Michael986
asked on
Outlook issues with multiple mailboxes in O365
We have recently migrated our Exchange mailboxes to the Office365 hosted solution. For most people this is working fine, but there is one manager who is having performance issues in Outlook (2013, running on Windows 7 pro)
This manager has approx 5 shared mailboxes plus 7 'other users' mailboxes open in her Outlook and is finding that Outlook is very slow to switch between one mailbox and another - it will sometimes show as 'not responding' for 30 seconds or so before displaying the e-mails, or it might show as 'not connected' in the Outlook status bar whilst it tries to load the e-mails.
My question is in 2 parts :-
1. Are there any ways to improve the performance with the current setup - eg having cached mode on or off . I'm not sure what the default option is for caching - it's currently 'on' and her OST file is about 3GB, which is the size of the mailbox.
2. If the problem is caused by too many mailboxes, then we'd be happy to close them all and just allow them to be opened 'on demand'. It seems that, if we add 'Full Access' permissions for the manager to a user's mailbox, the mailbox automatically gets pushed out to the managers outlook. So for the next step, I've removed 'Full Access' permissions
The manager is a member of the 'Domain Admins' security group, although this group does not show in the O365 console - it only shows on our local AD which is sync'd (one way only) with O365
We've added one of the users' (Sean) mailbox to the manager's Outlook using the Account Settings | More Settings | Advanced 'Add Mailbox' option.
Here is a screen dump of the permissions on one of the users mailboxes. However the manager is NOT able to open Sean's mailbox - it gives the message 'Cannot expand folders'
I then created a new security group in the O365 console (which obviously will not sync back to the local AD) and put the manager in it, then used this command :-
add-mailboxpermission sean2 -user "accountsaccess" -accessrights fullaccess -inheritancetype all
Now the permissions are changed and the manager CAN see Sean's mailbox
My question here is, why does it not allow her access through 'Domain Admins' - I've got enough security groups in AD to manage all these types of permissions, so don't want to have to create more in O365
This manager has approx 5 shared mailboxes plus 7 'other users' mailboxes open in her Outlook and is finding that Outlook is very slow to switch between one mailbox and another - it will sometimes show as 'not responding' for 30 seconds or so before displaying the e-mails, or it might show as 'not connected' in the Outlook status bar whilst it tries to load the e-mails.
My question is in 2 parts :-
1. Are there any ways to improve the performance with the current setup - eg having cached mode on or off . I'm not sure what the default option is for caching - it's currently 'on' and her OST file is about 3GB, which is the size of the mailbox.
2. If the problem is caused by too many mailboxes, then we'd be happy to close them all and just allow them to be opened 'on demand'. It seems that, if we add 'Full Access' permissions for the manager to a user's mailbox, the mailbox automatically gets pushed out to the managers outlook. So for the next step, I've removed 'Full Access' permissions
The manager is a member of the 'Domain Admins' security group, although this group does not show in the O365 console - it only shows on our local AD which is sync'd (one way only) with O365
We've added one of the users' (Sean) mailbox to the manager's Outlook using the Account Settings | More Settings | Advanced 'Add Mailbox' option.
Here is a screen dump of the permissions on one of the users mailboxes. However the manager is NOT able to open Sean's mailbox - it gives the message 'Cannot expand folders'
I then created a new security group in the O365 console (which obviously will not sync back to the local AD) and put the manager in it, then used this command :-
add-mailboxpermission sean2 -user "accountsaccess" -accessrights fullaccess -inheritancetype all
Now the permissions are changed and the manager CAN see Sean's mailbox
My question here is, why does it not allow her access through 'Domain Admins' - I've got enough security groups in AD to manage all these types of permissions, so don't want to have to create more in O365
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If possible, remove users from the domain admin group now. For your own local domain, it's a grave security risk. One accidental click on a virus, and the whole domain might get infected, instead of just that computer (or even better, just his local user profile).
ASKER
We don't actually have any normal users in the Domain Admins group - I just used it for testing purposes and to easily highlight my query.
But thanks for the followup - it's good advice.
But thanks for the followup - it's good advice.
ASKER
And the workaround seems OK - I don't mind spending a bit of time getting things setup properly at the outset - should make things easier in the long run
thanks