There may be times where you may need to grant an IT administrator or other employees access to another user’s mailbox.
Below I will demonstrate how to:
Below I will demonstrate how to:
- Grant an Admin access to a single mailbox
- Grant an Admin access to all mailboxes
- Revoke the above permissions (recommended cause of action after the Administrator has finished his/her tasks)
- First make sure you have the remote signed execution policy set to true. You can do this by running PowerShell in admin mode and running: Set-ExecutionPolicy RemoteSigned
- Next, run the following to authenticate your self and import PowerShell commands to your local session:
$LiveCred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange-ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection
Import-PSSession $Session
Grant an Admin access to a single mailbox
Add-MailboxPermission user@domain.com -User admin@domain.com -AccessRights FullAccess -InheritanceType All
Grant an Admin access to all mailboxes
Get-Mailbox -ResultSize unlimited -Filter {(RecipientTypeDetails -eq 'UserMailbox') -and (Alias -ne 'Admin')} | Add-MailboxPermission -Useradmin@domain.com-AccessRights fullaccess -InheritanceType all
Revoke the above permissions
- If you want to revoke permissions after granting them, simply replace the ‘Add-MailboxPermission‘ with ‘Remove-MailboxPermission‘
followed by the original command you entered to grant the permissions.
For example, to grant admin@example.com full access to user@example.com,
you would enter the command:
Add-MailboxPermission user@example.com -User admin@example.com -AccessRights FullAccess -InheritanceType All
- To revoke admin@example.com from viewing user@example.com, you would enter the command:
Remove-MailboxPermission user@example.com -User admin@example.com -AccessRights FullAccess -InheritanceType All
-AutoMapping $false
No comments:
Post a Comment