Determine the Management Roles and Commands a user can run in Exchange PowerShell

Scenario –  You want to see what Management Roles and Commands a user can run from Exchange PowerShell

Scriptlet:

#Determine management role assignments for an account
    $1= Get-ManagementRoleAssignment -RoleAssignee <username>
    $1 | Select Role

#Determine what commands are associated with that account
#For a Single Role
Get-ManagementRole Monitoring | FL
    Get-ManagementRole Monitoring | Select -ExpandProperty RoleEntries | Select Name
    Get-ManagementRole Monitoring | Select -ExpandProperty RoleEntries |Sort Name | Select name

#For Multiple Roles from $1
$Roles = @()
    $1.role.name | %{
        $n = $_
        $temp = Get-managementrole $n | Select -ExpandProperty RoleEntries |Sort Name | Select -expandproperty name    

        $temp | %{
            $c = $_
            $ServerObj = New-Object PSObject
            $ServerObj | Add-Member NoteProperty -Name “ManagementRole” -value $n
            $ServerObj | Add-member NoteProperty -Name “Command” -Value $c
            $Roles += $ServerObj
        }

       $n = $null
        $c = $null
    }

#Display $roles
    $roles | Sort Command | Select Command, ManagementRole

 

Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: