Need to assign a user mailbox "full access" to all mailboxes in O365


I need to assign a user mailbox "full access" to all mailboxes in O365. Instead to do that can I just assign a builtin admin role which already has full access to all mailboxes?

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Vasil Michev (MVP)Commented:
No such role/method in Exchange Online. You will have to go over each mailbox and add the permissions. In addition, you will have to do this for every new mailbox.
Jose Gabriel Ortega CEE Solution Guide - CEO Faru Bonon ITCommented:
the user you want to Add is called "sam2009" (this is the samAccountName)

Set-ExecutionPolicy RemoteSigned
$UserCredential = Get-Credential

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session -DisableNameChecking
Get-Mailbox -ResultSize Unlimited | Add-MailboxPermission -User $UserWithFullAccess -AccessRights FullAccess -InheritanceType All
#uncomment if required to clean up the session.
#Remove-PSSession $Session

Open in new window

Instead, Assign Application Impersonation Permission to that one mailbox.On above said methods, you need to add the mailbox permission when a new user join the company.. If you assign Application Impersonation rights, then user can impersonate all the mailboxes in the company including CEO..

New-ManagementRoleAssignment -Name:AI -Role:ApplicationImpersonation -User:"UserName"

Note: This will be used, when you want to perform anything on multiple mailboxes using single account.
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

FOXActive Directory/Exchange EngineerCommented:
Connect to O365 with powershell

Get-Mailbox -Resultsize Unlimited | %{Add-MailboxPermission  $_.alias -User "emailaddressofusergettingfullaccess"  -AccessRights FullAccess -verbose}
SAM2009Author Commented:
If  Impersonation Permission can be used why don't just do that instead to run PowerShell cmd to add full access all the times.
Vasil Michev (MVP)Commented:
Impersonation only works with Exchange Web Services, so unless you want to perform any actions via EWS code, it will not be of much use.
SAM2009Author Commented:
Sorry could you explain or give an example?
Vasil Michev (MVP)Commented:
Example of what? As I mentioned above, impersonation is used with custom EWS-based applications/code. If you dont have such, it will not help you in your daily admin tasks, as there are no PowerShell cmdlets you can invoke or UI to use. Here's a quick introduction to what impersonation means in Exchange:

And here's an example of how to perform specific task with impersonation (code-based):
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.