Please Read: Significant Update Planned, Migrating Forum Software This Month

See more
See less

Ex2010 SP2 Automapping ‘feature’ (thanks MS)

  • Filter
  • Time
  • Show
Clear All
new posts

  • Ex2010 SP2 Automapping ‘feature’ (thanks MS)

    With my recent implementation of Office 2010 I have been inundated with users complaining because all of the mailboxes that they have full access to have suddenly popped up in their Outlook 2010. Now I have been instructed to remove these mailboxes and allow people to add them on their own.

    I know that the issue is because of the Exchange 2010 automapping. However, I have hundreds of mailboxes and the only way to remove the automapped feature is on a per user, per mailbox level – and it has to be done in the command line. At a rough estimate that would be thousands of commands to run.

    So, I built up a quick test environment and started messing around with powershell scripting to try and automate this. I’m missing something because every time I run this script it removes and deletes the Full Access permissions for every manually added user from every mailbox. I only want it to set the Automapping parameter to false for every user whose Full Access permissions are not inherited. Maybe a different set of eyes can see the error -

    $damnautomap = Get-Mailbox | Get-MailboxPermission | where {$_.AccessRights -eq "FullAccess" -and $_.IsInherited -eq $false}
    $damnautomap | Remove-MailboxPermission
    $damnautomap | ForEach {Add-MailboxPermission -Identity $_.Identity -User $_.User -AccessRights:FullAccess -AutoMapping $false}

    Thanks for any advice!

  • #2
    Re: Ex2010 SP2 Automapping ‘feature’ (thanks MS)

    Well, I spent a whole day on this before I posted here and then found the answer myself this afternoon. Here's the skinny....

    I re-wrote the script and ran it against my test environment and then against a test OU in my production environment. This will remove the automapping feature of Exchange 2010 from each account that has been given Full Access to another mailbox. And, for tracking purposes, I added a CSV output so I can see exactly what was changed.

    $damnautomap = Get-Mailbox | Get-MailboxPermission | where { $_.AccessRights -eq "FullAccess" -and $_.IsInherited -eq $false }
    $damnautomap | ForEach {Add-MailboxPermission -Identity $_.Identity -User $_.User -AccessRight FullAccess -AutoMapping $false} | Export-Csv C:\automap_remove.csv

    You can add this to the first line of the script after Get-Mailbox if you only want to run the it against a specific OU -

    | where { $_.OrganizationalUnit -eq “domain.local/Test” }

    I hope someone else can use this info...


    • #3
      Re: Ex2010 SP2 Automapping ‘feature’ (thanks MS)

      Thanks for this!

      Please read this before you post:

      Quis custodiet ipsos custodes?