The script grants the target user full access over a specific mailbox. The script can be executed in a business rule, custom command or scheduled task.
In the script, the $mailboxDN variable specifies the distinguished name (DN) of the object that represents the mailbox to grant full access over. For information on how to get an object DN, see Get the DN of a directory object.
PowerShell
$mailboxDN = "CN=John Smith,OU=Users,DC=Domain,DC=com" # TODO: modify me
# Create an instance of the 'AdmExchangeMailboxParameters' class
$mailboxParams = New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxParameters"
# Specify trustee
$objReference = New-Object "Softerra.Adaxes.Adsi.AdmObjectReference"
$objReference.ObjectDN = "%distinguishedName%"
# Specify permission
$permission = New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxPermission"
$permission.AllowedRights = "ADM_EXCHANGE_MAILBOX_RIGHTS_FULL_ACCESS"
$permission.Trustee = $objReference
# Append to existing permissions
$permissionModification = New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxRightsModification"
$permissionModification.Operation = "ADS_PROPERTY_APPEND"
$permissionModification.Permission = $permission
# Update mailbox settings
$mailboxRights = $mailboxParams.MailboxRights
$mailboxRights.AddModification($permissionModification)
$mailboxParams.MailboxRights = $mailboxRights
# Save the changes
$user = $Context.BindToObjectByDN($mailboxDN)
$user.SetMailParameters($mailboxParams, "ADM_SET_EXCHANGE_PARAMS_FLAGS_NONE")