Forum Discussion

RocknRollTim's avatar
RocknRollTim
Copper Contributor
Jul 29, 2023

Export of shared mailboxes with their mail security groups and their owners

Hi all,

I am needing to generate a list of shared mailboxes with their mail security groups and their owners. I have scouted Google numerous times including asking ChatGPT but this is the closest I could get.

Exporting shared mailboxes, mail security groups, and their owners usually involves using PowerShell in Microsoft Exchange Online or on-premises Exchange servers. Here's a step-by-step guide on how to achieve this:

1. Connect to Exchange Online PowerShell (for Office 365) or Exchange Management Shell (for on-premises Exchange):

  For Exchange Online (Office 365):
  ```powershell
  Connect-ExchangeOnline
  ```

  For on-premises Exchange, open the Exchange Management Shell with administrative privileges.

2. Export shared mailboxes and their owners:

  ```powershell
  $sharedMailboxes = Get-Mailbox -RecipientTypeDetails SharedMailbox

  $mailboxData = foreach ($sharedMailbox in $sharedMailboxes) {
      $mailboxOwners = Get-MailboxPermission -Identity $sharedMailbox.Identity |
                        Where-Object { $_.AccessRights -match "FullAccess" -and !$_.IsInherited } |
                        Select-Object User

      [PSCustomObject]@{
          SharedMailboxName = $sharedMailbox.Name
          SharedMailboxAddress = $sharedMailbox.PrimarySMTPAddress
          Owners = $mailboxOwners.User
      }
  }

  $mailboxData | Export-Csv -Path "C:\Path\To\Export\shared_mailboxes.csv" -NoTypeInformation
  ```

3. Export mail-enabled security groups and their owners:

  ```powershell
  $securityGroups = Get-DistributionGroup -RecipientTypeDetails MailUniversalSecurityGroup

  $groupData = foreach ($securityGroup in $securityGroups) {
      $groupOwners = Get-DistributionGroupOwner -Identity $securityGroup.Identity |
                      Select-Object Name, PrimarySmtpAddress

      [PSCustomObject]@{
          GroupName = $securityGroup.Name
          GroupAddress = $securityGroup.PrimarySMTPAddress
          Owners = $groupOwners.Name -join ';'
          OwnersEmailAddress = $groupOwners.PrimarySmtpAddress -join ';'
      }
  }

  $groupData | Export-Csv -Path "C:\Path\To\Export\mail_security_groups.csv" -NoTypeInformation
  ```

Note: Make sure to replace "C:\Path\To\Export\" with the desired path where you want to save the CSV files. Also, ensure that you have the necessary permissions to run these PowerShell commands and access the required data.

Keep in mind that the exact PowerShell cmdlet names or properties may vary depending on your Exchange version and configuration. If you encounter any issues or need to adapt the script for your specific environment, consult the Microsoft documentation or seek assistance from an Exchange administrator or IT expert.


The issue I am getting with executing the commands from section 1 is the following error Doesn't represent a unique recipient which I get several lines of and fails to generate the report. Does anyone know a better of going about this or to get PowerShell to ignore unique names?

Thanks,

RocknRollTim

  • sjpostsr's avatar
    sjpostsr
    Copper Contributor

    RocknRollTim
    Do you have access to Exchange Online via a browser?
    You may need to change your connect statement to something like:
    Connect-ExchangeOnline -userprincipalname <login>

    If you are dealing with a large number of mailboxes or groups, you may have to change the statement to include -ResultSize Unlimited
    $sharedMailboxes = Get-Mailbox -RecipientTypeDetails SharedMailbox -ResultSize Unlimited
    $securityGroups = Get-DistributionGroup -RecipientTypeDetails MailUniversalSecurityGroup -ResultSize Unlimited


    Otherwise, it may only pull the first 1000 objects and you will not get your complete list

Resources