Office 365: Give User Access to Another Mailbox Cmdlet

Users can access another mailbox within the same Office 365 Exchange Online domain –
Administrators execute the following as a cmdlet or paste into powershell command line:

Set-ExecutionPolicy RemoteSigned
$Credential = Get-Credential

$PSSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $Credential -Authentication Basic -AllowRedirection

Import-PSSession $PSSession

$mailboxAccess = read-host "Which mailbox do you want to give full access to?"
$mailboxUser = read-host "Which user do you want to give access to $mailboxAccess to (give full email address)?"

Add-MailboxPermission $mailboxAccess -User $mailboxUser -AccessRights FullAccess -InheritanceType All

  1. Provide admin authentication for access to Office 365 account
  2. Establish connection with the outlook.com powershell platform
  3. Get office 365 powershell api commands
  4. Setup user input prompts
  5. Call the powershell api that modifies mailbox permissions passing the user provided details

Usage:

  • Caveat: Will only work if Powershell is installed locally
  • Save the code in a file with the extension '.ps1' e.g. 'give_access.ps1'
  • The file is now a powershell cmdlet
  • Double-click/run the cmdlet
  • Enter email addresses at the prompts- 1. The mailbox you are providing access to 2. The user you are permitting

If an error is thrown:

Set-ExecutionPolicy : Access to the registry key ‘HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell’ is denied.
+ Set-ExecutionPolicy  <<<< RemoteSigned

then hack the registry:

  1. HKLM\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell
  2. If does not exist then create new key:
      Type: REG_SZ
      Name: "ExecutionPolicy"
      value: "RemoteSigned"

If you need to change “ExecutionPolicy” in the future return to this registry key and set the value as desired:

  • Restricted
  • AllSigned
  • RemoteSigned
  • Unrestricted

5 Responses to Office 365: Give User Access to Another Mailbox Cmdlet

  1. Mike says:

    Nice! Saves the additional step of editing your PS script every time you need to do this. Good idea, thank you.

  2. Mario says:

    great post. i saved the code to a ps1 file as suggested but when i double click it opens notepad. Powershell is definitely installed. How do i get it to automatically run? Thanks

    • mcheung0 says:

      You may need to go to Control Panel > Default Programs > Set Program Associations then associate the .ps1 extension with powershell – or quicker, right-click the .ps1 file > open with > choose powershell and that should do the association automatically 🙂

  3. Nick says:

    I tried this and it appears to work, it now allows me to add the on-premise mailbox to my O365 mailbox, but when I try to expand it, it asks me to re-authenticate to O365 and never gets past that point. I’m using Exchange 2010 on-premise.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: