Full Access / Send As - Exchange 2010

Hi All,

I ran a PowerShell script against our exchange 2010 infrastructure a few months back to give a service account (domain\myserviceaccount) both Full Access and Send As permissions on all users.

Although it worked at the time, the permissions don't appear to be propagating against new users. Where have I gone wrong? What do I need to run instead to get it to propagate?

Many thanks,

Pete
LVL 2
PeterHingAsked:
Who is Participating?
 
Simon Butler (Sembee)ConsultantCommented:
The reason is that you set it on the mailbox, rather than higher up, so the permission doesn't get inherited.

This command will ensure that permissions are inherited.

get-mailboxserver | add-adpermission –user SVCAccount –accessrights ExtendedRight –extendedrights Send-As, Receive-As

Recieve As gives full mailbox access as well.

Simon.
0
 
Ben HartCommented:
If you gained those permissions by running a script, then obviously you'd need to re-run the script to update new mailboxes created since then.  Can you post this script?
0
 
PeterHingAuthor Commented:
It was more of a command than a script. Was something as simple as:

Get-Mailbox | Add-MailboxPermission domain\serviceaccount -AccessRights FullAccess

Open in new window


It listed every mailbox as it added the permission.

I'm guessing I have to do something higher up that includes inheritance?
0
 
Ben HartCommented:
Mmmm no that'd be a recurring script you'd need to run. Ahhh possibly making the service account an Organization admin might do it.. or at least server administrator within Exchange.  But from the looks of it this script has nothing in it that'd make it a perm change to new mailboxes.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.