First published at https://nivleshc.wordpress.com

When planning to migrate mailboxes to Office 365, a lot of care must be taken around which mailboxes are moved together. The rule of the thumb is “those that work together, move together”. The reason for taking this approach is due to the fact that there are some permissions that do not work cross-premises and can cause issues. For instance, if a mailbox has delegate permissions to another mailbox (these are permissions that have been assigned using Outlook email client) and if one is migrated to Office 365 while the other remains on-premises, the delegate permissions capability is broken as it does not work cross-premises.

During the recent Microsoft Ignite, it was announced that there are a lot of features coming to Office 365 which will help with the cross-premises access issues.

I have been using Roman Zarka’s Export-MailboxPermissions.ps1 (part of https://blogs.technet.microsoft.com/zarkatech/2015/06/11/migrate-mailbox-permissions-to-office-365/ bundle) script to export all on-premises mailboxes permissions then using the output to decide which mailboxes move together. Believe me, this can be quite a challenge!

Recently, while having a casual conversation with one of my colleagues, I was introduced to an Excel  spreadsheet that he had created. Being the Excel guru that he is, he was doing various VLOOKUPs into the outputs from Roman Zarka’s script, to find out if the mailboxes he was intending to migrate had any permission dependencies with other mailboxes. I just stared at the spreadsheet with awe, and uttered the words “dude, that is simply awesome!”

I was hooked on that spreadsheet. However, I started craving for it to do more. So I decided to take it on myself to add some more features to it. However, not being too savvy with Excel, I decided to use PowerShell instead. Thus was born Find_MailboxPermssions_Dependencies.ps1

I will now walk you through the script and explain what it does

 

  1. The first pre-requisite for Find_MailboxPermissions_Dependencies.ps1 are the four output files from Roman Zarka’s Export-MailboxPermissions.ps1 script (MailboxAccess.csv, MailboxFolderDelegate.csv, MailboxSendAs.csv, MaiboxSendOnBehalf.csv)
  2. The next pre-requisite is details about the on-premises mailboxes. The on-premises Exchange environment must be queried and the details output into a csv file with the name OnPrem_Mbx_Details.csv. The csv must contain the following information (along the following column headings)“DisplayName, UserPrincipalName, PrimarySmtpAddress, RecipientTypeDetails, Department, Title, Office, State, OrganizationalUnit”
  3. The last pre-requisite is information about mailboxes that are already in Office 365. Use PowerShell to connect to Exchange Online and then run the following command (where O365_Mbx_Details.csv is the output file)
    Get-Mailbox -ResultSize unlimited | Select DisplayName,UserPrincipalName,EmailAddresses,WindowsEmailAddress,RecipientTypeDetails | Export-Csv -NoTypeInformation -Path O365_Mbx_Details.csv 

    If there are no mailboxes in Office 365, then create a blank file and put the following column headings in it “DisplayName”, “UserPrincipalName”, “EmailAddresses”, “WindowsEmailAddress”, “RecipientTypeDetails”. Save the file as O365_Mbx_Details.csv

