How to clear SIDHistory and keep mailbox permissions

The SIDHistory attribute of a user object is used to store old SIDs for that user (usually SIDs from other domains when the user is migrated).  In some cases, over time, this attribute can hold lots of values (every time a user is migrated, the previous SID is added to the list), and we sometimes…


PowerShell: Clean Mailbox Delegates (update)

I wrote a script a while ago that can remove invalid delegates from a mailbox using a mixture of EWS and Exchange PowerShell.  The limitation of the original script is that is didn’t do anything about the hidden rules that forward messages to delegates, which means that the unexpected NDR issue (as described here) would…

2

PowerShell: Clean mailbox delegates

An updated version of this script (that also handles the hidden forwarding rule) is available here:http://blogs.msdn.com/b/emeamsgdev/archive/2014/05/16/powershell-clean-mailbox-delegates-update.aspx Granting delegate access to a mailbox stores the permission on the mailbox to which the permission is granted.  But what happens when a user is deleted?  The simple answer is nothing – deleting a user (or other AD object)…

1

PowerShell: Remove invalid delegates from mailboxes

We recently had a case where there were invalid delegates on a mailbox and these were causing further issues (which aren’t important with regards to this blog!).  Invalid delegates can come about when mailboxes and users are deleted from an organisation.  The reason for this is that delegate permissions are stored on the AD object/mailbox to…

4