One of my previous customers was a company in the financial sector. Such companies have several compliancy rules and much “evidence” needs to be gathered to prove that they are compliant.
They implemented SCOM which can monitor a lot, yet still some specific reports needed to be made.
I’m not that much of a SCOM guru and that’s why I turned to PowerShell.
The request.
Create a report every night where all mailbox access is reported, specifically who has access to mailboxes other than their own and which level of access they have… and of course which mailbox it is.
Here’s the script (yes, it’s a one-liner again):
Get-Mailbox | Get-MailboxPermission | where {$_.user.tostring() -ne “NT AUTHORITY\SELF” -and $_.IsInherited -eq $false} | Select Identity,User,@{Name=’Access Rights’;Expression={[string]::join(‘, ‘, $_.AccessRights)}} | Export-Csv -NoTypeInformation mailboxpermissions.csv
