Grant-SendAs.psm1
|
function Grant-SendAs { <# .Synopsis Grants Send-As permissions in On-Prem AD and Azure AD .Description For use with M365 Hybrid configurations. As Send-As permissions aren't replicated to Azure AD it is required that you grant permission in Azure AD as well as on premise. As per https://docs.microsoft.com/en-us/exchange/permissions A Powershell session connection to your exchange server and M365 tenant is required. .Link https://docs.microsoft.com/en-us/exchange/permissions https://docs.microsoft.com/en-us/powershell/exchange/connect-to-exchange-servers-using-remote-powershell?view=exchange-ps https://docs.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps .Parameter UserIdentity The user that needs Send-As permissions .Parameter MailboxIdentity The mailbox in which the user needs Send-As permissions on .Example Grant-SendAs -UserIdentity [Identity] -MailboxIdentity [Identity] .Example Grant-SendAs -UserIdentity [Identity] -MailboxIdentity [Identity] -UserIdentity365 [Identity] -MailboxIdentity365 [Identity] #> [CmdletBinding()] param( [Parameter(Mandatory=$true)][string]$UserIdentity, [Parameter(Mandatory=$true)][string]$MailboxIdentity, [Parameter(Mandatory=$false)][string]$UserIdentity365, [Parameter(Mandatory=$false)][string]$MailboxIdentity365 ) process { if(!($UserIdentity365)) { $UserIdentity365 = $UserIdentity } if(!($MailboxIdentity365)) { $MailboxIdentity365 = $MailboxIdentity } Add-ADPermission -Identity $MailboxIdentity -User $UserIdentity -AccessRights ExtendedRight -ExtendedRights "Send As" Add-RecipientPermission -Identity $MailboxIdentity365 -Trustee $UserIdentity365 -AccessRights SendAs } } |