Script to Export Mailbox Permissions in Exchange Online to CSV

This script retrieves all mailboxes in Exchange Online and their respective mailbox permissions. It excludes permissions where the user is "NT AUTHORITY\SELF" and performs a left join on mailbox identity and permissions to create a consolidated list. The script then exports the details—including PrimarySmtpAddress, AccessRights, and User—to a CSV file at a specified path. This is useful for auditing mailbox permissions in Exchange Online.

Here is the script:

$ExportPath = 'C:\Users\xxxxar\Desktop\perm.csv'

$mailboxes = Get-Mailbox -ResultSize unlimited
$MailboxPermission = @()
foreach ($mailbox in $mailboxes) {
    $MailboxPermission += $mailbox | Get-MailboxPermission
}
$param =@{
    LeftObject      = $MailboxPermission | Where-Object user -ne "NT AUTHORITY\SELF" ;
    RightObject     = $mailboxes | Select-Object @{Name="Identity";Expression={$_.Id}},PrimarySmtpAddress ;
    On              = 'Identity' ;
    JoinType        = 'Left' ;
}

$output = Join-Object @param
$output = $output| Select-Object @{N="PermissionNoMailbox";E={$_.PrimarySmtpAddress}},
                                @{N="AccessRights";E={$_.AccessRights | Out-String}},
                                User
$output | Export-Csv -Path $ExportPath -Force