Monday, February 12, 2007

Granting permissions to mailboxes in Exchange 2007

An interesting topic came up in mailing list I am on. Administrator is trying ti fougre out how to give a user full access to another user's mailbox. This is done via the Exchange Management Shell. There is no Exchange Management Console interface for doing this. Here is the syntax if I want to give user Jim.McBee permission to the John.Galt mailbox.

Add-MailboxPermission John.Galt -User Jim.McBee -AccessRights FullAccess

You can also grant permission to open or access all of the mailboxes on an entire mailbox database. Let's day I want to give user Auditor permission to the Accounting Mailbox Database (assuming it is uniquely named), here is the syntax:

Add-ADPermission "Accounting Mailbox Database" -User Auditor -ExtendedRights Receive-As

Thanks to Microsoft's Ross Smith for this tidbit of information.



At 9:30 PM, Blogger Unknown said...

The last one doesn't work correctly, because there are multiple entries.

You need to use the following code:

get-mailboxdatabase - identity db name | Add-adpermission -user user or group name -accessrights GenericAll -extendedrights receive-as, send-as

Jeroen Lanters
Capgemini Netherlands

At 5:32 AM, Blogger Nick said...

You can do the same without a typing of a single command to exchange management shell with a tool called security explorer for exchange that is avialable from

This solution provides a gui interface and shows every object’s permissions in a convenient tree view.

This enables more intuitive and fast permissions management as well as security cloning, searching and backup.

In addition security explorer for exchange can view and manage permissions on mailbox folders like calendars, contacts, and inbox.


Post a Comment

<< Home