[EX10] Check Send-As Permissions

Finding all users who have Send-As :

Get-Mailbox -Resultsize Unlimited | Get-ADPermission | ? {($_.ExtendedRights -like "*send-as*") -and -not
($_.User -like "nt authorityself")} | ft Identity, User -auto

Find out who a particular user can Send-As:

Get-Mailbox -Resultsize Unlimited | Get-ADPermission | ? {($_.ExtendedRights -like "*send-as*") -and -not
($_.User -like "nt authorityself") -and ($_.User -like "DOMAINUsernameUwantToFind")} | ft Identity, User -auto

Find all users who have Full Access to the mailbox of others:

Get-Mailbox -ResultSize Unlimited | Get-MailboxPermission | ? {($_.AccessRights -match "FullAccess") -and 
not ($_.User -like "NT AUTHORITYSELF")} | ft Identity, User

Add Full Access without Auto-Mapping:

Add-MailboxPermission -Identity JeroenC -User 'Mark Steele' -AccessRight FullAccess -InheritanceType All -Automapping $false


"This example removes auto-mapping on an existing shared mailbox and removes the auto-mapping behavior for users who have already been granted Full Access permissions."

$FixAutoMapping = Get-MailboxPermission sharedmailbox |where {$_.AccessRights -eq "FullAccess" -and $_.IsInherited -eq $false}
$FixAutoMapping | Remove-MailboxPermission
$FixAutoMapping | ForEach {Add-MailboxPermission -Identity $_.Identity -User $_.User -AccessRights:FullAccess -AutoMapping $false}