CODEWITHSUNDEEP
powershellforeachexchange-serveroutlook-calendar
Ben Cutler
Ben Cutler

Reputation: 1

Nested ForEach statements - Exchange Powershell - bulk remove mailbox calendar permissions -

This is my first post; I'm pretty new to powershell.

At a customer request I am changing the Calendar access permissions for all user in their Exchange 365. I set the default to 'Reviewer' for all mailboxes using code found on Spiceworks :

$users = get-mailbox
foreach ($user in $users) {set-mailboxfolderpermission -identity $($user.alias):\calendar" -User Default -AccessRights Reviewer  -confirm:$false}

And I am able to remove all other user's permissions from a specified mailbox using script I concocted from the above:

 $users = get-mailbox
    foreach ($user in $users) {Write-host -foregroundcolor green "Removing permission for $($user.alias)..."
    remove-mailboxfolderpermission -identity username:\calendar -user $user.alias -confirm:$false}

I was hoping to workout how to remove all explicit permissions from all mailboxes in one command for any future use; I think it will involve nested foreach statements but I'm struggling to get the double loop right.

It needs to run something like this:

$users = get-mailbox

foreach $user {remove-mailboxfolderpermission -identity user1.alias:\calendar -user $user1.alias}

foreach $user {remove-mailboxfolderpermission -identity user1.alias:\calendar -user $user2.alias}

foreach $user {remove-mailboxfolderpermission -identity user1.alias:\calendar -user $user3.alias}

foreach $user {remove-mailboxfolderpermission -identity user1.alias:\calendar -user $user4.alias}

foreach $user {remove-mailboxfolderpermission -identity user2.alias:\calendar -user $user1.alias}

foreach $user {remove-mailboxfolderpermission -identity user2.alias:\calendar -user $user2.alias}

foreach $user {remove-mailboxfolderpermission -identity user2.alias:\calendar -user $user3.alias}

foreach $user {remove-mailboxfolderpermission -identity user2.alias:\calendar -user $user4.alias}

foreach $user {remove-mailboxfolderpermission -identity user3.alias:\calendar -user $user1.alias}

Etc

But it's pulling the user.alias from the same array so in my experiments it either runs once (the same entry for -identity and -user) or it fails with a error or runs forever.

Any assistance, tips or general advice regarding nested ForEach pulling from the same source would be helpful.

Upvotes: 0

Views: 1278

Answers (1)

Bryce McDonald
Bryce McDonald

Reputation: 1870

In order to nest "for" loops, you need to have the information prepared, or a way to look up the information, in order to wrap your loop.

You don't want to have to specify every user's alias' on every mailbox, so the best way to do this will be to use the Get-MailboxFolderPermission cmdlet. Your first loop, looping through each user, is correct. Your second loop could use some help, since you don't want to have to manually input each user that has permissions. Your code should look something like this in the end: 

$users = Get-Mailbox
ForEach ($user in $users) {
  $perms = Get-MailboxFolderPermission -identity $user.alias:\Calendar | Format-List
  ForEach ($perm in $perms) {
    Remove-MailboxFolderPermission -identity $user.alias:\calendar -user $perm.user
  }
}

I don't have an exchange environment to test this, but I think this should really point you in the right direction to be able to fill in your environments details.

Upvotes: 0

Related Questions