 01825 818572
Trying to find out which mailboxes a specific user has access to is a somewhat tedious process in the EMC. Thankfully there is a simple PowerShell command that will give you a complete listing:
get-mailbox | get-mailboxpermission -User "UserName" | fl identity
Note: You can then remove the permissions (if required) with additional commands, but to remove full access and send as (or on behalf of) requires different actions.
It is simple enough to loop through all mailboxes and be prompted to remove Send As permission for a user from any mailboxes:
Get-RecipientPermission -Trustee "UserName" | Remove-RecipientPermission
To remove Full Access permission for the user from a specific mailbox you can run:
Remove-MailboxPermission -Identity "MailboxName" -User "UserName" -AccessRights FullAccess -InheritanceType All -Confirm:$false
You could, of course, create a script that creates an array of mailboxes the user has full access to using the first command, and then iterate through with the last.
Finally, these commands are only recommended for relatively small 365 tenants as the queries can take a long time if you have several hundred (or more!) mailboxes.
