Script to Export Mailbox Permissions in Exchange Online to CSV

1 min. readlast update: 09.26.2024

This script retrieves all mailboxes in Exchange Online and their respective mailbox permissions. It excludes permissions where the user is "NT AUTHORITY\SELF" and performs a left join on mailbox identity and permissions to create a consolidated list. The script then exports the details—including PrimarySmtpAddress, AccessRights, and User—to a CSV file at a specified path. This is useful for auditing mailbox permissions in Exchange Online.

Here is the script:

$ExportPath = 'C:\Users\xxxxar\Desktop\perm.csv'

$mailboxes = Get-Mailbox -ResultSize unlimited
$MailboxPermission = @()
foreach ($mailbox in $mailboxes) {
    $MailboxPermission += $mailbox | Get-MailboxPermission
}
$param =@{
    LeftObject      = $MailboxPermission | Where-Object user -ne "NT AUTHORITY\SELF" ;
    RightObject     = $mailboxes | Select-Object @{Name="Identity";Expression={$_.Id}},PrimarySmtpAddress ;
    On              = 'Identity' ;
    JoinType        = 'Left' ;
}

$output = Join-Object @param
$output = $output| Select-Object @{N="PermissionNoMailbox";E={$_.PrimarySmtpAddress}},
                                @{N="AccessRights";E={$_.AccessRights | Out-String}},
                                User
$output | Export-Csv -Path $ExportPath -Force

Was this article helpful?