We help IT Professionals succeed at work.

Access to all user accounts via Exchange server

Medium Priority
449 Views
Last Modified: 2012-05-12
I want to be able to gain access to any user mailbox via OWA with my logon credentials.
What persmission to I need to add to Exchange to allow this. I use the GUI but I can run shell if that is neccessary. I'm trying to avoid having to add my self to all permissions on each user. There must be one general group that will accomplish this. I am running Exchage 2007 srv pk 2

Thanks in advance
Comment
Watch Question

Mahmoud SabrySenior IT Systems Engineer
CERTIFIED EXPERT
Commented:
use the below cmdlet


get-mailbox | Add-MailboxPermission -User (your login name) -InheritanceType 'All' -AccessRights 'FullAccess'

Author

Commented:
Thank you, I will try that. I'm not sure if this needs to be in another thread, but I am now no longer able to connect to my mailbox only via the OWA.

This is the error message I am recieving. I broke something.

Request
Url: https://webmail.visualdatainc.com:443/owa/default.aspx
User host address: 192.168.1.143

Exception
Exception type: Microsoft.Exchange.Data.Storage.ConnectionFailedTransientException
Exception message: Cannot open mailbox /o=First Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=rderchan.

Call stack

Microsoft.Exchange.Data.Storage.ConnectionCachePool.OpenMailbox(String serverDn, String userDn, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, Object identity, ConnectFlag connectFlag, OpenStoreFlag openStoreFlag, CultureInfo cultureInfo, String clientInfoString, Boolean secondTry)
Microsoft.Exchange.Data.Storage.ConnectionCachePool.OpenMailbox(String serverDn, String userDn, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, Object identity, ConnectFlag connectFlag, OpenStoreFlag openStoreFlag, CultureInfo cultureInfo, String clientInfoString, Boolean secondTry)
Microsoft.Exchange.Data.Storage.ConnectionCachePool.OpenMailbox(String serverDn, String userDn, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, Object identity, ConnectFlag connectFlag, OpenStoreFlag openStoreFlag, CultureInfo cultureInfo, String clientInfoString)
Microsoft.Exchange.Data.Storage.MailboxSession.Initialize(LogonType logonType, ExchangePrincipal owner, DelegateLogonUser delegateUser, Object identity, OpenMailboxSessionFlags flags)
Microsoft.Exchange.Data.Storage.MailboxSession.CreateMailboxSession(LogonType logonType, ExchangePrincipal owner, DelegateLogonUser delegateUser, Object identity, OpenMailboxSessionFlags flags, CultureInfo cultureInfo, String clientInfoString)
Microsoft.Exchange.Data.Storage.MailboxSession.Open(ExchangePrincipal mailboxOwner, WindowsPrincipal authenticatedUser, CultureInfo cultureInfo, String clientInfoString)
Microsoft.Exchange.Clients.Owa.Core.OwaWindowsIdentity.CreateMailboxSession(ExchangePrincipal exchangePrincipal, CultureInfo cultureInfo)
Microsoft.Exchange.Clients.Owa.Core.UserContext.Load(OwaContext owaContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.CreateUserContext(OwaContext owaContext, UserContextKey userContextKey, UserContext& userContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.PrepareRequestWithoutSession(OwaContext owaContext, UserContextCookie userContextCookie)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.InternalDispatchRequest(OwaContext owaContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchRequest(OwaContext owaContext)
System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Inner Exception
Exception type: Microsoft.Mapi.MapiExceptionLogonFailed
Exception message: MapiExceptionLogonFailed: Unable to open message store. (hr=0x80040111, ec=1010) Diagnostic context: Lid: 18969 EcDoRpcExt2 called [length=417] Lid: 27161 EcDoRpcExt2 returned [ec=0x0][length=124][latency=0] Lid: 23226 --- ROP Parse Start --- Lid: 27962 ROP: ropLogon [254] Lid: 17082 ROP Error: 0x3F2 Lid: 26937 Lid: 21921 StoreEc: 0x3F2 Lid: 27962 ROP: ropExtendedError [250] Lid: 1494 ---- Remote Context Beg ---- Lid: 26426 ROP: ropLogon [254] Lid: 4740 StoreEc: 0x80070005 Lid: 30409 StoreEc: 0x80070005 Lid: 19145 StoreEc: 0x3F2 Lid: 23241 StoreEc: 0x3F2 Lid: 32186 Lid: 8620 StoreEc: 0x3F2 Lid: 1750 ---- Remote Context End ---- Lid: 26849 Lid: 21817 ROP Failure: 0x3F2 Lid: 26297 Lid: 16585 StoreEc: 0x3F2 Lid: 32441 Lid: 1706 StoreEc: 0x3F2 Lid: 24761 Lid: 20665 StoreEc: 0x3F2 Lid: 25785 Lid: 29881 StoreEc: 0x3F2

Call stack

Microsoft.Mapi.MapiExceptionHelper.ThrowIfError(String message, Int32 hresult, Int32 ec, DiagnosticContext diagCtx)
Microsoft.Mapi.ExRpcConnection.OpenMsgStore(OpenStoreFlag storeFlags, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, MapiStore msgStorePrivate, String& correctServerDn, ClientIdentityInfo clientIdentityAs, String userDnAs, String applicationId, CultureInfo cultureInfo)
Microsoft.Mapi.ConnectionCache.OpenMapiStore(String mailboxDn, Guid mailboxGuid, Guid mdbGuid, ClientIdentityInfo clientIdentity, String userDnAs, OpenStoreFlag openStoreFlags, CultureInfo cultureInfo, String applicationId)
Microsoft.Mapi.ConnectionCache.OpenMailbox(String mailboxDn, Guid mailboxGuid, Guid mdbGuid, WindowsIdentity windowsIdentityAs, String userDnAs, OpenStoreFlag openStoreFlags, CultureInfo cultureInfo, String applicationId)
Microsoft.Exchange.Data.Storage.ConnectionCachePool.OpenMailbox(String serverDn, String userDn, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, Object identity, ConnectFlag connectFlag, OpenStoreFlag openStoreFlag, CultureInfo cultureInfo, String clientInfoString, Boolean secondTry)
Commented:
I get error messages
'
Add-MailboxPermission : A parameter cannot be found that matches parameter name
 'rderchan'.
At line:1 char:46
+ get-mailbox | Add-MailboxPermission -rderchan <<<<  -InheritanceType 'All' -A
ccessRights 'FullAccess'
    + CategoryInfo          : InvalidArgument: (:) [Add-MailboxPermission], Pa
   rameterBindingException
    + FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.Exchange.Manage
   ment.RecipientTasks.AddMailboxPermission
It looks like your trying to login to the mailbox rderchan

You might of removed the OWA permission from yourself. Check the permission in Active Directory Users and Computers and verify that you have proper permission under your groups. Also check Exchange management Console under your permissions as well.

It sounds like you might of typed the wrong command into EWS (Shell) and stripped some permissions from yourself.
Commented:
I fixed my mailbox by unabling it and backin up my outlook box to a pst file. Createing a new mailbox on Exchange and importing the backup in a new ost. Then syncing. That fixed it.
Basically, I want access to each mailbox on the Exchange when I sign in as me or when my boss signs in. I created a small group and attatched that admin group to each users mailbox full permission. I can do this manually for each one but I was hoping there was a way to apply it globally for all current users and new users.

Thanks.

Author

Commented:
I figured it out generally so I can only take partial credit if any : )

Explore More ContentExplore courses, solutions, and other research materials related to this topic.