Exchange Online Management Scripts

Today I’ve released a number of my internal Exchange Online management scripts publicly on my GitHub in the hope that they can be of use to other Sys Admins. They are incredibly simple, but are designed to make keeping your Exchange environment clean and consistent a much easier job. This is done through the automatic management of attributes to ensure that each object is as detailed as possible. Our existing scripts use the Alias of each object as it’s unique ID. This makes it easier to automate across multiple domains and tenants and we have processes in place to ensure that these are always consistent. You can however, easily change each script to use an email address if that is your preference.


This script does what it says on the tin and will create a Shared Mailbox and the associated security group that will be used to manage access to the aforementioned shared mailbox. It works by:

  1. Connecting to and authenticating against Exchange Online.
  2. Parsing and amending user input to ensure consistency (such as appending a company name to each display name).
  3. Creating a Mailbox Access Group which will be used to manage the access and send permissions of the mailbox.
  4. Creating the mailbox itself.
  5. Adding the Mailbox Access Group (and therefore it’s members) to the delegated Full Access and Send As permissions on the mailbox.

Mailbox Access Group

The mailbox access group is created with the following attributes:

Display NameAN_MAIL_%mailbox-alias%
NotesThis is a security group to control access to the Shared Mailbox %mailbox-name% (%mailbox-alias%). All users within this group will be granted full Read and Send access on the aforementioned mailbox.
List of attributes automatically populated.

Shared Mailbox

The mailbox itself is created with the following attributes:

Display Name%display-name% (ayloNet)
NotesShared Mailbox. Access controlled by: ” + %AccessGroupName%
OfficeShared Mailbox
DepartmentInternal Information Systems
CountryUnited Kingdom
List of attributes automatically populated.


This script will remove both the shared mailbox and the relevant access group. This prevents a backlog of unused mailbox access groups being left within your environment and cluttering your directory. All you need to provide is the Alias of the mailbox you wish to remove, such as M123456

Leave a Reply