Granting permissions AD group full access exchange 2010
Posted on 2013-09-18
Greetings I am somewhat confused about an issue in Exchange 2010. I am an Admin I would like to be able to run a command on a group in AD and allow this group to have Full Access to all the mailboxes without having to provide full access to the mailbox manually. Problem is we are currently providing full access to the mailbox manually everytime and then removing access on our personal admin accounts, performing the maintenance and then removing ourselves.
I have read a couple of things and somewhat interested in why you would not do this to a group rather than a database specified below. Again, I would like to not have to provide myself full access to the mailbox everytime I need to do some work. If someoene could provide the command I would be appreciative, thanks
Get-MailboxDatabase -identity "SERVERNAME\First Storage Group\Mailbox Database" | Remove-ADPermission -user administrator -ExtendedRights Receive-As, Send-As
Get-MailboxDatabase -identity “[mailbox database name]” | Add-ADPermission -user [username] -AccessRights GenericAll