  4. Next, put the above files in the same folder and then update the variable $root_dir in the script with the path to the folder (the path must end with a )
  5. It is assumed that the above files have the following names
    • MailboxAccess.csv
    • MailboxFolderDelegate.csv
    • MailboxSendAs.csv
    • MailboxSendOnBehalf.csv
    • O365_Mbx_Details.csv
    • OnPrem_Mbx_Details.csv
  6.  Now, that all the inputs have been taken care of, run the script.
  7. The first task the script does is to validate if the input files are present. If any of them are not found, the script outputs an error and terminates.
  8. Next, the files are read and stored in memory
  9. Now for the heart of the script. It goes through each of the mailboxes in the OnPrem_Mbx_Details.csv file and finds the following
    • all mailboxes that have been given SendOnBehalf permissions to this mailbox
    • all mailboxes that this mailbox has been given SendOnBehalf permissions on
    • all mailboxes that have been given SendAs permissions to this mailbox
    • all mailboxes that this mailbox has been given SendAs permissions on
    • all mailboxes that have been given Delegate permissions to this mailbox
    • all mailboxes that this mailbox has been given Delegate permissions on
    • all mailboxes that have been given Mailbox Access permissions on this mailbox
    • all mailboxes that this mailbox has been given Mailbox Access permissions on
    • if the mailbox that this mailbox has given the above permissions to or has got permissions on has already been migrated to Office 365
  10. The results are then output to a csv file (the name of the output file is of the format Find_MailboxPermissions_Dependencies_{timestamp of when script was run}_csv.csv
  11. The columns in the output file are explained below
Column Name Description
PermTo_OtherMbx_Or_FromOtherMbx? This is Y if the mailbox has given permissions to or has permissions on other mailboxes. Is N if there are no permission dependencies for this mailbox
PermTo_Or_PermFrom_O365Mbx? This is TRUE if the mailbox that this mailbox has given permissions to or has permissions on is  already in Office 365
Migration Readiness This is a color code based on the migration readiness of this permission. This will be further explained below
DisplayName The display name of the on-premises mailbox for which the permission dependency is being found
UserPrincipalName The userprincipalname of the on-premises mailbox for which the permission dependency is being found
PrimarySmtp The primarySmtp of the on-premises mailbox  for which the permission dependency is being found
MailboxType The mailbox type of the on-premises mailbox  for which the permission dependency is being found
Department This is the department the on-premises mailbox belongs to (inherited from Active Directory object)
Title This is the title that this on-premises mailbox has (inherited from Active Directory object)
SendOnBehalf_GivenTo emailaddress of the mailbox that has been given SendOnBehalf permissions to this on-premises mailbox
SendOnBehalf_GivenOn emailaddress of the mailbox that this on-premises mailbox has been given SendOnBehalf permissions to
SendAs_GivenTo emailaddress of the mailbox that has been given SendAs permissions to this on-premises mailbox
SendAs_GivenOn emailaddress of the mailbox that this on-premises mailbox has been given SendAs permissions on
MailboxFolderDelegate_GivenTo emailaddress of the mailbox that has been given Delegate access to this on-premises mailbox
MailboxFolderDelegate_GivenTo_FolderLocation the folders of the on-premises mailbox that the delegate access has been given to
MailboxFolderDelegate_GivenTo_DelegateAccess the type of delegate access that has been given on this on-premises mailbox
MailboxFolderDelegate_GivenOn email address of the mailbox that this on-premises mailbox has been given Delegate Access to
MailboxFolderDelegate_GivenOn_FolderLocation the folders that this on-premises mailbox has been given delegate access to
MailboxFolderDelegate_GivenOn_DelegateAccess the type of delegate access that this on-premises mailbox has been given
MailboxAccess_GivenTo emailaddress of the mailbox that has been given Mailbox Access to this on-premises mailbox
MailboxAccess_GivenTo_DelegateAccess the type of Mailbox Access that has been given on this on-premises mailbox
MailboxAccess_GivenOn emailaddress of the mailbox that this mailbox has been given Mailbox Access to
MailboxAccess_GivenOn_DelegateAccess the type of Mailbox Access that this on-premises mailbox has been given
OrganizationalUnit the Organizational Unit for the on-premises mailbox

The color codes in the column Migration Readiness correspond to the following

  • LightBlue – this on-premises mailbox has no permission dependencies and can be migrated
  • DarkGreen  – this on-premises mailbox has got a Mailbox Access permission dependency to another mailbox. It can be migrated while the other mailbox can remain on-premises, without experiencing any issues as Mailbox Access permissions are supported cross-premises.
  • LightGreen – this on-premises mailbox can be migrated without issues as the permission dependency is on a mailbox that is already in Office 365
  • Orange – this on-premises mailbox has SendAs permissions given to/or on another on-premises mailbox. If both mailboxes are not migrated at the same time, the SendAs capability will be broken. Lately, it has been noticed that this capability can be restored by re-applying the SendAs permissions to both the migrated and on-premises mailbox post migration
  • Pink – the on-premises mailbox has FolderDelegate given to/or on another on-premises mailbox. If both mailboxes are not migrated at the same time, the FolderDelegate capability will be broken. A possible workaround is to replace the FolderDelegate permission with Full Mailbox access as this works cross-premises, however there are privacy concerns around this workaround as this will enable the delegate to see all the contents of the mailbox instead of just the folders they had been given access on.
  • Red – the on-premises mailbox has SendOnBehalf permissions given to/or on another on-premises mailbox. If both mailboxes are not migrated at the same time, the SendOnBehalf capability will be broken. A possible workaround could be to replace SendOnBehalf with SendAs however the possible implications of this change must be investigated

Yay, the output has now been generated. All we need to do now is to make it look pretty in Excel 🙂

