Script to remove Exchange 2010 AutoMapping for all mailboxes

exchange exchange-2010 powershell outlook-2010 outlook-2007

6,956

That is incredibly easy. You simply need to retrieve a list of mailboxes and run the example against each of them:

# Get all mailboxes in the forest
$Mailboxes = Get-Mailbox -ResultSize unlimited -IgnoreDefaultScope
$ConfirmPreference = 'None'

# Iterate over each mailbox
foreach($Mailbox in $Mailboxes)
{
    try 
    {
        # Try to run the example fix against the current $Mailbox
        $FixAutoMapping = Get-MailboxPermission $Mailbox |where {$_.AccessRights -eq "FullAccess" -and $_.IsInherited -eq $false}
        $FixAutoMapping | Remove-MailboxPermission
        $FixAutoMapping | ForEach {Add-MailboxPermission -Identity $_.Identity -User $_.User -AccessRights:FullAccess -AutoMapping $false} 
    }
    catch
    {
        # Inform about the error if unsuccessful
        Write-Host "Encountered error: $($Error[0].Exception) on mailbox $($Mailbox.DisplayName)" -ForegroundColor Red
    }
}

6,956

Dave

BOFH, Digital Rogue, and all round nice SysAdmin, based in the Home Counties, United Kingdom

Updated on September 18, 2022

Comments

Dave over 1 year
I have an Exchange 2010 SP3 server that's getting Application event error 9646 from MSExchangeIS:

Mapi session [ID] [AD User] exceeded the maximum of 500 objects of type "objtFolder"

Looking into this, the cause was found to be several users that have a lot of Full Access Permissions on other people's mailboxes.

Because of the way this changed in SP1 See Technet article HERE, They now automatically open all the users they have access to, rather than being able to add or open them only when needed.

Ideally, I'd like a script I can run to globally remove the -Automapping $true string for all users: This should leave them access to the mailbox when needed, but stop it from automatically opening, taking up MAPI sessions.

I tried the Microsoft Technet Script from the above URL, but that didn't appear to work as intended:
```
[PS]$FixAutoMapping = Get-MailboxPermission sharedmailbox|where {$_AccessRights -eq "FullAccess" -and $_IsInherited -eq $false}
The operation couldn't be performed because object sharedmailbox couldn't be found on '[Servername]'.
    + CategoryInfo          : InvalidData: (:) [Get-MailboxPermission], ManagementObjectNotFoundException
+ FullyQualifiedErrorId : B485A4C7,Microsoft.Exchange.Management.RecipientTasks.GetMailboxPermission
```
I'm presuming that sharedmailbox is a specific example mailbox which Doesn't exist on my server: I need a script that searches through all the mailboxes, then changes Automapping $true to Automapping $false for any access permissions on the mailbox.

Is this possible to do?
Dave over 10 years

Thanks for the script. I Don't use powershell much, so I assume I save it as a.ps1 file, then call it from the powershell command line?
longneck over 10 years

Or you can just copy and paste in to an Exchange PowerShell window. Possibly followed by an additional Enter or two.
Mathias R. Jessen over 10 years

Exactly :-) You might need to change the Execution Policy in order for it to execute as a script
Dave over 10 years

Thanks, Mathias - the script worked, apart from you had to press a (Yes to all) for every user. For future use, is there a way yes to all can be added to the script?
Mathias R. Jessen over 10 years

Yes by setting the $ConfirmPreference or append -confirm $false to the Remove-MailboxPermission statement
Dave over 10 years

-confirm $false and that script worked perfectly. Thank you @mathias-r-jessen for the answer, and thanks for the assist Longneck.