• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 499
  • Last Modified:

exchange 2010 global viewing of calendar and email boxes.

I have recently upgraded my exchange server to 2010 and now after decomissioning my exchange 2003 server I am starting to get huge requests that certain groups can no longer see calendars or inboxes of mailboxes they used to be able to and with using AD 2003 the exchange tabs no longer exist. I can go in through outlook and change the permissions on calendars (as a temp fix) but I really need to find out how to set up:

1.) certain groups to be able to see and adjust certain email boxes and calendars.
2.) certain users need to be able to open all email accounts through a seperate outlook profile using only thier credentials.

I was hoping to use the same thought process I did for the backupexec user that backs up all the email boxes but when trying to use that user through outlook it just fails on authentication.

thanks to any and all pointers and help in advance.
0
cisco_idiot
Asked:
cisco_idiot
  • 4
  • 3
1 Solution
 
endital1097Commented:
you need to use the add-mailboxpermission cmdlet or the exchange management console manage full access permissions
0
 
endital1097Commented:
for accounts that have access to everything you can use
get-mailboxdatabase | add-adpermission -extendedrights receive-as,sendas -user backupexec
0
 
cisco_idiotAuthor Commented:
Thank you Endital,

the add-mailbox permissions works perfectly for all the individual ones I need to fix. but the add-adpermission seems to be missing something for me when a privledged user tries to open up outlook with the profile for the other user I get the error "cannot open your default e-mail folders. the attempt to log on to microsoft exchange has failed" I can get around this with either the add-mailbox permissions or full access permissions.

could I use the command:
get-mailbox | add-mailboxpermission -user 'domain\admin group' -accessrights 'fullaccess'
?

I think this would be a quick fix but the next time I add a user I would need to do the same thing for each user.

I was looking for all the variables for extended right but can't seem to find them.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
endital1097Commented:
as long as you didn't get any errors, you may just need to wait for the information store to refresh which can take up to 2 hours

by setting this ad permission at the database level, any new mailboxes will inherit the permission

correction for above
send-as not sendas
0
 
cisco_idiotAuthor Commented:
ok I'll give it a couple of hours. and yeah I caught the send-as my typing is horrible so no worries.

what I got as a response was.

get-mailboxdatabase | add-adpermission -extendedrights Receive-as,send-as -user "email admins"

Identity             User                 Deny  Inherited
--------             ----                 ----  ---------
Mailbox Database ... domain\email Admins     False False
Mailbox Database ... domain\email Admins     False False
Terminated employees domain\email Admins     False False
Terminated employees domain\email Admins     False False

it didn't say it had any errors so I am assuming it is good.
0
 
endital1097Commented:
yes, you should be good
if you run it again you should get a warning that no changes were made
0
 
cisco_idiotAuthor Commented:
Perfect and concise
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now