Find 035 Orphaned SIDS and remove them from the mailboxes BULK!

This is used to clean up the User and shared mailboxes after a migration. 

#Run the following command on EXO  or Exchange depending on your environment.

#Change the RecipientTypeDetails to either  Usermailbox or Shared mailboxes

Get-Mailbox -ResultSize unlimited| where {$_.RecipientTypeDetails -eq "SharedMailbox"}| Get-MailboxPermission | where{$_.user.tostring() -like "*S-1-5-21*"} | select identity, User |export-csv c:\temp\SIDexport.csv

#With your exported report run the following on premise , this connects to your onprem domain #Controller where these SIDS exist.

 $data=import-csv C:\temp\SIDaudit\SIDexport.csv

    foreach($user in $data)

    {

     

$objSID = New-Object System.Security.Principal.SecurityIdentifier ($user.user)

$objUser = $objSID.Translate( [System.Security.Principal.NTAccount])

 $dataout = New-Object -TypeName psobject -Property @{

 Mailbox = $user.Identity

 value = $objUser.value

 SID = $user.user

}

$dataout|select mailbox, value, SID |export-csv C:\temp\SIDaudit\usersSidexport-all.csv -NoTypeInformation -Append

}

#This will show all of the SIDS with their corresponding user account on premise. 
#Once you have checked the user list is correct and your happy to remove the users you can run the #following command. to remove the SIDS on your EXO or Exchange environment.(were your #mailboxes are)

 $data=import-csv C:\temp\SIDaudit\usersSidexport-all.csv

    foreach($user in $data)

    {remove-mailboxpermission $data.identity -user $data.user -accessrights Fullaccess -whatif}