Solved

Full Access / Send As - Exchange 2010

Posted on 2013-05-16
4
306 Views
Last Modified: 2013-08-08
Hi All,

I ran a PowerShell script against our exchange 2010 infrastructure a few months back to give a service account (domain\myserviceaccount) both Full Access and Send As permissions on all users.

Although it worked at the time, the permissions don't appear to be propagating against new users. Where have I gone wrong? What do I need to run instead to get it to propagate?

Many thanks,

Pete
0
Comment
Question by:PeterHing
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 14

Expert Comment

by:Ben Hart
ID: 39171065
If you gained those permissions by running a script, then obviously you'd need to re-run the script to update new mailboxes created since then.  Can you post this script?
0
 
LVL 2

Author Comment

by:PeterHing
ID: 39171106
It was more of a command than a script. Was something as simple as:

Get-Mailbox | Add-MailboxPermission domain\serviceaccount -AccessRights FullAccess

Open in new window


It listed every mailbox as it added the permission.

I'm guessing I have to do something higher up that includes inheritance?
0
 
LVL 14

Expert Comment

by:Ben Hart
ID: 39171126
Mmmm no that'd be a recurring script you'd need to run. Ahhh possibly making the service account an Organization admin might do it.. or at least server administrator within Exchange.  But from the looks of it this script has nothing in it that'd make it a perm change to new mailboxes.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 400 total points
ID: 39171896
The reason is that you set it on the mailbox, rather than higher up, so the permission doesn't get inherited.

This command will ensure that permissions are inherited.

get-mailboxserver | add-adpermission –user SVCAccount –accessrights ExtendedRight –extendedrights Send-As, Receive-As

Recieve As gives full mailbox access as well.

Simon.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
how to add IIS SMTP to handle application/Scanner relays into office 365.

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question