Carry out the following steps

  • Import the output csv file into Excel, using the semi-colon “;” as the delimiter (I couldn’t use commas as the delimiter as sometimes department,titles etc fields use them and this causes issues with the output file)
  • Create Conditional Formatting rules for the column Migration Readiness so that the fill color of this cell corresponds to the word in this column (for instance, if the word is LightBlue then create a rule to apply a light blue fill to the cell)

Thats it Folks! The mailbox permissions dependency spreadsheet is now ready. It provides a single-pane view to all the permissions across your on-premises mailboxes and gives a color coded analysis on which mailboxes can be migrated on their own without any issues and which might experience issues if they are not migrated in the same batch with the ones they have permissions dependencies on.

In the output file, for each on-premises mailbox, each line represents a permission dependency (unless the column PermTo_OtherMbx_Or_FromOtherMbx? is N). If there are more than one set of permissions applicable to an on-premises mailbox, these are displayed consecutively underneath each other.

It is imperative that the migration readiness of the mailbox be evaluated based on the migration readiness of all the permissions associated with that mailbox.

Find_MailboxPermissions_Dependencies.ps1 can be downloaded from  GitHub

A sample of the spreadsheet that was created using the output from the Find_MailboxPermissions_Dependencies.ps1 script can be downloaded from https://github.com/nivleshc/arm/blob/master/Sample%20Output_MailboxPermissions%20Dependencies.xlsx

I hope this script comes in handy when you are planning your migration batches and helps alleviate some of the headache that this task brings with it.

Till the next time, have a great day 😉

Category:
Office 365, PowerShell
Tags:
, , , , , ,

Join the conversation! 27 Comments

  1. Hi Kloud Team,
    This article is amazing! Thank you for sharing.
    I am sure that this content will help a lot of people around the world.

    Greetings from Brazil

    Reply
  2. Thanks for this – you should add the below for Part 2

    Get-Mailbox -ResultSize unlimited | Select DisplayName,UserPrincipalName,PrimarySmtpAddress,RecipientTypeDetails,Department,Title,Office,State,OrganizationalUnit | Export-Csv -NoTypeInformation -Path c:\OnPrem_Mbx_Details.csv

    Reply
  3. Do I have the ability to edit my posts? I’d like to remove info.

    Reply
  4. Ok so I didn’t catch that I had to run the other export script, but now I’ve ran the Roman Zarka’s Export-MailboxPermissions.ps1 which gave me the 4 files necessary, however, When running the script again after that, it gets to Creating Hashtable for O365 Mbxs it errors out. Not sure why…I don’t have any O365 mailboxes yet, so the directions above say to create empty CSV with the necessary headers if you don’t have O365 mailboxes.

    Also states to create a csv called OnPrem_Mbx_Details.csv which is also empty…….but contains the necessary headers.

    What am I missing here? Rerunning it produces this now:

    ========================================================================================================================================
    SCRIPT IS PROVIDED ‘AS IS’ WITHOUT ANY WARRANTY OF ANY KIND.
    Before running any script, please read the entire to script to ensure there is nothing in it that will adversely affect your environment
    ========================================================================================================================================
    Continue? [Press Enter to Continue or Ctrl+C to quit:

    >Reading File
    >>>>Reading Mailbox SendOnBehalf file..Done. Read 151 records
    >>>>Reading Mailbox SendAs file..Done. Read 590 records
    >>>>Reading Mailbox Folder Delegate file..Done. Read 497 records
    >>>>Reading Mailbox Access file..Done. Read 332 records
    >>>>Reading O365 Mbxs file..Done. Read records
    >>>>Reading OnPrem Mbxs file..Done. Read records
    >>>>Creating HashTable for MailboxSendOnBehalf_GivenTo..Done.
    >>>>Creating HashTable for MailboxSendOnBehalf_GivenOn..Done.
    >>>>Creating HashTable for MailboxSendAs_GivenTo..Done.
    >>>>Creating HashTable for MailboxSendAs_GivenOn..Done.
    >>>>Creating HashTable for MailboxFolderDelegate_GivenTo..Done.
    >>>>Creating HashTable for MailboxFolderDelegate_GivenOn..Done.
    >>>>Creating HashTable for MailboxAccess_GivenTo..Done.
    >>>>Creating HashTable for MailboxAccess_GivenOn..Done.
    >>>>Creating HashTable for O365 MbxsException calling “get_Item” with “1” argument(s): “Key cannot be null.
    Parameter name: key”
    At C:\Users\username\Desktop\O365 Migration Scripts and Tools\Find_MailboxPermissions_Dependencies.ps1:426 char:45
    + $existing_value = $hash_O365Mbx.Item <<<>>>Creating HashTable for OnPrem MbxsException calling “get_Item” with “1” argument(s): “Key cannot be null.
    Parameter name: key”
    At C:\Users\username\Desktop\O365 Migration Scripts and Tools\Find_MailboxPermissions_Dependencies.ps1:450 char:47
    + $existing_value = $hash_OnPremMbx.Item <<<>>>Finding Mailbox Permissions Dependancies..Start
    Exception calling “get_Item” with “1” argument(s): “Key cannot be null.
    Parameter name: key”
    At C:\Users\username\Desktop\O365 Migration Scripts and Tools\Find_MailboxPermissions_Dependencies.ps1:498 char:78
    + $mbx_MailboxSendOnBehalf_GivenTo = $hash_MailboxSendOnBehalf_GivenTo.Item <<<< ($mbx_primarySmtp)
    + CategoryInfo : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : DotNetMethodException

