-
Notifications
You must be signed in to change notification settings - Fork 14
/
Copy pathAdd-SharedEmailPermission.psm1
98 lines (70 loc) · 3.79 KB
/
Add-SharedEmailPermission.psm1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
<#
.SYNOPSIS
Add-SharedEmailPermission is a cmdlet created to add a user to a shared mailbox in Office365
.DESCRIPTION
Add-SharedEmailPermission is a cmdlet used to add a user(s) to a shared email in Office365.
This cmdlet will allow piping of a username but does not accept more than one username.
.NOTES
Author: Robert H. Osborne
Alias: tobor
Contact: [email protected]
.LINK
https://osbornepro.com
https://writeups.osbornepro.com
https://btpssecpack.osbornepro.com
https://github.com/tobor88
https://gitlab.com/tobor88
https://www.powershellgallery.com/profiles/tobor
https://www.linkedin.com/in/roberthosborne/
https://www.credly.com/users/roberthosborne/badges
https://www.hackthebox.eu/profile/52286
.EXAMPLE
Add-SharedEmailPermission -Identity <string[] UserPrincipalName> -Mailbox <string[] Shared Email Address> [-SendAs] [-FullAccess] [-Verbose]
.EXAMPLE
Add-SharedEmailPermission -Identity '[email protected]' -Mailbox '[email protected]' -FullAccess -Verbose
This example adds [email protected] to have full access rights on shared mailbox [email protected]
.EXAMPLE
Add-SharedEmailPermission -Identity '[email protected]' -Mailbox '[email protected]' -SendAs -FullAccess -Verbose
This example adds [email protected] to have full access and SendAs rights on shared mailbox [email protected]
.EXAMPLE
Add-SharedEmailPermission -Identity '[email protected]' -Mailbox '[email protected]' -FullAccess
This example adds [email protected] to have full access rights on shared mailbox [email protected]
#>
Function Add-SharedEmailPermission {
[CmdletBinding()]
param(
[Parameter(Mandatory=$True,
Position=0,
ValueFromPipeline=$True,
ValueFromPipelineByPropertyName=$True,
HelpMessage="Enter the user(s) you want to add to a shared mailbox. Separate email addresses with a comma. Example: [email protected], [email protected]")]
[string]$Identity,
[Parameter(Mandatory=$True,
Position=1,
ValueFromPipeline=$True,
ValueFromPipelineByPropertyName=$True,
HelpMessage="Enter the shared mailbox email address. Example: [email protected]")]
[string]$Mailbox,
[Parameter(Mandatory=$False)]
[switch][bool]$SendAs,
[Parameter(Mandatory=$False)]
[switch][bool]$FullAccess) # End param
If (!($SendAs.IsPresent -or $FullAccess.IsPresent)) {
Throw 'Missing Switch Permission'
} # End If
If ((Get-PsSession).ConfigurationName -notlike 'Microsoft.Exchange') {
$Session = New-PSSession -ConfigurationName "Microsoft.Exchange" -ConnectionUri "https://ps.outlook.com/PowerShell-LiveID?PSVersion=5.1.14393.2608" -Credential (Get-Credential -Message "Enter your global admin credentials for Office365. Example: [email protected]") -Authentication "Basic" -AllowRedirection
Import-PSSession -Session $Session -ErrorAction "SilentlyContinue" | Out-Null
} # End If
If ($SendAs.IsPresent) {
Write-Verbose "Adding SendAs Permission to user $Identity for shared mailbox $Mailbox"
Add-RecipientPermission -Identity $Identity -Trustee $Mailbox -AccessRights 'SendAs'
} #End If
If ($FullAccess.IsPresent) {
Write-Verbose "Adding full permissions for $Identity to shared mailbox $Mailbox"
Add-MailboxPermission -Identity $Identity -User $Mailbox -AccessRights 'FullAccess' -InheritanceType 'All'
} # End If
If ((Get-PsSession).ConfigurationName -like 'Microsoft.Exchange') {
Get-PsSession | Where-Object -Property 'ConfigurationName' -like 'Microsoft.Exchange' | Remove-PsSession
} # End If
} # End Function Add-SharedEmailPermission