Search & Delete Messages from Exchange User Mailboxes with Search-Mailbox Command

Read time: 5 minutes

The Exchange Management Shell empowers administrators with robust control over their Exchange environment. It not only allows you to efficiently search mailbox and database details but also execute various essential actions. While it may not offer the same user-friendly experience as the Exchange admin center, it excels in performing a broader range of tasks with greater comprehensiveness. In this discussion, we will explore the utilization of the Search-Mailbox command to search for and delete messages from Exchange user mailboxes.

Why do you need to search and delete messages?

Email exchanges often contain a wealth of critical and sensitive information, making it imperative to prevent unauthorized access. The repercussions of such information falling into the wrong hands can lead to significant financial losses and reputation damage. In cases where emails have been mistakenly sent to unintended recipients, administrators possess the capability to locate and remove them swiftly through the utilization of the Search-Mailbox command.

Here is how you can Search & Delete Messages from Exchange User Mailboxes using Exchange Management Shell cmdlets.

To check the contents of a mailboxes, the command is Search-Mailbox.
Other than searching specific items in a mailbox, the following tasks can also be performed using this cmdlet:

• Recover items from the Recoverable Items folder
• Copy messages to a specified target
• Clean up the Recoverable Items folder of a mailbox once it reaches the specified limit
• Delete messages from a mailbox

Before Starting, be Sure That:

• The account must have been assigned a Mailbox Search role to search for messages in multiple mailboxes. This role is not assigned to the administrator by default. You can assign this role by adding yourself as a member of the Discovery Management Role Group.
• The user must know how to use Exchange Management Shell to run the cmdlets.
• To delete messages from a mailbox, the Mailbox Import Export Management Role must be assigned to the administrator.
• The user can search a maximum of 10,000 mailboxes using the Search-Mailbox cmdlet. For unlimited searching of mailboxes, the user can run the New-Compliance Search cmdlet.
• If the user includes a search query with the cmdlet, it provides a maximum of 10,000 items in the search.
• Search-Mailbox cmdlet also searches the archive mailboxes.
• The facility is available for on-premises Exchange Server 2010 and later versions only along with Exchange Online.

The primary requirement is assigning two management roles to the account via Exchange Management Shell or Exchange Admin Center.

• Mailbox Import Export Role:

To assign Import Export role, the Exchange Management Shell cmdlet is

New-ManagementRoleAssignment -User <username> -Role “Mailbox Import Export”
• Mailbox Search Role:

To assign the Mailbox Search role, the Exchange Management Shell cmdlet is

New-ManagementRoleAssignment -User <username>-Role “Mailbox Search”

To start with, run the Exchange Management Shell application as an administrator.

The below cmdlet is for searching specific message(s) in the user mailboxes. Just provide your mailbox name and specific phrase or words, and the target folder name where you want to save the data.

For Example:

Now, let us see how to search messages using the SearchQuery of attachment parameter in all the mailboxes.

The output result would be all the messages containing that attachment with the specified file name. It also sends a log message to the administrator’s mailbox.

Let us see the commands to search for emails with particular phrases or words coming in the email subject, copy them to the target folder, and delete them from the source mailbox.

Using this command, you can simply search and delete the messages having a specific phrase in the subject.

Run this command if you want to search specific messages that contain a specified phrase in the subject. It copies these messages to deleted messages folder and deletes those messages from the Source mailbox folder.

After absorbing the technical approach for locating items within the Exchange user mailbox, you’ll find that mastering this skill is imperative for achieving precise results. Even the slightest oversight can potentially wreak havoc by compromising the integrity of your file data.

To streamline the search and conversion of items, whether they are stored in EDB files, live Exchange servers, or Office 365, users can rely on Kernel for Exchange Recovery. This highly efficient third-party software empowers users to effortlessly locate and convert mailbox items in a matter of minutes.

With its robust Search capabilities, this tool empowers users to efficiently locate specific emails using a range of criteria, including Subject, Body, From, To, Cc, Bcc, and more. Additionally, users can preview their search results before taking any action. Whether you need to selectively export, migrate, or save these items to meet your specific needs, this tool provides the flexibility to do so seamlessly. Furthermore, it offers the convenience of conducting subsequent searches within the search results themselves. This versatile tool supports searching within offline EDB files, live Exchange Server, and Office 365 environments. Notably, it also aids in the recovery of accidentally deleted Exchange mailbox items, making it an indispensable asset for email management and data retrieval.

Conclusion

The article demonstrates the precise utilization of the Exchange Management Shell for efficient email search and deletion on an on-premises Exchange Server. This versatile tool empowers administrators to seamlessly search for and delete mailbox items. In the event of accidental mailbox item deletions, a recommended solution is to employ reliable third-party Exchange Server data recovery software. By scanning the EDB file, this software effortlessly restores mailboxes from EDB file , ensuring a hassle-free recovery process.