If you are in the hybrid environment and looking for assigning mailbox permissions to migrated user on premises mailbox/s you will find below article handy. Changes are done on premises Active Directory needs to sync to Office 354 Azure Directory services via AD Sync.
Add-RecipientPermission (This cmdlet is available
only in the cloud-based service.)
Add-MailboxPermission (This cmdlet is available
in on-premises Exchange and in the cloud-based service)
# VARS
$CloudMB1 = "Jason.Born@SecuredNinja.org" #
Cloud Mailbox
$SharedMB1 = "HRShared1@SecuredNinja.org" #
On prem
$SharedMB2 = "HRShared2@SecuredNinja.org" # On prem
# ADDING MB Permissions
Write-host "Adding AD Permissions"
Add-MailboxPermission –Identity $SharedMB1 –User $CloudMB1 `
–AccessRights FullAccess –AutoMapping $True -InheritanceType All -WhatIf
# VERIFY AD PERMISSIONS
Write-host "Verifying AD Permissions"
$Output1 = Get-Mailbox -Identity $SharedMB1 | Get-MailboxPermission |`
where {$_.user.tostring() -ne "NT AUTHORITY\SELF" -and $_.IsInherited -eq $false} |`
Select-Object User,AccessRights,IsInherited,
# ADD <SEND AS >
Write-host "Adding <SEND AS> Permissions"
Add-RecipientPermission -Identity $SharedMB1 -Trustee $CloudMB1 -AccessRights SendAs -WhatIf
#VERIFY <SEND AS>
Write-host "Verifying <SEND AS> Permissions"
Get-RecipientPermission -Identity $SharedMB1
# REMOVE <SEND AS>
Write-host "REMOVING <SEND AS> Permissions"
$removeUser = "Casey.Dedeal@SecuredNinja.org"
Remove-RecipientPermission -Identity $SharedMB2 -Trustee $removeUser -AccessRights SendAs -WhatIf
# REMOVE <FULL MB>
Write-host "REMOVING <FULL MB> Permissions"
$CloudMB = "Casey.Dedeal@SecuredNinja.org"
Remove-MailboxPermission –Identity $SharedMB2 –User $CloudMB –AccessRights FullAccess -WhatIf
Azure Certified Solutions Architect
Principal Systems Engineer
https://msazure365.blogspot.com/ (blog)
https://simplepowershell.blogspot.com/ (blog)
https://twitter.com/Message_Talk (Twitter)