    Exception calling "get_Item" with "1" argument(s): "Key cannot be null.
    Parameter name: key"
    At C:\Users\username\Desktop\O365 Migration Scripts and Tools\Find_MailboxPermissions_Dependencies.ps1:533 char:78
    + $mbx_MailboxSendOnBehalf_GivenOn = $hash_MailboxSendOnBehalf_GivenOn.Item <<<< ($mbx_primarySmtp)
    + CategoryInfo : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : DotNetMethodException

    Exception calling "get_Item" with "1" argument(s): "Key cannot be null.
    Parameter name: key"
    At C:\Users\username\Desktop\O365 Migration Scripts and Tools\Find_MailboxPermissions_Dependencies.ps1:566 char:66
    + $mbx_MailboxSendAs_GivenTo = $hash_MailboxSendAs_GivenTo.Item <<<< ($mbx_primarySmtp)
    + CategoryInfo : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : DotNetMethodException

    Exception calling "get_Item" with "1" argument(s): "Key cannot be null.
    Parameter name: key"
    At C:\Users\username\Desktop\O365 Migration Scripts and Tools\Find_MailboxPermissions_Dependencies.ps1:599 char:66
    + $mbx_MailboxSendAs_GivenOn = $hash_MailboxSendAs_GivenOn.Item <<<< ($mbx_primarySmtp)
    + CategoryInfo : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : DotNetMethodException

    Exception calling "get_Item" with "1" argument(s): "Key cannot be null.
    Parameter name: key"
    At C:\Users\username\Desktop\O365 Migration Scripts and Tools\Find_MailboxPermissions_Dependencies.ps1:631 char:82
    + $mbx_MailboxFolderDelegate_GivenTo = $hash_MailboxFolderDelegate_GivenTo.Item <<<< ($mbx_primarySmtp)
    + CategoryInfo : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : DotNetMethodException

    Exception calling "get_Item" with "1" argument(s): "Key cannot be null.
    Parameter name: key"
    At C:\Users\username\Desktop\O365 Migration Scripts and Tools\Find_MailboxPermissions_Dependencies.ps1:666 char:82
    + $mbx_MailboxFolderDelegate_GivenOn = $hash_MailboxFolderDelegate_GivenOn.Item <<<< ($mbx_primarySmtp)
    + CategoryInfo : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : DotNetMethodException

    Exception calling "get_Item" with "1" argument(s): "Key cannot be null.
    Parameter name: key"
    At C:\Users\username\Desktop\O365 Migration Scripts and Tools\Find_MailboxPermissions_Dependencies.ps1:701 char:66
    + $mbx_MailboxAccess_GivenTo = $hash_MailboxAccess_GivenTo.Item <<<< ($mbx_primarySmtp)
    + CategoryInfo : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : DotNetMethodException

    Exception calling "get_Item" with "1" argument(s): "Key cannot be null.
    Parameter name: key"
    At C:\Users\username\Desktop\O365 Migration Scripts and Tools\Find_MailboxPermissions_Dependencies.ps1:735 char:66
    + $mbx_MailboxAccess_GivenOn = $hash_MailboxAccess_GivenOn.Item <<<< ($mbx_primarySmtp)
    + CategoryInfo : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : DotNetMethodException

