Delegate management module updated

The module has been updated to version 1.5.1. This version adds automatic support for localization of the Sent Items and Deleted Items folders. If the display name of those folders in the owner’s mailbox is not in English, the localized display name of the folder will be used when getting, setting, or removing delegates.

I have also added permission validation to the owner’s mailbox for the person executing a cmdlet. When using impersonation, if you don’t have permission to a mailbox Exchange responds with an error indicating as much. But if using full access, Exchange doesn’t respond with such an error, just failing on whatever request is being made. Usually when permission is the issue, the error contains “The specified object was not found in the store,” so the module checks for that error, informs you that it appears you don’t have permission, and then gracefully aborts the cmdlet.

Download the updated module and overwrite your existing copy.  If you were already using v1.5.0, keep your existing settings file so your specific settings remain.

  DelegateManagement.zip (9.2 KiB)

2 thoughts on “Delegate management module updated

  1. Hi Scott… the DelegateManagement module looks great… and just what I need to give c. 17 users access (to view items marked as Private) in c. 8 Shared Mailboxes but sadly I’ve got a small problem running it.

    I’m starting off with a simple ‘Get-MailboxDelegate’ for a mailbox which I know has Delegates and the script is reporting ‘ has no delegates’.

    I’m running this against a 3 month old Office 365 Tenant. I’m tried using Impersonation and not (and I’m using a user with appropriate rights – they’re a member of the ‘Discovery Management’ Admin Role). I have EWS Managed API 2.2 installed (maybe this is too new??). I’ve obviously allowed execution of non-digitally signed scripts etc.

    I think I’ve read through everything you’ve written and all forum comments/posts about the module and can’t see anything that explains it. Any ideas what’s up?

    Kind regards,

    James

  2. Being a member of the Discovery Management role group does not grant permission to any mailboxes. (It allows you to search mailboxes through eDiscovery, but you’re never connecting first-hand to a mailbox.) You need to be granted either Full Access permission directly to the mailbox (Add-MailboxPermission) or be granted the ApplicationImpersonation role with a management scope that includes the mailbox (which is the default when you create a role assignment).

Leave a Reply

Your email address will not be published. Required fields are marked *

*