PowerShell reporting

Hi all,

I'm looking for some assistance with a project I'm currently working on.

The project:

To pull all users from AD who's UPN starts with the letter M - I have this scripted and it's working correctly

To go to O365 and get all the mailbox permissions for every users mailbox who's UPN starts with M (these will be managers), showing the display name of who has what level of access, then to output the results to a CSV file.

E.g.

Managers Name              Users who have access         Level of access

Manager 1                            David Smith                         Full Access

Manager 1                            Lee Brown                            Send as Access

Manager 2                            Darren Black                          Send as Access

Manager 2                             Jordan Green                            Full Access

Then to pull another report from AD which shows a Manager's Direct reports in a similar format to the above

E.g.

Managers Name               Direct Report

Manager 1                           Gillian Smith

Manager 1                           Jordan Green

Lastly I need to compare the CSV files to show who has access to a managers mailbox who is NOT a direct report.

What I have so far:

Import-Module ActiveDirectory
Connect-ExchangeOnline -credential $creds

$UPNsFromAD=(Get-ADUser -Filter * | where samaccountname -match "M\d\d\d" | select -ExpandProperty UserPrincipalName) -like "*.*@example1.co.uk"

#Create a blank array for any email addresses that were missed
$Missing=@()
#Get all Exchange Online Mailboxes to improve searching performance
$Exchange=Get-Mailbox -ResultSize "Unlimited"
#Using data from AD to find mailboxes within Exchange Online
$ManagerMailboxes= $UPNsFromAD.ForEach{
    try {
        $Exchange | where UserPrincipalName -eq $_
    }
    catch {
        #Any mailboxes that are not found will be recorded here
        $Missing+=$_
    }
}

$Managermailboxes.UserPrincipalName.ForEach{
    
    $Permissions += Get-MailboxPermission $_ | 
    Where {$_.user.tostring() -ne "NT AUTHORITY\SELF" -and $_.user.tostring() -notlike "S-1-5-21*" -and $_.IsInherited -eq $false}

}

$Permissions | Select User,AccessRights | Export-Csv -NoTypeInformation -Path C:\temp\ManagersMailboxPermissions.csv -Force

I'm getting multiple errors in this part of the code where it is only outputting one Managers mailbox permissions to the CSV file, for example the last name extracted from AD is Jamie Jones, the CSV will only show the mailbox permission for Jamie Jones and will only show Full Access permissions, not Send as.

The error I'm currently getting is: Method invocation failed because [System.Management.Automation.PSObject] does not contain a method named 'op_Addition'.

Hoping someone with far greater knowledge of PowerShell could give me some suggestions and example code to work with to get the results I'm looking for. Any help/examples/constructive criticism of my code would be greatly appreciated!

Thanks in advanced!