PowerShell Docs

Appearance

Remove-MailboxDelegation

Exchange Online: Removes mailbox delegations

Script
#Requires -Version 5.1

[CmdletBinding()]
Param(
    [Parameter(Mandatory = $true)]
    [string]$MailboxId,
    [string[]]$SendAsTrustees,
    [string[]]$SendOnBehalfTrustees,
    [string[]]$FullAccessTrustees
)

Process {
    try {
        $output = New-Object System.Collections.Generic.Queue[string]
        [hashtable]$cmdArgs = @{ErrorAction = 'Stop'; Identity = $MailboxId; Confirm = $false}

        if ($PSBoundParameters.ContainsKey('SendAsTrustees')) {
            foreach ($item in $SendAsTrustees) {
                $null = Remove-RecipientPermission @cmdArgs -AccessRights SendAs -Trustee $item
            }
            $output.Enqueue('Send As')
            $output.Enqueue('---------------')
            $tmp = Get-RecipientPermission -Identity $MailboxId -ErrorAction Stop | Select-Object *
            foreach ($item in $tmp) {
                $output.Enqueue($item.Trustee)
            }
            $output.Enqueue(' ')
        }

        if ($PSBoundParameters.ContainsKey('SendOnBehalfTrustees')) {
            $null = Set-Mailbox @cmdArgs -GrantSendOnBehalfTo @{Remove = $SendOnBehalfTrustees} -Force
            $output.Enqueue('Send On Behalf')
            $output.Enqueue('---------------')
            $tmp = Get-Mailbox -Identity $MailboxId -ErrorAction Stop | Select-Object -ExpandProperty GrantSendOnBehalfTo
            foreach ($item in $tmp) {
                $output.Enqueue($item)
            }
            $output.Enqueue(' ')
        }

        if ($PSBoundParameters.ContainsKey('FullAccessTrustees')) {
            foreach ($item in $FullAccessTrustees) {
                $null = Remove-MailboxPermission @cmdArgs -User $item -AccessRights FullAccess -InheritanceType All
            }
            $output.Enqueue('Full Access')
            $output.Enqueue('---------------')
            $tmp = Get-MailboxPermission -Identity $MailboxId -ErrorAction Stop | Select-Object *
            foreach ($item in $tmp) {
                $output.Enqueue($item.User)
            }
        }

        [PSCustomObject]@{
            Timestamp = Get-Date -Format "yyyy-MM-dd HH:mm:ss"
            Result    = $output.ToArray()
        }
    }
    catch { throw }
}
Customize

Alias, Display name, Distinguished name, SamAccountName, Guid or user principal name of the mailbox

Users or groups from which to remove SendAs permission (Name, Guid or UPN)

Users or groups from which to remove SendOnBehalf permission (Name, Guid or UPN)

Users or groups from which to remove FullAccess permission (Name, Guid or UPN)

An interactive directory of PowerShell scripts.

MIT License