Exchange 2007 Permissions

Hello,

We have a mailbox in our organization which is a communal mailbox, it's our helpdesk mailbox actually. Our problem is that with most helpdesk inboxes, we all have access to it which is causing problems with emails going missing, or being filed away before being completed.

I've been tasked by my manager to find out the following information:

1. What permissions are needed to open a mailbox within Outlook, but not be able to move/delete mail from the mailbox? I can see that if you grant Receive-As at the database or storage group level, that will allow them to logon to all mailboxes within that container, but that is a little too much power for what I need. I just want one mailbox to be effected.

2. If I put a deny Full Access on the mailbox to multiple people, does that also deny the permissions such as delete item, send-as, etc, the so called lower permissions? All the helpdesk staff are domain admins(might not be the best way, but it's what we're stuck with at the moment), and that seems to be where they are getting the access to the mailbox, via the domain admins group.

Thanks.
LVL 4
Ignition_HelpdeskAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
MesthaConnect With a Mentor Commented:
Server side, there are only two sets of permissions for mailboxes.

Full Access
No access.

No middle ground.

If you want to restrict it down, then you have to do it all client side.
That means removing the full mailbox access (And receive as) and then setting the permissions through Outlook.

http://www.amset.info/outlook/sharing-non-default-folders.asp

Simon.
0
 
Rajith EnchiparambilOffice 365 & Exchange ArchitectCommented:
"""1. What permissions are needed to open a mailbox within Outlook, but not be able to move/delete mail from the mailbox? I can see that if you grant Receive-As at the database or storage group level, that will allow them to logon to all mailboxes within that container, but that is a little too much power for what I need. I just want one mailbox to be effected."""

Just give the same permission on the helpdesk mailbox rather than on the store.

Rajith.
0
 
shahsejalCommented:
Also please see this link
How to Allow Mailbox Access
http://technet.microsoft.com/en-us/library/aa996343.aspx
0
 
Jamie McKillopIT ManagerCommented:
You could also convert the mailbox to a public folder and set reviewer permissions for anyone you don't want to be able to delete or move items.

JJ
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.