Get-ADPermission

Here, I am presenting some examples on usage of Get-ADPermission cmdlet

1. Returns the permissions that have been applied to the user Ed.

                        Get-ADPermission -Identity Ed

2. Returns the permissions that have been granted to the user Ed on the Contoso.com Receive connector.

                         Get-ADPermission “Contoso.com” -User Ed

3. Run the following command against a mailbox database in Exchange 2010 to see who has “Receive-As” permission set at the Database level.  This means it is applying to all mailboxes in that database.  You can also substitute the value to be “Send-As”, etc:

Get-adpermission “Mailbox Database Name” | where-object {$_.extendedrights -like ‘receive-as’} | select user,extendedrights

4. If you want to see all users and their relevant permissions they have against the database (meaning all mailboxes in that database) use:

Get-adpermission “Mailbox Database Name” | select user,extendedrights

5. If you want to see which permissions a specific user has to a database use:

Get-adpermission “Mailbox Database Name” -user “Username” | select user,extendedrights