    N;False;LightBlue;;;;;;;;;;;;;;;;;;;;;
    Attempted to divide by zero.
    At C:\Users\username\Desktop\O365 Migration Scripts and Tools\Find_MailboxPermissions_Dependencies.ps1:784 char:394
    + Write-Progress -Activity "Finding Mailbox Permissions Dependancies" -Status "[Number of Mbx with No_PermTo_OtherMbx_Or_FromOtherMbx:$count_No_PermTo_OtherMbx_Or_FromOtherMbx|Number Of PermTo Or
    PermFrom O365 Mbx:$count_PermTo_Or_PermFrom_O365Mbx|Processed:$processed|Total:$total_OnPremMbx_records]Email of Mbx Being Analysed:$mbx_primarySmtp" -PercentComplete ([math]::round(($processed / <<
    <>>>Finding Mailbox Permissions Dependancies..Finished

    Summary
    Total OnPrem Mbx:
    Total Processed:1
    Total Mbx with No PermsTo other mbx or other mbxs with perms on the mbx:1
    Total Number of PermsTo or Perms from O365 Mbx:0

    File Paths
    Mailbox Access File : C:\Users\username\Desktop\O365 Migration Scripts and Tools\MailboxAccess.csv
    Mailbox Folder Delegate File: C:\Users\username\Desktop\O365 Migration Scripts and Tools\MailboxFolderDelegate.csv
    Mailbox SendAs File : C:\Users\username\Desktop\O365 Migration Scripts and Tools\MailboxSendAs.csv
    Mailbox SendOnBehalf File : C:\Users\username\Desktop\O365 Migration Scripts and Tools\MailboxSendOnBehalf.csv
    O365 Mailboxes File : C:\Users\username\Desktop\O365 Migration Scripts and Tools\O365_Mbx_Details.csv
    OnPremises Mailboxes File : C:\Users\username\Desktop\O365 Migration Scripts and Tools\OnPrem_Mbx_Details.csv
    Output File : C:\Users\username\Desktop\O365 Migration Scripts and Tools\Find_MailboxPermissions_Dependencies_030418T094128_csv.csv
    Log File : C:\Users\username\Desktop\O365 Migration Scripts and Tools\Find_MailboxPermissions_Dependencies_Log_030418T094128.log
    [PS] C:\Users\username\Desktop\O365 Migration Scripts and Tools>

    Please point me in the right direction here. I’d really love for this script to work.

    Reply
  5. Hello, I figured it out, apparently I can’t read instructions very well ;). I had to also query myself for the OnPrem_Mbx_Details.csv data, then run the tool.

    I have now completed the script and formatted the spreadsheet as instructed and all looks good.

    If you can can you remove my very first post and keep all the following posts as they will be helpful for others where as the first one will not be useful.

    Thanks

    Reply
    • Hi Mlee am extremely happy you got the issue resolved 😉 I have removed your very first post. Enjoy the script and all the best with the migration

      Reply
  6. Amazing! Will this also work for on-prem migration from 2010 to 2016?

    Reply
    • Hi mrphilbrooks, the script finds and displays permission dependancies between mailboxes. If your requirement is to batch mailboxes so that all that are permission dependant on each other are moved together, this script will come in very handy. In this case, as stated in the blog, just create a blank Office 365 mailbox csv with just the headers. All the best.

      Reply
  7. Hi

    my output file:
    PermTo_OtherMbx_Or_FromOtherMbx?;PermTo_Or_PermFrom_O365Mbx?;Migration Readiness;DisplayName;UserPrincipalName;PrimarySmtp;MailboxType;Department;Title;SendOnBehalf_GivenTo;SendOnBehalf_GivenOn;SendAs_GivenTo;SendAs_GivenOn;MailboxFolderDelegate_GivenTo;MailboxFolderDelegate_GivenTo_FolderLocation;MailboxFolderDelegate_GivenTo_DelegateAccess;MailboxFolderDelegate_GivenOn;MailboxFolderDelegate_GivenOn_FolderLocation;MailboxFolderDelegate_GivenOn_DelegateAccess;MailboxAccess_GivenTo;MailboxAccess_GivenTo_DelegateAccess;MailboxAccess_GivenOn;MailboxAccess_GivenOn_DelegateAccess;OrganizationalUnit

    what I’m I doing wrong?

    Reply
    • Hi Louis, did you mean that the output file is empty? Can you please check the steps 1 – 11 and ensure nothing was missed?

