SamAccountName
$smtpAddresses = ($_.ProxyAddresses | Where-Object {$_ -match "^smtp:" }) -replace 'smtp:', ''
# Normally, the 'mail' attribute of a user is set to be the Primary email address, but
# this need not be the case, as Exchange uses the ProxyAddresses attribute.
# The PrimarySMTPAddress can be extracted from the ProxyAddresses with:
$primarySmtpAddress = ($_.ProxyAddresses | Where-Object {$_ -cmatch "^SMTP:" }) -replace 'SMTP:', ''
# or by using the EmailAddress property from the user object.
# You will then need to add 'EmailAddress' to the '$properties' array above
# $primarySmtpAddress = $_.EmailAddress
# See if there are delegate users and what access rights they have
$delegates = @(Get-MailboxPermission -Identity $primarySmtpAddress |
Where-Object { ($_.AccessRights -like "*FullAccess*") -and
(-not $_.IsInherited) -and
($_.User -ne "NT AUTHORITY\SELF") -and
($_.User -notlike '*Discovery Management*') } |
Select-Object @{Name='Delegate'; Expression={(Get-Recipient $_.User.toString()).DisplayName}},
@{Name='AccessRights';Expression={$_.AccessRights -join ', '}})
##############################################################################
# The resulting $delegates is an array, so if you want to only get output for
# mailboxes that actually HAVE delegate users, you can uncomment the next line
##############################################################################
# if ($delegates.Count -eq 0) { continue }
# this can become a LONG column if you want to see the accessrights per user..
$access = $delegates | ForEach-Object { "{0} ({1})" -f $_.Delegate, ($_.AccessRights -join ', ') }
New-Object -TypeName PSObject -Property ([ordered]@{
DisplayName = $_.DisplayName
mailNickName = $_.mailNickName
SamAccountName = $_.SamAccountName
mail = $_.mail
PrimarySMTPAddress = $primarySmtpAddress
ProxyAddresses = $smtpAddresses -join ';'
HomeMDB = $_.homeMDB.Split(',=')[1]
MBytes = $stat.TotalItemSize.Value.ToMB()
LastLogonTime = $stat.LastLogonTime
LastLoggedOnUserAccount = $stat.SamAccountName
DisconnectDate = $stat.DisconnectDate
Delegates = $delegates.Delegate -join ', '
AccessRights = $access -join ', '
})
} |
Sort-Object MBytes -Descending |
Export-Csv C:\EE\Results.csv -NoTypeInformation
推荐阅读
- python - django.template.loaders.app_directories.Loader 不会在 installed_apps 中搜索模板
- assembly - 在原生 RISC-V 上构建我的汇编程序
- c - bash 直接执行溢出的字符
- c - CRC-16 输出消息检查
- html - 反应中单个页面的CSS正文
- html - 边框和填充背景图像或颜色的内容之间不需要的空间
- javascript - 当同时打开 2 个不同 HTML 的选项卡时,onClick 不起作用,但在关闭一个选项卡时它起作用
- c - 我应该将在多个结构上运行的过程放在哪里?
- php - WordPress 图片上传无法正常工作
- git - 是否可以内联 git 子模块的内容?