Unlike user mailboxes, setting “Send As” permission can only be performed from Powershell for a distribution list. The following script will prompt you for the user and group and then set the send as permission. It will then display what the result was.
param ([string]$User = $(Read-Host -prompt "User"), [string]$Group = $(Read-Host -prompt "Group") )
Add-ADPermission -Identity "mydomain.local/$Group" -User "$User" -ExtendedRights "Send As"
Get-AdPermission -Identity "mydomain.local/$Group" | where-object {$_.extendedrights -like 'send-as'} | select user,extendedrights
Remember to replace “mydomain.local” with your domain name. I normally specify the group name as the full path to the group, including the AD containers to make sure I get the correct one. You can change that to –Identity $group and just specify the group name if you want to.
The following reverses the process:
param ([string]$User = $(Read-Host -prompt "User"), [string]$Group = $(Read-Host -prompt "Group") )
Remove-ADPermission -Identity "mydomain.local/$Group" -User "$User" -ExtendedRights "Send As" -Confirm:$False
Get-AdPermission -Identity "mydomain.local/$Group" | where-object {$_.extendedrights -like 'send-as'} | select user,extendedrights
No comments:
Post a Comment