      Reply
    • thank you for the update Louis. Excellent to know you got what you wanted. Would you be able to post how you fixed the issue you faced? It will help anyone else who might come across similar issues when running the script. Thank you

      Reply
  8. Nivlesh – This script works great – I was just wondering, how do you work out the batches from the output? Do I have to follow the trail to every user? For instance, User A has given editor access on his calendar to User B and User C. Ok, so we know User A, B, and C have to move together for sure. But what if User B has given access to his calendar to User D? That would mean that Users A, B, C, and D have to be moved together. How do I find all of the dependencies aside from following every single trail, which would take a long time with over 2000 mailboxes! I hope I am missing something that will make this simple!

    Reply
    • Hi Greg. Excellent question. Actually that is the question that my script is trying to answer 😉 The output of the script is a csv, one of the columns is “Migration Readiness” which contains a color code. If you refer to the bottom of the blog, you will see what the color codes mean (you can use conditional formatting to give the color codes a “color” 🙂 as per the instructions in the blog). So, filter the mailboxes based on the color code as this will be the “batch” of mailboxes that will go together. Then use the color code meaning to decide which ones can move without issues and which batches need more attention For instance, light blue means all those mailboxes don’t have any dependancies and can be migrated. DarkGreen means there is a mailbox access permission dependancy but it can be moved. Pink and Reds need more work as the mailboxes in that batch will need to be moved together.
      Hope that helps

      Reply
      • Thanks Nivlesh – I definitely get that part, however of the 2100 mailboxes I have to migrate, I don’t want to do all of the pink ones at once. I want to be able to batch up subsets of users that will go on a certain day, but want to know which ones I need to batch together. This is especially important during the pilot phase. Is there a way to select a subset of users and have it give me the dependencies just for that subset?

      • Hi Greg. Those in the Pink category have a FolderDelegate permission dependency. Having said that, it doesn’t necessary mean, for instance in your case, all 2100 mailboxes are interdependent on each other. It just means that of the 2100 there is some mailbox that it has delegate permissions to or on.
        To find out the name of the mailbox it has folderdelegate dependency on, for each row in this category, look under the following columns
        MailboxFolderDelegate_GivenTo MailboxFolderDelegate_GivenTo_FolderLocation MailboxFolderDelegate_GivenTo_DelegateAccess MailboxFolderDelegate_GivenOn MailboxFolderDelegate_GivenOn_FolderLocation MailboxFolderDelegate_GivenOn_DelegateAccess

        You could then make a spreadsheet with this info (mailbox and delegate access given to/on). You will be able to make smaller batches for your migration by grouping all mailboxes that are inter-dependent on each other. This will be a great start to what you are after.

        If, for some weird reason, you are unable to create smaller batches, you can use the workaround I have stated in the blog
        “A possible workaround is to replace the FolderDelegate permission with Full Mailbox access as this works cross-premises, however there are privacy concerns around this workaround as this will enable the delegate to see all the contents of the mailbox instead of just the folders they had been given access on.”

        Hope this helps

  9. Thanks again, Nivlesh – I ended up using my wife’s legendary Excel skills to create for me a series of pivots and tables wherein I could use your source data and in a sheet I could add the names of the people I wanted to move at once (a pilot group, for example). The sheet is slick enough to show me the number of and names of the dependencies in that group. I then add those dependencies, which may or may not show me more that need to move together – until I get to zero outstanding dependencies. At that point I have my batch that will all move together without issues. I won’t pretend to know how it works, so I cannot really explain it other than saying it’s ‘magic’.

    Reply
    • That is awesome Greg. Well done 😉 Yes that is a definitely a great way to getting the batch prepared. I have used Excel spreadsheets quite a bit in my planning and it comes in handy almost every time. All the best with the migration

      Reply
  10. Great script Nivlesh !!
    Any suggestions on how to list out mailboxes using the authOrig & unAuthOrig attribute ( senders that are allowed to send to a mailbox) to and map the dependencies ?
    this feature too does not work across a hybrid deployment and needs the receiver & sender mailbox to be moved together.
    (the value of the attribute is a DN)

    Reply
  11. I have a user who has MailboxAccess_GivenOn and SendAs_GivenOn on the same mailbox so he shows up as both Dark Green and Orange. Do you have a method to reconcile this discrepancy for how safe he is to migrate? I expect this would be the same problem if rights were split across a couple mailboxes. It would be safe to work from most difficult to least difficult but not the other way around.

    Reply
  12. Love your work Niv!

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: