Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Full Access / Send As - Exchange 2010

Posted on 2013-05-16
4
Medium Priority
?
320 Views
Last Modified: 2013-08-08
Hi All,

I ran a PowerShell script against our exchange 2010 infrastructure a few months back to give a service account (domain\myserviceaccount) both Full Access and Send As permissions on all users.

Although it worked at the time, the permissions don't appear to be propagating against new users. Where have I gone wrong? What do I need to run instead to get it to propagate?

Many thanks,

Pete
0
Comment
Question by:PeterHing
  • 2
4 Comments
 
LVL 14

Expert Comment

by:Ben Hart
ID: 39171065
If you gained those permissions by running a script, then obviously you'd need to re-run the script to update new mailboxes created since then.  Can you post this script?
0
 
LVL 2

Author Comment

by:PeterHing
ID: 39171106
It was more of a command than a script. Was something as simple as:

Get-Mailbox | Add-MailboxPermission domain\serviceaccount -AccessRights FullAccess

Open in new window


It listed every mailbox as it added the permission.

I'm guessing I have to do something higher up that includes inheritance?
0
 
LVL 14

Expert Comment

by:Ben Hart
ID: 39171126
Mmmm no that'd be a recurring script you'd need to run. Ahhh possibly making the service account an Organization admin might do it.. or at least server administrator within Exchange.  But from the looks of it this script has nothing in it that'd make it a perm change to new mailboxes.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 1200 total points
ID: 39171896
The reason is that you set it on the mailbox, rather than higher up, so the permission doesn't get inherited.

This command will ensure that permissions are inherited.

get-mailboxserver | add-adpermission –user SVCAccount –accessrights ExtendedRight –extendedrights Send-As, Receive-As

Recieve As gives full mailbox access as well.

Simon.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
In this post, I will showcase the steps for how to create groups in Office 365. Office 365 groups allow for ease of flexibility and collaboration between staff members.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question