We have a migration taking place by a 3rd party who are going to use a migration.admin account to remotely migrate emails onto there hosted platform.
When they tried to do the migration it failed due to permissions issues so they asked us to set full access permissions on the mailbox database, I have tested this on a DB below
get-mailboxdatabase "TestDB1" | Add-ADPermission -user "migration.admin" -accessrights GenericAll
I have checked using the below command and see the migration.admin account in the list
get-adpermission "TestDB1" | ft -auto
My question is if I look on the properties of an AD account that is in this mailbox store I do not see the migration.admin account listed
if I run the below command on a mailbox that is in that store I also do not see the migration.admin account listed
get-adpermission "TestUser1" | ft -auto
Is this correct behavior or does this mean that the permission I set on the database level is not filtering down to the mailboxes.