Solved

Exchange 2007 Permissions

Posted on 2009-05-04
4
260 Views
Last Modified: 2013-11-15
Hello,

We have a mailbox in our organization which is a communal mailbox, it's our helpdesk mailbox actually. Our problem is that with most helpdesk inboxes, we all have access to it which is causing problems with emails going missing, or being filed away before being completed.

I've been tasked by my manager to find out the following information:

1. What permissions are needed to open a mailbox within Outlook, but not be able to move/delete mail from the mailbox? I can see that if you grant Receive-As at the database or storage group level, that will allow them to logon to all mailboxes within that container, but that is a little too much power for what I need. I just want one mailbox to be effected.

2. If I put a deny Full Access on the mailbox to multiple people, does that also deny the permissions such as delete item, send-as, etc, the so called lower permissions? All the helpdesk staff are domain admins(might not be the best way, but it's what we're stuck with at the moment), and that seems to be where they are getting the access to the mailbox, via the domain admins group.

Thanks.
0
Comment
Question by:Ignition_Helpdesk
4 Comments
 
LVL 24

Expert Comment

by:Rajith Enchiparambil
ID: 24298045
"""1. What permissions are needed to open a mailbox within Outlook, but not be able to move/delete mail from the mailbox? I can see that if you grant Receive-As at the database or storage group level, that will allow them to logon to all mailboxes within that container, but that is a little too much power for what I need. I just want one mailbox to be effected."""

Just give the same permission on the helpdesk mailbox rather than on the store.

Rajith.
0
 
LVL 6

Expert Comment

by:shahsejal
ID: 24298110
Also please see this link
How to Allow Mailbox Access
http://technet.microsoft.com/en-us/library/aa996343.aspx
0
 
LVL 65

Accepted Solution

by:
Mestha earned 250 total points
ID: 24300412
Server side, there are only two sets of permissions for mailboxes.

Full Access
No access.

No middle ground.

If you want to restrict it down, then you have to do it all client side.
That means removing the full mailbox access (And receive as) and then setting the permissions through Outlook.

http://www.amset.info/outlook/sharing-non-default-folders.asp

Simon.
0
 
LVL 37

Expert Comment

by:Jamie McKillop
ID: 24318670
You could also convert the mailbox to a public folder and set reviewer permissions for anyone you don't want to be able to delete or move items.

JJ
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
This video demonstrates basic masking and how to edit the mask to reveal the desired image.
The viewer will learn how to create multiple layers to apply various filters and how to delete areas from each layer’s filter.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now