How to execute powershell script faster

Question

The below code is trying to remove documents and permission on all shared mailboxes. The below script is taking more time to execute. I want to make the script to execute faster any help will be appreciated.

 $AmIOnO365=get-Mailbox -identity $User.UserPrincipalName -erroraction SilentlyContinue
    if($AmIOnO365 -ne $null)
        {
        $SharedMailboxes = Get-Mailbox -ResultSize unlimited -Filter {RecipientTypeDetails -eq 'SharedMailbox'}
        #write-host -ForegroundColor Green " All shared mailboxes for full delegation and remove as necessary"
        $Full=$null
        $Counter=0
        $SAM=$null
        foreach ($SharedMailbox in $SharedMailboxes)
            {
            $Counter=$Counter+1
            #write-host -ForegroundColor Green $Counter "/" $SharedMailboxes.count"."$SharedMailbox.PrimarySmtpAddress
            # Full Access Rights
            $Full = Get-MailboxPermission -identity $SharedMailbox.PrimarySmtpAddress | where {$_.IsInherited -eq $False -and $_.User -notlike "NT AUTHORITY*" -and $_.User -notlike "S-1-5-21*" -and $_.User -notlike "NAM*"} 
            If ($Full)
                {
                   Foreach ($DelegatedUser in $Full)
                    {
                    if($DelegatedUser.User -eq $UserPrimarySMTPAddress.PrimarySmtpAddress)
                        {
                        $SAM=$DelegatedUser.User
                                 Write-Host -ForegroundColor Yellow "     Removed full rights: $SAM on the shared mailbox:"$SharedMailbox.PrimarySmtpAddress
                        $LogFileContent+="`n`r`n`rRemoved full rights: "+$SAM+" on the shared mailbox: "+$SharedMailbox.PrimarySmtpAddress
                        #write-host -ForegroundColor White "     Removing" $UserPrimarySMTPAddress.PrimarySmtpAddress "rights of" $DelegatedUser.AccessRights "from " $SharedMailbox.PrimarySMTPaddress
                        Remove-MailboxPermission -Identity $SharedMailbox.PrimarySMTPaddress -user $UserPrimarySMTPAddress.PrimarySmtpAddress -AccessRights $DelegatedUser.AccessRights -Confirm:$False
                        }
                   }
                }
            }
            $LogFileContent > $FileName
        }

The Exchange Online CMDlets are slow. This is especially noticable on tenants with a lot of users. If you're looking for speed you can check for alternatives for the actions you're trying to do using Graph, EWS or the Exchange Online REST API (since you can use multi-threading when using those APIs you can get an increase in speed by a factor of 1000) — bluuf, Jul 03 '20 at 07:37

score 0 · Answer 1 · answered Jul 03 '20 at 08:24

With regards, to your logging:

As with using the increase assignment operator (+=) to create an object collection, you should generally avoid using the increase assignment operator (+=) for building strings as it is exponential expensive.

Instead, I recommend you to use the PowerShell pipeline and directly output the line into the log file:

foreach ($SharedMailbox in $SharedMailboxes) {
    $Counter=$Counter + 1
    # write-host -ForegroundColor Green $Counter "/" $SharedMailboxes.count"."$SharedMailbox.PrimarySmtpAddress
    # Full Access Rights
    $Full = Get-MailboxPermission -identity $SharedMailbox.PrimarySmtpAddress | where {$_.IsInherited -eq $False -and $_.User -notlike "NT AUTHORITY*" -and $_.User -notlike "S-1-5-21*" -and $_.User -notlike "NAM*"} 
    If ($Full) {
       Foreach ($DelegatedUser in $Full) {
            if($DelegatedUser.User -eq $UserPrimarySMTPAddress.PrimarySmtpAddress) {
                $SAM=$DelegatedUser.User
                Write-Host -ForegroundColor Yellow "     Removed full rights: $SAM on the shared mailbox:"$SharedMailbox.PrimarySmtpAddress
                "Removed full rights: " + $SAM + " on the shared mailbox: " + $SharedMailbox.PrimarySmtpAddress
                #write-host -ForegroundColor White "     Removing" $UserPrimarySMTPAddress.PrimarySmtpAddress "rights of" $DelegatedUser.AccessRights "from " $SharedMailbox.PrimarySMTPaddress
                Remove-MailboxPermission -Identity $SharedMailbox.PrimarySMTPaddress -user $UserPrimarySMTPAddress.PrimarySmtpAddress -AccessRights $DelegatedUser.AccessRights -Confirm:$False
            }
       }
    }
} | Add-Content $FileName

Perhaps also use `-notmatch` in the `Where-Object` clause: `where {!$_.IsInherited -and $_.User -notmatch '^(NT AUTHORITY|S-1-5-21|NAM)'}` — Theo, Jul 03 '20 at 08:39
Get-MailboxPermission and Set-MailboxPermission are the real bottlenecks here, they are very slow to execute, it can take a few seconds before they give a result. The performance loss caused by += is marginal compared to how long these cmdlets take to return something. Not too long ago I had to do a complete rewrite of a script that had a runtime of 11+ hours because it was using a lot of Exchange cmdlets. After replacing those calls with Graph calls and some EWS magic and combining it with runspaces the script ran in 5 minutes (over 20k mailboxes) — bluuf, Jul 03 '20 at 10:51

How to execute powershell script faster

1 Answers1