Hi all,
i know this is a long shot,but i still belive in Santa.Here is our situation.
We grant our users access to Shared mailboxes by joining them to a security group (mail enabled) that starts with RG-XXX.
Then i ran following command to list all users that are not member of a group starting with RG:
$groups = Get-ADGroup -Filter {(name -like "*RG-Full*") -or (name -like "*RG-SEND*") -or (name -like "*RG-OS*")} | Select -ExpandProperty DistinguishedName
foreach ($group in $groups){ $ADUsers = $ADUsers | Where-Object { $_.MemberOf -notcontains $group } }
$FilteredUsers = $ADUsers
$FilteredUsers | Export-Csv C:\temp\file.csv
This worked great and i got a list of people that is not member of these groups.Problem is that some users are granted permission directly to the shared mailbox.This means that some people on the list still have access to a shared mailbox.
Question is,can i use this list (.csv file containing alias) and run another check to see if they have been granted access to any shared mailbox?
Thanks!
Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2work