Powershell remove SIDs from mailboxes
Hi
I have a number of mailboxes that have SIDs remaining for delete user accounts, using the remove-mailboxpermission against the SID isnt going to work as it cant resolve a username, any ideas how to clean this mess up?
Thanks
August 16th, 2011 11:56am
This did it for me.
Remove-MailboxPermission -User S-1-5-21-202902358-547437371-2644679952-3366 -Identity mailboxname -AccessRights FullAcess
what vesion of Exchange do you have?
lasse at humandata dot se, http://anewmessagehasarrived.blogspot.com
Free Windows Admin Tool Kit Click here and download it now
August 16th, 2011 12:28pm
HI we are running 2007, this issue I have is that i have about 700 mailboxes to remove various SIDs from.
In the code I am listing get-mailboxpermission , if a users match "s-1-5-21-" remove that user
[string]::Join(',',("Mailbox,SID")) > C:\rights.csv
$res = Get-Mailbox -ResultSize unlimited
foreach ($mb in $res){
$name = $mb.name
$mm = Get-MailboxPermission $mb.name |?{($_.User -ne "NT Authority")-and ($_.isinherited -eq $false) }
foreach ($User in $mm)
{
if ($user -match "S-1-5-21")
{
$UsrName = $mb.Name
$SID = $User.User
Remove-MailboxPermission -Identity $sid -AccessRights FullAccess -WhatIf
[string]::Join(",",($usrname,$sid)) >> C:\rights.csv
}
}}
____________________________
Then i get the error
Remove-MailboxPermission : Cannot bind parameter 'Identity'. Cannot convert the "S-1-5-21-11111111-111111111-11111111-6509" value of type "Microsoft.Exchange.Configuration.Tasks
.SecurityPrincipalIdParameter" to type "Microsoft.Exchange.Configuration.Tasks.MailboxIdParameter".
August 16th, 2011 12:49pm
Go figure
I had the syntax wrong
Remove-MailboxPermission -user $sid -identity $username -AccessRights FullAccess -WhatIf
cheers
Free Windows Admin Tool Kit Click here and download it now
August 16th, 2011 12:54pm