Thursday, 8 October 2015

Exchange 2013, 2016 - Remove Outlook automapping feature for all mailboxes

When you use either the Exchange Admin Center or the Exchange Management Shell to add full access permissions to a mailbox for a user, you'll find that the mailbox appears in Outlook for that user. This is the automapping feature that is built into Exchange and Outlook as below:

The way this works is by configuring the msExchDelegateListLink attribute on the shared mailbox with a list of distinguished names of users who have access. The msExchDelegateListLink attribute can be found on the AD user account by enabling Advanced Features in the View menu of Active Directory Users and Computers then opening properties for the mailbox and clicking on the Attribute Editor tab. See below:

To remove the automapping feature, you need to remove the mailbox permission then add it back using the Exchange Management Shell but specify the -Automapping parameter as below:

Add-MailboxPermission -Identity finance1 -User administrator -AccessRights fullaccess -AutoMapping $false

When you need to do this on many mailboxes, then you can use a handy PowerShell function I've created to do this below:

function Remove-Automapping 
          [Parameter(Mandatory = $true)]
          [string] $Mailbox

        foreach($mailbox in $mailboxes)
                $mailboxPermissions = Get-Mailbox $mailbox | Get-MailboxPermission | ? {$_.AccessRights -eq "FullAccess" -and $_.User -ne "NT AUTHORITY\SELF" `
                -and $_.IsInherited -eq $false}
                foreach($mailboxPermission in $mailboxPermissions)
                        Get-Mailbox $mailbox | Remove-MailboxPermission -User $mailboxPermission.user -AccessRights $mailboxPermission.AccessRights -Confirm:$false
                        Get-Mailbox $mailbox | Add-MailboxPermission -User $mailboxPermission.user -AccessRights $mailboxPermission.AccessRights -AutoMapping:$false | Out-Null


Import the function by copying and pasting the above PowerShell code into the Exchange Management Shell

To run the function, just run as below:

Remove-Automapping -Mailbox finance1

When you run script, it clears the msExchDelegateListLink attribute:

....and the mailbox disappears in Outlook however the user can add the mailbox back if they need.

To run the function on all mailboxes, just run the command below:

Get-Mailbox | % {Remove-Automapping -Mailbox $_.Alias}

No comments:

Post a Comment