I'm trying to run a report of users with Send-As rights to mailboxes. I'm using the following code which is working fine:
$sa_user = Get-Mailbox -id <mailbox> | Get-ADPermission | where { ($_.ExtendedRights -like "*Send-As*") -and ($_.IsInherited -eq $false) }
But the ${sa_user.User} data can be rather "unhelpful" and I've been asked to provide more useful data (namingly: Department, CanonicalName, and DisplayName).
I'd like to tie the $sa_user adpermission object to an aduser object, as it has all those properties I need for the report. I've tried:
$ad_user = Get-ADUser -id $sa_user.identity
But $sa_user.identity is for the mailbox, not the user. So I tried:
$ad_user = Get-ADUser -id $sa_user.User
But I get only errors that Get-ADUser cmdlet Identify can't find the value given by $sa_user.User.
So my question is; How do I get the aduser object based off available properties from the adpermission object?...Or any other way or shortcut or intermediary to get there?
