Thursday, 8 October 2015

Exchange 2013, 2016 - Remove Outlook automapping feature for all mailboxes

When you use either the Exchange Admin Center or the Exchange Management Shell to add full access permissions to a mailbox for a user, you'll find that the mailbox appears in Outlook for that user. This is the automapping feature that is built into Exchange and Outlook as below:




The way this works is by configuring the msExchDelegateListLink attribute on the shared mailbox with a list of distinguished names of users who have access. The msExchDelegateListLink attribute can be found on the AD user account by enabling Advanced Features in the View menu of Active Directory Users and Computers then opening properties for the mailbox and clicking on the Attribute Editor tab. See below:


To remove the automapping feature, you need to remove the mailbox permission then add it back using the Exchange Management Shell but specify the -Automapping parameter as below:

 Add-MailboxPermission -Identity finance1 -User administrator -AccessRights fullaccess -AutoMapping $false



When you need to do this on many mailboxes, then you can use a handy PowerShell function I've created to do this below:
function Remove-Automapping 
    {
        Param(
          [Parameter(Mandatory = $true)]
          [string] $Mailbox
        )

         foreach($mailbox in $mailboxes)
            {
                $mailboxPermissions = Get-Mailbox $mailbox | Get-MailboxPermission | ? {$_.AccessRights -eq "FullAccess" -and $_.User -ne "NT AUTHORITY\SELF" `
                -and $_.IsInherited -eq $false}
                foreach($mailboxPermission in $mailboxPermissions)
                    {
                        Get-Mailbox $mailbox | Remove-MailboxPermission -User $mailboxPermission.user -AccessRights $mailboxPermission.AccessRights -Confirm:$false
                        Get-Mailbox $mailbox | Add-MailboxPermission -User $mailboxPermission.user -AccessRights $mailboxPermission.AccessRights -AutoMapping:$false | Out-Null
                    }
            }

     }



 Import the function by copying and pasting the above PowerShell code into the Exchange Management Shell

 To run the function, just run as below:

 Remove-Automapping -Mailbox finance1



When you run script, it clears the msExchDelegateListLink attribute:


....and the mailbox disappears in Outlook however the user can add the mailbox back if they need.



To run the function on all mailboxes, just run the command below:

 Get-Mailbox | % {Remove-Automapping -Mailbox $_.Alias}

Posted by at
Labels: , , ,

3 comments:

  1. Unknown3 May 2019 at 19:56

    This function didn't work for me on exchange 2016. There were no error messages but the msExchDelegateListLink attribute did not clear for the mailbox I selected.

    ReplyDelete
  2. David Ray5 October 2020 at 20:33

    This comment has been removed by the author.

    ReplyDelete
  3. David Ray5 October 2020 at 20:37

    If you change line 5 from
    [string] $Mailbox
    to
    [string[]] $mailboxes
    it will work.

    Notice in line 8 it is expecting the list of mailboxes to be in $mailboxes not $Mailbox. The extra brackets allow it hold a list of strings... not just one.

    ReplyDelete

Subscribe to: Post Comments (Atom)