如何在運行Get-ADPermission時獲取PrimarySMTPAddress

Question

我想輸出對郵箱具有SendAs權限的每個用戶。但是，我想使用primarySMTPAddress作爲標識符，該標識符未在Get-ADPermission cmdlet中公開。

我怎麼能修改此行的代碼，這樣做：

$SendAs = Get-ADPermission $Mailbox.DistinguishedName | ? {$_.ExtendedRights -like "Send-As" -and $_.User -notlike "NT AUTHORITY\SELF" -and !$_.IsInherited} | % {$_.User} 

我試着像這樣的東西，但無濟於事：

$SendAs = Get-ADPermission $Mailbox.DistinguishedName | ? {$_.ExtendedRights -like "Send-As" -and $_.User -notlike "NT AUTHORITY\SELF" -and !$_.IsInherited} | % {$_.User} 
$sendAs| %{$uSendAs += ($(if($uSendAs){";"}) + (Get-mailbox $_))} 

我試圖將其納入這個腳本：

$OutFile = "C:\scripts\export.txt" 
"DisplayName" + "," + "Alias" + "," + "Primary SMTP" + "," + "Full Access" + "," + "Send As" + "," + "Send on Behalf" | Out-File $OutFile -Force 

$Mailboxes = Get-Mailbox -ResultSize:Unlimited | Select Identity, Alias, DisplayName, DistinguishedName, primarysmtpaddress 
ForEach ($Mailbox in $Mailboxes) 
{ 
     $SendAs = Get-ADPermission $Mailbox.DistinguishedName | ? {$_.ExtendedRights -like "Send-As" -and $_.User -notlike "NT AUTHORITY\SELF" -and !$_.IsInherited} | % {$_.User} 
     $FullAccess = Get-MailboxPermission $Mailbox.Identity | ? {$_.AccessRights -eq "FullAccess" -and !$_.IsInherited} | % {$_.User} 
     $sendbehalf=Get-Mailbox $Mailbox.Identity | select-object -expand grantsendonbehalfto | select-object -expand rdn | % {$_.User} 
     if (!$SendAs -and !$FullAccess -and !$sendbehalf){continue} 
     $Mailbox.DisplayName + "," + $Mailbox.Alias + "," + $Mailbox.primarysmtpaddress + "," + $FullAccess + "," + $SendAs + "," + $sendbehalf | Out-File $OutFile -Append 
} 

Answer 1

使用Get-Recipient，因爲可以授予個人或組的權限。所以，它會是這樣的：

Get-ADPermission $Mailbox.Identity | where { ($_.ExtendedRights -like 「*Send-As*」) -and ($_.IsInherited -eq $false) -and -not ($_.User -like 「NT AUTHORITY\SELF」) } | Select @{n='Identity';e={(Get-Recipient $_.Identity).PrimarySmtpAddress}}