Articles in the "Mailbox Delegate Management" series
- Super duper delegate retrieval script
- PowerShell module for managing Exchange mailbox delegates
- Small update to delegate management module
- Delegate management module updated to v1.3.5
- Delegate management module updated to support Exchange Online [This article]
- Delegate management module updated to v1.4.5
- Delegate management module updated to 1.4.6
- Delegate management module updated to v1.5.0
- Delegate management module updated
The module for managing Exchange mailbox delegates has been updated with support for Exchange Online. In its current version (v1.4) you can use one mode or the other. The default mode is on-premises, but you can change this on demand to use Exchange Online by using Set-DelegateMananagementMode, a new cmdlet added in this version. If you change it on demand, you will be prompted for your Office 365 credentials. If you will be exclusively working with Exchange Online, you can change the line near the top of the module to default to using that method. In that case, you will be prompted for credentials the first time you run a cmdlet.
It is my intention to update the module to support a hybrid environment, but I first need to set up one in my lab in order to test it.
Doesn’t work for me on EOL. Error messages given:
Exception calling “GetDelegates” with “2” argument(s): “The specified object was not found in the store.”
At C:\Windows\system32\WindowsPowerShell\v1.0\Modules\DelegateManagement\DelegateManagement.psm1:772 char:4
+ $currentDelegates = $exchangeService.GetDelegates($EWSMailbox,$true)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : ServiceResponseException
Exception calling “Translate” with “1” argument(s): “Some or all identity references could not be translated.”
At C:\Windows\system32\WindowsPowerShell\v1.0\Modules\DelegateManagement\DelegateManagement.psm1:199 char:3
+ $aSID += $adUser.Translate([System.Security.Principal.SecurityIdentifier]).Val …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : IdentityNotMappedException
I may not be remembering correctly, but I think that error can happen when you don’t have the necessary permission to the mailbox. To test, try it against your own mailbox (assuming the account you are using to authenticate is the one for your mailbox). I will do some testing to see what error I get when querying a mailbox that I don’t have full access to.
Doesnt work for me on EOL. First error I get using Get-MailboxDelegate
FException calling “AutodiscoverUrl” with “2” argument(s): “The Autodiscover service couldn’t be located.”
At C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\DelegateManagement\DelegateManagement.psm1:175 char:2
+ $exchangeService.AutodiscoverUrl($smtpAddress, {$true})
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : AutodiscoverLocalException
I discovered a mistake in variable naming when I changed how the module detects if it is in online or on-premises mode. I have fixed that and updated the download. Try again.
I am trying to run the latest scrip and I am getting stuck here:
cmdlet Write-Progress at command pipeline position 1
Supply values for the following parameters:
(Type !? for Help.)
Status:
Hello – First of all this is a great tool, very useful in the day job so thanks for that.
I’ve noticed a weird thing where no output is produced for some users. The progress indicator whizzes along as usual and no errors are surfaced, just no output.
I haven’t spotted any obvious differences in permissions, i.e. the AD object has inherited permissions. All the usual groups have Full Access Permission for the problematic mailbox etc, just no output.
Would appreciate any help with this. Thanks.
See anonymized example below…
Person1 produces no output
Person2 delegates are shown [ok]
Person3 reports no delegates [ok]
Person4 does not exist [ok]
[PS] C:\Windows\system32>get-mailboxdelegate person1
[PS] C:\Windows\system32>get-mailboxdelegate person2
Owner : Firstname1 Secondname1
Delegate : Firstname2 Secondname2
MeetingHandling : NoForward
FMA : False
SendAs :
Calendar : Editor
Inbox : Editor
Contacts : None
Tasks : Editor
DeletedItems : None
SentItems : None
ReceiveMeetings : False
ViewPrivate : True
Error :
ErrorNote :
[PS] C:\Windows\system32>get-mailboxdelegate person3
Firstname3 Secondname3 has no delegates.
[PS] C:\Windows\system32>get-mailboxdelegate person4
Find-Mailbox : A mailbox cannot be found that matches the input string person4.
At C:\Windows\system32\WindowsPowerShell\v1.0\Modules\DelegateManagement\DelegateManagement.psm1:732 char:26
+ $mbOwner = Find-Mailbox <<<< $Identity
+ CategoryInfo : ObjectNotFound: (:) [Write-Error], WriteErrorException
+ FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Find-Mailbox
Howdy,
I’m not able to get past a non-existent user. If I run this:
get-mailbox -ResultSize Unlimited | foreach {gmd -identity $_.Alias}
I get:
Find-Mailbox: A mailbox cannot be found that matches the input string BESAdmin.
In this instance “BESAdmin” is a service account.
Is it possible to run the script and skip non-existent mailboxes, or continue after errors?
Cheers,
Eric