Exchange 2010 – Common Exchange Management Shell Commands

This article lists Exchanagement Management Shell Commands which are typically used in day to day administration of an Exchange 2010 server.

This will give <username> FULL ACCESS to <mailbox>:

Add-MailboxPermission -identity:<mailbox> -accessrights:fullaccess –user:<username>

If a group needs full access, then enter the security group name in the <username>, if the group name contains spaces, enter the group name within    “        “.
This can also be done from the Management Console.

Remove FULL ACCESS permissions to a mailbox:

remove-mailboxpermission -accessrights:fullaccess -user:<username> -identity:<mailbox>

This can also be done from the Management Console.

Find out the existing permission on a mailbox:

get-mailboxpermission -identity:<mailbox> | format-table -wrap

the format section is required so that the actual permissions are displayed in a readable format

Add “Send As” permission to a mailbox:

Add-ADPermission "<mailbox>" –User:<username> -Extendedrights "Send As"

This allows the user to send email as if they were the user (is not the same as “Send on Behalf of”)
This can also be done from the Management Console.

Allow AD user to modify distribution group membership:

Add-ADPermission -Identity:'distirbution list’ -User:dev<user> -AccessRights ReadProperty, WriteProperty -Properties 'Member'

This will allow the specified user permission to alter the distribution list memberships

Track Incoming emails between a specific time frame

The following command can be used to help diagnose email delivery issues.

It will list all emails received between the Start and End times specified.

To use, change the Start, End, Recipients and Server details to suit.

get-messagetrackinglog -Recipients:[email protected] -EventID "RECEIVE" -Start "2/07/2010 12:00:00 PM" -End "2/07/2010 2:50:00 PM" -server SERVERNAME