Few days ago I started playing with permissions on our Exchange 2010 Receive Connector. I wanted to achieve that one of my service accounts users could send emails. During this testing I added all sorts of permissions to this Receive Connector. After I finished testing I wanted to get rid of all permissions I gave to this user. And how did I do it?
First I wanted to see all permissions that I gave to this user:
Get-ReceiveConnector "Server\Full Connector Name" | Get-ADPermission -User "Domain\Username" |? {$_.extendedrights} | select identity,user,extendedrights | Format-List
Second I got rid of all permissions that I got from previous command:
Get-ReceiveConnector "Server\Full Connector Name" | Remove-ADPermission -User "Domain\Username" -ExtendedRights ms-Exch-SMTP-Accept-Any-Recipient,ms-Exch-SMTP-Accept-Authoritative-Domain-Sender,ms-Exch-Accept-Headers-Routing,ms-Exch-SMTP-Accept-Any-Sender
At the end I run first command set again just to check if I really got rid of everything.
I hope this will help you clean up your Exchange server as it helped me.
This is it for this year. Have fun!
