################################################################################
# Show Mailbox and MAPI Permissions of specified Mailbox in Exchange 2010
# Version 1.0 / 07.03.2012 Andres Bohren - Intitial Version
################################################################################

#/*MBX Permission*/
[string]$Email = "boa@icewolf.ch"
[string]$Mailbox = Get-Mailbox -Identity $Email
[string]$sam = $Mailbox.SamAccountName


Write-Host "*******************************************************************************" -foregroundcolor magenta
Write-Host "* Get Mailbox Permission for $Email" -foregroundcolor magenta
Write-Host "*******************************************************************************" -foregroundcolor magenta


#/*Full Access*/
$FullAccess = Get-MailboxPermission -Identity $Email | where { ($_.AccessRights -eq "FullAccess") -and ($_.IsInherited -eq $false) -and -not ($_.User -like "NT AUTHORITY\SELF") } | Select User
Write-Host "Full Access:" -foregroundcolor Green
Foreach ($User in $FullAccess)
	{
		Write-Host $User.User
	}

#/*Send As*/
#Get-ADPermission -Identity $sam | Where {$_.ExtendedRights -like "Send-As" -and $_.User -notlike "NT AUTHORITY\SELF" -and $_.Deny -eq $false} | ft Identity,User,ExtendedRights,IsInherited
$SendAs = Get-ADPermission -Identity $sam | Where {$_.ExtendedRights -like "Send-As" -and $_.User -notlike "NT AUTHORITY\SELF" -and $_.Deny -eq $false} | Select User
Write-Host "Send As:" -foregroundcolor Green
Foreach ($User in $SendAs)
	{
		Write-Host $User.User
	}

#/*Send on Behalf*/
#$SendOnBehalf = get-mailbox -Identity $Email | Select GrantSendOnBehalfTo
$SendOnBehalf = get-mailbox -Identity $Email | Select @{Name="SendOnBehalf";Expression={$_."GrantSendOnBehalfTo"}}
Write-Host "SendOnBehalf:" -foregroundcolor Green

Foreach ($User in $SendOnBehalf)
	{
		Write-Host $User.SendOnBehalf
	}

#/*MailboxFolders*/
$folders = Get-MailboxFolderStatistics -Identity $Email | Where {$_.Foldertype -ne "SyncIssues" -and $_.Foldertype -ne "Conflicts" -and $_.Foldertype -ne "LocalFailures" -and $_.Foldertype -ne "ServerFailures" -and $_.Foldertype -ne "RecoverableItemsRoot" -and $_.Foldertype -ne "RecoverableItemsDeletions" -and $_.Foldertype -ne "RecoverableItemsPurges" -and $_.Foldertype -ne "RecoverableItemsVersions" -and $_.Foldertype -ne "Root"} | select folderpath

Write-Host "Mailbox Folders:" -foregroundcolor Green
Foreach ($Folder in $folders)
	{
		Write-Host $Folder.Folderpath
	}

#/*MAPI Permissions*/
Write-Host "MAPI Permissions:" -foregroundcolor Green
get-mailboxfolderpermission -identity $Email":\" | ft foldername, User, AccessRights
Foreach ($Folder in $folders)
	{
		$NormalizedFolder = $Folder.FolderPath.Replace("/","\")
		$NormalizedIdentity = $Email + ":" + $NormalizedFolder
		get-mailboxfolderpermission -identity $NormalizedIdentity | ft foldername, User, AccessRights
	}