Overview
This guide provides PowerShell commands to remove user access from shared mailboxes and verify access removal in Microsoft Exchange Online.
Prerequisites
- Administrator privileges in Exchange Online.
- PowerShell module for Exchange Online installed.
- Proper authentication to Exchange Online.
Step 1: Connect to Exchange Online
Connect-ExchangeOnline -UserPrincipalName [email protected]Step 2: Remove User Access from Shared Mailboxes
$User = "[email protected]"
$SharedMailboxes = @("[email protected]", "[email protected]")
foreach ($Mailbox in $SharedMailboxes) {
Remove-MailboxPermission -Identity $Mailbox -User $User -AccessRights FullAccess -Confirm:$false
Remove-RecipientPermission -Identity $Mailbox -Trustee $User -AccessRights SendAs -Confirm:$false
}Step 3: Verify Access Removal
foreach ($Mailbox in $SharedMailboxes) {
Get-MailboxPermission -Identity $Mailbox | Where-Object { $_.User -like "$User" }
Get-RecipientPermission -Identity $Mailbox | Where-Object { $_.Trustee -like "$User" }
}If no results are returned, the user no longer has access.
Step 4: Disconnect from Exchange Online
Disconnect-ExchangeOnline -Confirm:$falseNotes
- Replace
[email protected]with the user whose access is being removed. - Replace
[email protected]and[email protected]with the actual shared mailboxes. - Ensure that permissions are removed both at the mailbox and recipient level to prevent lingering access.
Additional Considerations
- If users report still having access, check cached credentials or ensure changes have propagated.
- If access needs to be reinstated, use
Add-MailboxPermissionandAdd-RecipientPermissioncommands.
This script helps maintain security and manage mailbox access efficiently within Exchange Online.
© 2012–2025 Jet Mariano. All rights reserved.
For usage terms, please see the Legal Disclaimer.