1. <#Import in modules, if statement for PSSnapin so that it doesn't throw
an error if it is already loaded.#>
Import-Module ActiveDirectory
if ( (Get-PSSnapin -Name Microsoft.Exchange.Management.PowerShell.Admin -
ErrorAction SilentlyContinue) -eq $null )
{
add-pssnapin Microsoft.Exchange.Management.PowerShell.Admin
}
<#Clear variables so they are not retaining any old values#>
Get-Variable -Exclude PWD,*Preference | Remove-Variable -EA 0
<#Variables needed to complete script. $testIteration shows the number of
times nested for loop happens, $exUserCorpMatch=@() is an empty array
that will have objects added to it
when linked mailboxes on Exchange are compared to disabled corp accounts,
the $adminUser and $adPW are the login credentials so that anyone can
enter admin login credentials to run script#>
$errorLogPath = "c:scriptslogsexchangeADerror.txt"
$testIteration=0
$exUserCorpMatch=@()
$adminUser = whoami
$exceptionUsers=@()
$exceptionArray=@()
<#Create an Array from Get-mailbox cmdlet that has the value
"LinkedMailbox" tying it to a Corporate account, .count value used to
check results against expected#>
$mailboxes = Get-Mailbox -resultSize unlimited -RecipientTypeDetails
LinkedMailbox
$mailboxes.count
<#Create an array of objects from Corp server of user only dissabled
accounts, .count value used to check results against expected#>
$corpAccDis = Search-ADAccount -ResultSetSize $null -Server
SanitizedServerName -AccountDisabled -UsersOnly
$corpAccDis.count
<#Read in a list of users whose mailboxes shouldn't be removed#>
while ($var -ne "q"){
$var = Read-Host "Enter user exception linked mailbox name, or press
q to quit entering names:"
if ($var -ne "q"){
$exceptionUsers += $var
}
}
$exceptionUsers.count
<#Create an Array with the usernames that were supplied by the Read-Host
Cmdlet#>
foreach ($name in $exceptionUsers){
$exceptionArray += Get-Mailbox -Identity $name
}
$exceptionArray
2. <#Compare the two arrays on the value of name from the "Linked Master
Account" and the Corp server "Sam Account Name" and insert the matching
objects into an Array#>
For ($a=0 ; $a -le $mailboxes.count -1 ; $a++){
For ($b=0 ; $b -le $corpAccDis.count -1 ; $b++){
$testIteration++
if
($mailboxes[$a].LinkedMasterAccount.Split("")[-1] -eq
$corpAccDis[$b].SamAccountName){
$exUserCorpMatch += $mailboxes[$a]
break
}
}
}
$testIteration #Test value checking nember of times the loop took place
$exUserCorpMatch.count
<#For loop to take exception users mailboxes out of the script#>
For ($d=0;$d -lt $exceptionArray.Count; $d++){
$exUserCorpMatch = $exUserCorpMatch| ? {$_.alias -ne
$exceptionArray[$d].alias}
}
$exUserCorpMatch.count
$exUserCorpMatch | sort
<#Taking the newly created array from the comparison and running the bulk
of decisions, gives full access rights to the before entered admin
account, then exports the mailbox to a PST
file on the network share, and produces a txt file of the users
properties, attributes, etc.. Then removes-mailbox, this is cmdlet is
currently commented out until testing is done and
confirmed removal is ready to take place. #>
for ($c = 0 ; $c -le $exUserCorpMatch.count -1; $c++){
$fileCreationTime = Get-Date -UFormat "%Y%m%d%H%M%S"
$displayName = $exUserCorpMatch[$c].DisplayName
$pstFolderPath = Join-Path "SanitizedServerNameexchangePST"
$fileCreationTime$displayName.PST
$txtFolderPath = Join-Path "SanitizedServerNameexchangePST"
$fileCreationTime$displayName.txt
try {
$everythingIsOk = $true
Add-MailboxPermission -Identity $exUserCorpMatch[$c] -User
$adminUser -AccessRights FullAccess -ErrorAction Stop -Verbose -
Confirm:$false
} catch {
$everythingIsOk = $false
Write-Warning "Permission add problem, logging error to
$errorLogPath!"
Write-Warning $error[0]
$error[0] | Out-File $errorLogPath -Append