Revoke-RecipientPermission cmdlet revokes the access permission of the recipient (mailbox or distribution group) for the Exchange mailbox or OWA mailbox

This cmdlet supports risk-mitigation parameters .

Input parameters

#
Parameter
Type

Mandatory (R/O)

Description
Valid Values
1 Authentication Information (all parameters)  
2

Identity

(aliases: GUID, DistinguishedName)

ADObjectIDParameter R A property, that is used for managing the Exchange, OWA mailbox or distribution group 

Value of one of these parameters can be used as Identity:

#ParameterDescription
1 GUID Globally Unique Identifier (ObjectGuid)
2 DistinguishedName Unique name of the object in Active Directory
3

Recipient

(alias: Recipient)

ADObjectIDParameter R

List of the recipients (Exchange, OWA or distribution lists), whose permissions are revoked

Value of one of these parameters can be used as recipient's identity:

  • GUID
  • DistinguishedName
4

AccessRights

MailboxAccessRights R

The level of access rights of the recipients (Exchange mailboxes or distribution lists) on the mailbox

  • FullAccess (can't be set for distribution group)
  • SendAs

Output parameters

No parameters

Example of using Revoke-RecipientPermission cmdlet

Revoke-RecipientPermission -Identity "D5B784A7-F8A9-432A-924F-CD96552C04BD" -Recipient "CN=test@accountname,OU=accountname,OU=Hosting,DC=exchXXX,DC=domain,DC=local"