Home

Grant Permissions to Modify Delegates in Resource Forest

  Tags:

With the resource forest model, we need to grant permissions to the client's logon (authentication account) so that they can modify their own delegates. This script takes both a command-line option, or will request one if the cmd-line option is not populated.

It grants the WriteProperty and SendAs which I believe is unnecessary for delegates, but resolved other problems I was having in the environment.

do {
if ($Args.count -ne 0) {
        $userAlias = $Args[0]
        $args = $null
} else {
        $UserAlias = Read-Host "Who do you want to add modify Delegate rights to"
}
$MAS = get-mailbox $useralias
} While ($mas -eq $null -and $UserALias -ne "")

$AEA = $MAS.LinkedMasterAccount
Get-Mailbox $useralias | Add-ADPermission -User $AEA -AccessRights WriteProperty #-Properties:"personal information"
Get-Mailbox $useralias | Add-ADPermission -User $AEA -ExtendedRights Send-As
Get-Mailbox $useralias | Add-MailboxPermission -User $AEA -AccessRights SendAs

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <blockquote> <center> <hr> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <img>
  • Lines and paragraphs break automatically.
  • Web page addresses and e-mail addresses turn into links automatically.
  • You can enable syntax highlighting of source code with the following tags: <code>, <blockcode>, <drupal6>, <html>, <java>, <javascript>, <php>, <posh>.

More information about formatting options

Type the characters you see in this picture. (verify using audio)
Type the characters you see in the picture above; if you can't read them, submit the form and a new image will be generated. Not case sensitive.