Forum Discussion
Difficult to find which distribution group was assigned to which shared mailbox
VasilMichev, Yes I know this solution but I have a lot of stale delegation groups and need to know exactly which groups are in still used and have function and which not. Maybe I should query the all production shared mailboxes and collects their groups in a csv what you described. After that another script import this csv and would check data and create new csv with the really live shared mailboxes and their groups, thus the rest are the stale.
Well how do you tell which is "live" and which is "stale"?
VasilMichev We have hybrid Exchange and basically used synced AD accounts and synced on-premise distributiongroups (delegation groups) for the shared mailbox setup. When the shared mailbox and its AD account deactivated the associate distribution groups or named delegation groups remained and were not deactivated as the shared mailbox. These delegation groups are what I call or named stale delegation groups and there are hundred.
My basic problem I would need to write a powershell script which one by one goes through the existing synced groups and examines whether there is a corresponding live shared mailbox.
So I would need the complete invers method of the "Get-MailboxPermission "primarysmtpaddress" | where {(($_.IsInherited -eq $false) -and ($_.AccessRights -like "*FullAccess*") -and ($_.User -notlike "NT Authority\SELF") -and ($_.Deny -eq $false))} | select -expand User" and "Get-RecipientPermission "primarysmtpaddress" | where {(($_.IsInherited -eq $false) -and ($_.AccessRights -like "*SendAs*") -and ($_.Trustee -notlike 'NT Authority\SELF') -and ($_.AccessControlType -eq 'Allow'))} | select -expand Trustee" powershell query. Actually I need a powershell query where the input should be the primarysmtp address of the delagation group.