How to get AD user's "Display name" instead of logon name (domain\userid) while exporting "send as" and "full" permissions?

Question

I have googled and created two scripts . (1), (2)

(1)First one is to export "Full Access" of a shared email box called "ap.cz"

Get-Mailbox ap.cz | Get-MailboxPermission | where {$_.user.tostring() -ne "NT AUTHORITY\SELF" -and $_.IsInherited -eq $false} | Select Identity,User,@{Name='Access Rights';Expression={[string]::join(', ', $_.AccessRights)}} | Export-Csv \\myserver\c$\fulla.csv –NoTypeInformation

(2)Second one is to export "Send As" of a shared email box called "ap.cz"

Get-Mailbox ap.cz | Get-ADPermission | where { ($_.ExtendedRights -like “*Send-As*”) -and ($_.IsInherited -eq $false) -and -not ($_.User -like “NT AUTHORITY\SELF”) } | Select Identity, User, Deny | Export-CSV \\myserver\c$\sendass.csv

Both scripts are working fine.

Output for (1) is similar to this

output for (2) is similar to this

But for both occasions I get "User logon name" in the format (domain\userid) where userid is a number in my organization.

But I need to get display name/full name instead of "User logon name" while exporting to csv..

I'm not an exchange admin or well versed in exchange/powershell, but i am checking/supporting overall IT infrastructure, and when a manager is asking for a list of names, for "send as" or "full access" for a certain mailbox, I have to export it using above scripts and re-convert "user logon name" to display name manually.

Can someone please advice how to change both scripts to display "full name/display name" instead of login name ? I have tried googlin, yet no luck..

score 1 · Accepted Answer · answered Sep 17 '17 at 03:53

$users.user.rawidentity will eliminate type casting and few more lines...

"Full Access" list

$users=Get-Mailbox ap.cz | Get-MailboxPermission | where {$_.user.tostring() -ne "NT AUTHORITY\SELF" -and $_.IsInherited -eq $false} 
$ss=$users.user.rawidentity | Where-Object {$_ -notlike "s-1*"}

foreach ($item in $ss){ 
$b = $item.Split("\")
$c=$b.Split("}")[1]
Get-ADUser -identity $c -properties DisplayName | select DisplayName
}

"Send As" list

$users=Get-Mailbox ap.cz | Get-ADPermission | where { ($_.ExtendedRights -like “*Send-As*”) -and ($_.IsInherited -eq $false) -and -not ($_.User -like “NT AUTHORITY\SELF”) } | Select User
$ss=$users.user.rawidentity | Where-Object {$_ -notlike "s-1*"}

foreach ($item in $ss){ 
$b = $item.Split("\")
$c=$b.Split("}")[1]
Get-ADUser -identity $c -properties DisplayName | select DisplayName
}

score 0 · Answer 2 · answered Mar 20 '17 at 08:58

Finally, I got help with my programming friend (Who knows nothing about AD objects) and ended up with below solution.. This might not be the ideal solution, but Both are working saves the purpose!! Wish to share the solution, so someone can be benefitted and or can suggest a better solution..

(1)First one is to export "Full Access" of a shared email box called "ap.cz"

 $users=Get-Mailbox ap.cz | Get-MailboxPermission | where {$_.user.tostring() -ne "NT AUTHORITY\SELF" -and $_.IsInherited -eq $false} | Select User

            $num=$users.length

            for

($i=0; $i -lt $num; $i++)
        {
        Try
        {

            $item=$users[$i]
            $itemcast=[string]$item
            $b = $itemcast.Split("\")[1]
            $c=$b.Split("}")[0]

        Get-ADUser -identity $c -properties DisplayName | select DisplayName
        }


        catch
        {
        $error="error"
        }
        }

(2)Second one is to export "Send As" of a shared email box called "ap.cz"

 $users=Get-Mailbox ap.cz | Get-ADPermission | where { ($_.ExtendedRights -like “*Send-As*”) -and ($_.IsInherited -eq $false) -and -not ($_.User -like “NT AUTHORITY\SELF”) } | Select User
    $num=$users.length

    for($i=0; $i -lt $num; $i++)
    {
    Try
    {

        $item=$users[$i]
        $itemcast=[string]$item
        $b = $itemcast.Split("\")[1]
        $c=$b.Split("}")[0]

    Get-ADUser -identity $c -properties DisplayName | select DisplayName
    }


    catch
    {
    $error="error"
    }
    }

both scripts were saved as script1.ps1 and script2.ps1 and output was saved to out-file c:\araa.csv

How to export to csv

 script2.ps1 | out-file c:\araa.csv

score -2 · Answer 3 · edited Jan 03 '17 at 14:41

-2

Powershell one more way,

$gadu=get-aduser username -properties *

$gadu.Displayname

Save the output to a var, then adding the name of the filed that we want to look at to the end of the var, think of the $gadu var as table, not as fancy as the formatting as above but is still handy. The get-aduser can be funny about what fields it outputs, so I use the -properties * 99% of the time.

edited Jan 03 '17 at 14:41

HBruijn

77,029
24
135
201

answered Dec 15 '16 at 23:15

user390804

1
1

How to get AD user's "Display name" instead of logon name (domain\userid) while exporting "send as" and "full" permissions?

3 Answers3