How to allow a user to send email from another user via the server

A user is on holiday and someone else is monitoring his account.  When the new user tries to send an email from the abscent users mailbox he gets an error as he does have the correct permissions.  How do I change this setting from the server console?

Thanks, David
Who is Participating?
tigermattConnect With a Mentor Commented:

The change will replicate around the local AD site immediately by intra-site replication, so if you made the change in the same site as this user's Exchange mailbox is stored, chances are it's going to be on those DCs already. It's the internal caching in Exchange which will be more likely to cause delays for you. By default, Exchange will cache permissions like mailbox access and send as/on behalf rights for up to 4 hours. This is primarily to reduce load on AD by preventing Exchange checking with a DC every time a user performs an action.

Now, since your user has already tried to send and received a failure, Exchange will be caching a set of permissions which do not give the user the Send-As rights and will refer to these each time he tries to do so. Until that cache is refreshed, the user is going to be unable to exercise their send-as/-on-behalf rights, even if the permissions are correct in AD.

You could start restarting certain services, which will clear caches, but this will also take your mail environment offline for a period of time.

It's generally best just to wait.

AnuroopsunddConnect With a Mentor Commented:
You will require to give him Send As permission.
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

djemanuelAuthor Commented:
Ah, I have done this already, perhaps I just need to wait for a replication.  Do you know how frequently they run?

Thanks, David
depends upon the link and location of your DC's.
That all depends on how you want the messages to be "perceived". There are two methods, each requiring slightly different permissions.

Send As allows the user to impersonate the person who is on holiday without any mention in the emails that it is really the covering user sending those messages. This is good when a Shared Mailbox is in use, but companies don't tend to like it when one user is covering another user. To add Send-As permissions, you can do it at the Exchange Management Shell: get-mailbox <the user on holiday> | add-adpermission -user DOMAIN\<username of covering user> -accessright extendedright -extendedrights send-as
Send on Behalf is the preferred method for these scenarios in most institutions. It is a lesser permission from a political perspective. This provides some accountability, because all messages are signed as <Covering User> on behalf of <User on Holiday>. Thus, recipients are aware who has really sent the message and the user on holiday is protected - covering user cannot impersonate him. Ultimately, it's a trust thing, but it's important to get it right. Send on behalf rights can be added by editing the user properties in the Management Console, or again, at the shell: Set-Mailbox <Holiday User> -GrantSendOnBehalfTo <Covering User>

All permissions changes are likely to take some time to take effect, especially if the user has tried and received failures, as the 'failed' permission will be cached internally for some time.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.