Solved

Full Access / Send As - Exchange 2010

Posted on 2013-05-16
4
256 Views
Last Modified: 2013-08-08
Hi All,

I ran a PowerShell script against our exchange 2010 infrastructure a few months back to give a service account (domain\myserviceaccount) both Full Access and Send As permissions on all users.

Although it worked at the time, the permissions don't appear to be propagating against new users. Where have I gone wrong? What do I need to run instead to get it to propagate?

Many thanks,

Pete
0
Comment
Question by:PeterHing
  • 2
4 Comments
 
LVL 14

Expert Comment

by:Ben Hart
ID: 39171065
If you gained those permissions by running a script, then obviously you'd need to re-run the script to update new mailboxes created since then.  Can you post this script?
0
 
LVL 2

Author Comment

by:PeterHing
ID: 39171106
It was more of a command than a script. Was something as simple as:

Get-Mailbox | Add-MailboxPermission domain\serviceaccount -AccessRights FullAccess

Open in new window


It listed every mailbox as it added the permission.

I'm guessing I have to do something higher up that includes inheritance?
0
 
LVL 14

Expert Comment

by:Ben Hart
ID: 39171126
Mmmm no that'd be a recurring script you'd need to run. Ahhh possibly making the service account an Organization admin might do it.. or at least server administrator within Exchange.  But from the looks of it this script has nothing in it that'd make it a perm change to new mailboxes.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 400 total points
ID: 39171896
The reason is that you set it on the mailbox, rather than higher up, so the permission doesn't get inherited.

This command will ensure that permissions are inherited.

get-mailboxserver | add-adpermission –user SVCAccount –accessrights ExtendedRight –extendedrights Send-As, Receive-As

Recieve As gives full mailbox access as well.

Simon.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now