Grant access (Delegate) to all mailboxes for admins : CYP Support Portal

Pre-Requisite.

Install-Module -Name ExchangeOnlineManagement

---------------------------------------------Start Code-----------------------------------------------------------------

# Import the module

Import-Module ExchangeOnlineManagement

# Connect to Exchange Online

Connect-ExchangeOnline -LoadCmdletHelp

# Prompt for admin email address

do {

$adminEmail = Read-Host "Enter the admin's email address"

if (-not ($adminEmail -match "^[\w-\.]+@([\w-]+\.)+[\w-]{2,4}$")) {

Write-Host "Invalid email format. Please enter a valid email address." -ForegroundColor Red

}

} while (-not ($adminEmail -match "^[\w-\.]+@([\w-]+\.)+[\w-]{2,4}$"))

# Ask for exclusions

Write-Host "`nExclusion options:"

Write-Host "1. Exclude specific email addresses"

Write-Host "2. Exclude mailboxes containing specific words"

Write-Host "3. No exclusions"

$exclusionChoice = Read-Host "Choose an exclusion option (1-3)"

$excludeList = @()

switch ($exclusionChoice) {

"1" {

do {

$excludeEmail = Read-Host "Enter email address to exclude (or press Enter to finish)"

if ($excludeEmail -ne "") {

$excludeList += $excludeEmail

}

} while ($excludeEmail -ne "")

}

"2" {

$excludePattern = Read-Host "Enter text pattern to exclude (e.g., 'CEO' will exclude any mailbox with 'CEO' in the address)"

$excludeList += $excludePattern

}

"3" {

# No exclusions

}

# Get all mailboxes

$mailboxes = Get-EXOMailbox -ResultSize Unlimited

# Filter mailboxes based on exclusions

if ($exclusionChoice -eq "1") {

$mailboxes = $mailboxes | Where-Object {$_.UserPrincipalName -notin $excludeList}

} elseif ($exclusionChoice -eq "2") {

$mailboxes = $mailboxes | Where-Object {$_.UserPrincipalName -notmatch $excludeList[0]}

}

# Show summary before proceeding

Write-Host "`nSummary:"

Write-Host "Admin to receive access: $adminEmail"

Write-Host "Total mailboxes to process: $($mailboxes.Count)"

if ($excludeList.Count -gt 0) {

Write-Host "Excluded from processing: $($excludeList -join ', ')"

}

# Confirm before proceeding

$confirm = Read-Host "`nReady to grant full mailbox access to $adminEmail for the above mailboxes. Continue? (Y/N)"

if ($confirm -ne "Y") {

Write-Host "Operation cancelled." -ForegroundColor Yellow

exit

}

# Grant full access permissions for each mailbox

foreach ($mailbox in $mailboxes) {

try {

# Using the V3 module cmdlet

Add-MailboxPermission -Identity $mailbox.Identity -User $adminEmail -AccessRights FullAccess -InheritanceType All -AutoMapping $false -ErrorAction Stop

Write-Host "Successfully granted access to mailbox: $($mailbox.UserPrincipalName)" -ForegroundColor Green

}

catch {

Write-Host "Error granting access to mailbox $($mailbox.UserPrincipalName): $($_.Exception.Message)" -ForegroundColor Red

}

# Verify permissions

Write-Host "`nVerifying permissions..." -ForegroundColor Yellow

foreach ($mailbox in $mailboxes) {

Get-EXOMailboxPermission -Identity $mailbox.Identity | Where-Object {$_.User -like "*$adminEmail*"}

}

Write-Host "`nProcess completed. Please verify the permissions above." -ForegroundColor Yellow

# Disconnect from Exchange Online

Disconnect-ExchangeOnline -Confirm:$false

----------------------------------------------------------END------------------------------------------------------------------

CYP Support Portal

How can we help you today?

Grant access (Delegate) to all mailboxes for admins Print

How can we help you today?

Grant access (Delegate) to all mailboxes for admins Print

Related Articles