What I would like to do is get a list of all users in exchange and loop through them giving each user full access ("owner") right to every other calendar. So basically I want everyone at the company to have "owner" permission to everyone else.
Here is what I have to far it works fine but I would like this to be automated meaning the "username1" and "username2" to be replaced with active users from my exchange server.
Add-MailboxFolderPermission -Identity "username1":\calendar -user "username2" -AccessRights owner
From my comment on the question.
You have lots of options but you can use
Get-Mailbox | ForEach-Object{Add-MailboxFolderPermission -Identity "username1":\calendar -user $_.SamAccountName -AccessRights owner}
This will grab every mailbox, since no filter is applied, and add the MailboxFolderPermission to those mailboxes.
That should work. Be careful as you are making irreversable changes to everyone.
Related
I'm having difficulties creating a command that generates a new GUID into the user's immutableID field.
The command Set-MsolUser -UserPrincipalName "UPN" -ImmutableID New-GUID seems to just use "New-GUID" as the immutable ID.
Ultimately I'd like to set it to all users so I was thinking something like this:
Get-Msoluser -All | ForEach-Object {set-msoluser -UserPrincipalName $_.UserPrincipalName -ImmutableID New-GUID}
I'm pretty sure I'm missing something that makes the New-GUID run.
Reason I'm doing this is cause O365 doesn't natively have an immutableID so I figured a random GUID would work for federation.
Any help is appreciated.
I have username, and email address.
Couldn’t find a simple command to add sip address in AD attributes.
SIP:emiladdress
Please help
Thanks
You need to get the AD user you want to update then append the ProxyAddresses property (attribute) then set the AD user. I neat and easy way to do this is to use the Active Directory cmdlets instancing feature.
$ADUser = Get-ADUser <UserName> -Properties ProxyAddresses
$ADUser.ProxyAddresses = $ADUser.ProxyAddresses += "sip:user#domain.com"
Set-ADUser -Instance $ADUser
I'm looking to list the authorized senders of a distribution group
here's my code:
(Get-DistributionGroup -Identity "mydistributiongroup").AcceptMessagesOnlyFrom|get-mailcontact|Select-Object -Property DisplayName,Name,PrimarySmtpAddress
problem :
there are exchange mailboxes in my list in addition to external mail
how to modify my code to take into account the mail exchange (get-mailbox instead of get-mail contact) in a smart way and fast
thank you
(Get-DistributionGroup -Identity "mydistributiongroup").AcceptMessagesOnlyFrom |
Get-Recipient |
Select-Object -Property DisplayName,Name,PrimarySmtpAddress
I believe this will do what you want.
I am looking for a clean and simple solution (One-Liner?) to add the well-known domain-group Domain Users to a local group like "Direct Access Users".
The command/script will be executed on a Win10-client.
No additional module like "RSAT-AD-PowerShell" should be used for that.
The code should work regardless of OS-language.
I used the following code to add the "Authenticated Users" (= Well-known-SID S-1-5-11) to the local group:
Add-LocalGroupMember -Group "Direct Access Users" -Member S-1-5-11 -Verbose
This works fine, because the SID is static, but the SID for "Domain Users" looks like this S-1-5-21Domain-513 and I want to get the domain-SID dynamic too.
Thank you
I don't see any short way of doing this -- as in, something that will fit in one line "naturally" (you can always just smoosh it together if you really want to, of course). The difficult part seems to be getting the domain SID; once you have that, constructing the well-known SID of the Domain Users group is simple enough. The below uses the computer account to do that; the code could be abbreviated if you were allowed to assume a domain user is running this.
$qualifiedComputerName = [DirectoryServices.ActiveDirectory.Domain]::GetComputerDomain().Name + "\" + [Environment]::MachineName + "$"
$computerAccount = [Security.Principal.NTAccount]::new($qualifiedComputerName)
$domainSid = $computerAccount.Translate([Security.Principal.SecurityIdentifier]).AccountDomainSid
$domainUsersSid = [Security.Principal.SecurityIdentifier]::new("AccountDomainUsersSid", $domainSid).Value
Add-LocalGroupMember -Group "Direct Access Users" -Member $domainUsersSid -Verbose
Grab the domain SID from the dNC root:
$RootDSE = [adsi]"LDAP://RootDSE"
$dNC = [adsi]"LDAP://$($RootDSE.defaultNamingContext)"
$domainSID = [System.Security.Principal.SecurityIdentifier]::new($dNC.Properties['objectSID'].Value, 0)
$domainUsers = [System.Security.Principal.SecurityIdentifier]::new('AccountDomainUsersSid', $domainSID)
Add-LocalGroupMember -Group "Direct Access Users" -Member $domainUsers.Value
I am currently trying to create an Active Directory contact object in a specific OU in our Active Directory. I am not looking at using Exchange PowerShell. I would like to do this via normal PowerShell directly in to AD.
I have looked online and found that I can create a contact using the below command, this creates it in a specific OU.
New-ADObject -Name SaraDavisSGTContact3 -Type contact -Path "OU=SGTestOU,OU=Contacts,DC=example,DC=Example,DC=local"
How would I also get it to add other attributes such as mail (email address), first name, surname, etc.? I tried -Mail example.com, etc., but this didn't work.
Please bear in mind I will eventually try and get this to read from a CSV to do in bulk, so the simplier the code the better.
Use the -OtherAttributes Parameter to add additional attributes.
See New-ADObject MSDN Documentation
New-ADObject -name SaraDavisSGTContact3 -Type Contact -path "OU=SGTestOU,OU=Contacts,DC=example,DC=Example,DC=local" -OtherAttributes #{
'mail'="sara#gmail.com";
'proxyAddresses'="sara#gmail.com";
'givenName'="Sara";
'sn'="Davis";
'displayname'="Sara Davis"
}