Shared Secondary Exchange 2010 mailbox

A secondary exchange 2010 mailbox is shared by two users.  I need one user to be able to send using that mailbox but the other user should not be able to send but only read emails from that mailbox and reply using his primary email.
LVL 7
Niten KumarPrincipal Systems AdministratorAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

sumeshbnrCommented:
I think you can do this through by creating a transport rule in your Hub transport server (If all roles in a single server ,then leave it)

See this article ,this is for Exchange 2007 But you can use for 2010 also

http://www.msexchange.org/articles-tutorials/exchange-server-2007/management-administration/restricting-users-send-receive-external-messages-exchange-server-2007.html
0
VB ITSSpecialist ConsultantCommented:
Grant the first user Send As rights to the shared mailbox in the Exchange Management Console:
Expand Recipient ConfigurationMailbox > right click on the shared mailbox > Manage Send As Permission... > add the user you want to grant Send As access to > Manage > Finish

If you have at least Exchange 2010 SP2 Update Rollup 4 installed, you can use configure it so that emails the user sends out from this shared mailbox gets copied into the shared mailbox's Sent Items folder using the below command:
Set-MailboxSentItemsConfiguration <shared mailbox> -SendAsItemsCopiedTo SenderAndFrom
0
Niten KumarPrincipal Systems AdministratorAuthor Commented:
The user will have two mailboxes, one is personal and the other will be official.  For e.g gary.cliifton@contoso.com and sales@contoso.com.  Do I have to give gary Manage Full Access Permission over the sales@contoso.com mailbox or just Send As Permissions.  The other user peter.wilson@contoso.com should have the sales@contoso.com mailbox but only be able to receive mails and not be able to send using sales@contoso.com.

At the moment the way it is setup is that both gary and peter have Full Access Permission over the sales mailbox.  This is so that when they open outlook they are not prompted for passwords for that mailbox.  The users want it that way - no password prompts.  At the moment I am using Send on Behalf option under Delivery Options.  Only gary has been added in the Send on Behalf.  I don't know whether that is the right way to do it.
0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

VB ITSSpecialist ConsultantCommented:
Do I have to give gary Manage Full Access Permission over the sales@contoso.com mailbox or just Send As Permissions.
You don't need to grant Gary Full Access for him to be able to send as Sales - just the Send As access will suffice if he doesn't need access to the mailbox.
The other user peter.wilson@contoso.com should have the sales@contoso.com mailbox but only be able to receive mails and not be able to send using sales@contoso.com.
If Peter hasn't been granted Send As or Send on Behalf access then he won't be able to send from the Sales address, he will just receive an error message stating he doesn't have the necessary permissions if he ever tries.
At the moment the way it is setup is that both gary and peter have Full Access Permission over the sales mailbox.  This is so that when they open outlook they are not prompted for passwords for that mailbox.  The users want it that way - no password prompts.  At the moment I am using Send on Behalf option under Delivery Options.  Only gary has been added in the Send on Behalf.  I don't know whether that is the right way to do it.
When Gary has Send on Behalf permissions, any emails he sends out from the Sales address will show Gary Clifton on behalf of Sales in the From field.

If you grant Gary Send As access to the Sales address then the email will appear as if it came from Sales and the receiving end will be none the wiser.

So the 'right' way of doing it will depend on your requirements really. Do emails that Gary send out need to say Gary on behalf of Sales or do they need to appear to come from Sales?
0
Niten KumarPrincipal Systems AdministratorAuthor Commented:
Thanks for solution.  But can you explain more on my requirement below:

Gary will need access to the mailbox.  By that I mean in outlook he will have his personal mailbox added and then the sales mailbox added (Will I be able to add the mailbox to his outlook without giving Full Permission). When he opens outlook everyday, there should not be any prompts for password. When he sends out emails from the Sales address it should show Sales in the From field.

Peter will also have the same setup with his outlook having his personal mailbox added first and then the sales mailbox.  But he should not be allowed to send emails using the sales mailbox.
0
VB ITSSpecialist ConsultantCommented:
Gary will need access to the mailbox.  By that I mean in outlook he will have his personal mailbox added and then the sales mailbox added (Will I be able to add the mailbox to his outlook without giving Full Permission). When he opens outlook everyday, there should not be any prompts for password. When he sends out emails from the Sales address it should show Sales in the From field.
In this scenario Gary will need Full Access as well as Send As access to the Sales mailbox. Remove Gary from the Send on Behalf access list. He will not be able to add the Sales mailbox to his view in Outlook without Full Access.
Peter will also have the same setup with his outlook having his personal mailbox added first and then the sales mailbox.  But he should not be allowed to send emails using the sales mailbox.
Peter will just need Full Access to the Sales mailbox and nothing else. As long as his name isn't on the Send on Behalf or Send As access list then he will not be able to send from the Sales mailbox.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Niten KumarPrincipal Systems AdministratorAuthor Commented:
Thank you for your solution.  I will accept that.  I wanted to ask you about a scenario that works differently in our organization.  Many users have Full Access over their secondary mailbox and Send on Behalf permission set. When they send emails using their secondary email it doesn't show on Behalf of Sales for e.g.

Why does it work like that in this case?
0
VB ITSSpecialist ConsultantCommented:
Double check that the user doesn't have Send As access to the mailbox. Also check the Security tab in the Properties of the mailbox in Active Directory Users and Computers and ensure the user isn't listed in there with Send As access.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Servers

From novice to tech pro — start learning today.