Script to remove Exchange 2010 AutoMapping for all mailboxes

Question

I have an Exchange 2010 SP3 server that's getting Application event error 9646 from MSExchangeIS:

Mapi session [ID] [AD User] exceeded the maximum of 500 objects of type "objtFolder"

Looking into this, the cause was found to be several users that have a lot of Full Access Permissions on other people's mailboxes.

Because of the way this changed in SP1 See Technet article HERE, They now automatically open all the users they have access to, rather than being able to add or open them only when needed.

Ideally, I'd like a script I can run to globally remove the -Automapping $true string for all users: This should leave them access to the mailbox when needed, but stop it from automatically opening, taking up MAPI sessions.

I tried the Microsoft Technet Script from the above URL, but that didn't appear to work as intended:

[PS]$FixAutoMapping = Get-MailboxPermission sharedmailbox|where {$_AccessRights -eq "FullAccess" -and $_IsInherited -eq $false}
The operation couldn't be performed because object sharedmailbox couldn't be found on '[Servername]'.
    + CategoryInfo          : InvalidData: (:) [Get-MailboxPermission], ManagementObjectNotFoundException
+ FullyQualifiedErrorId : B485A4C7,Microsoft.Exchange.Management.RecipientTasks.GetMailboxPermission

I'm presuming that sharedmailbox is a specific example mailbox which Doesn't exist on my server: I need a script that searches through all the mailboxes, then changes Automapping $true to Automapping $false for any access permissions on the mailbox.

Is this possible to do?

Mathias R. Jessen · Accepted Answer · 2013-10-03T15:30:36.803

6

That is incredibly easy. You simply need to retrieve a list of mailboxes and run the example against each of them:

# Get all mailboxes in the forest
$Mailboxes = Get-Mailbox -ResultSize unlimited -IgnoreDefaultScope
$ConfirmPreference = 'None'

# Iterate over each mailbox
foreach($Mailbox in $Mailboxes)
{
    try 
    {
        # Try to run the example fix against the current $Mailbox
        $FixAutoMapping = Get-MailboxPermission $Mailbox |where {$_.AccessRights -eq "FullAccess" -and $_.IsInherited -eq $false}
        $FixAutoMapping | Remove-MailboxPermission
        $FixAutoMapping | ForEach {Add-MailboxPermission -Identity $_.Identity -User $_.User -AccessRights:FullAccess -AutoMapping $false} 
    }
    catch
    {
        # Inform about the error if unsuccessful
        Write-Host "Encountered error: $($Error[0].Exception) on mailbox $($Mailbox.DisplayName)" -ForegroundColor Red
    }
}

edited Oct 03 '13 at 15:30

answered Oct 03 '13 at 13:53

Mathias R. Jessen

24,907
4
62
95

Thanks for the script. I Don't use powershell much, so I assume I save it as a.ps1 file, then call it from the powershell command line? – Dave Oct 03 '13 at 14:46
3

Or you can just copy and paste in to an Exchange PowerShell window. Possibly followed by an additional Enter or two. – longneck Oct 03 '13 at 14:54
Exactly :-) You might need to change the [Execution Policy](http://technet.microsoft.com/en-us/library/ee176961.aspx) in order for it to execute as a script – Mathias R. Jessen Oct 03 '13 at 14:55
1

Thanks, Mathias - the script worked, apart from you had to press a (Yes to all) for every user. For future use, is there a way yes to all can be added to the script? – Dave Oct 03 '13 at 15:26
3

Yes by setting the `$ConfirmPreference` or append `-confirm $false` to the `Remove-MailboxPermission` statement – Mathias R. Jessen Oct 03 '13 at 15:31
-confirm $false and that script worked perfectly. Thank you @mathias-r-jessen for the answer, and thanks for the assist Longneck. – Dave Oct 03 '13 at 16:08

Script to remove Exchange 2010 AutoMapping for all mailboxes

1 Answers1