What is full mailbox access?
By granting full access mailbox rights to certain user on someone else’s mailbox, that user will be able to see all mailbox items (emails, contacts, calendars, notes, tasks) of that user, both in inbox and sent items, but he will not be able to send emails as or in behalf of that user.
Full mailbox access can be set from Exchange Management Console, Exchange Control Panel (ECP) or Exchange Management Shell (PowerShell) - depending on the platform for which it is being set.
Our recommendation would be to create a dedicated user for this migration which will have all necessary permissions (e.g. migration@someorganization.com) and use that account. When the migration is completed simply delete it and with it all permissions which were assigned to it will be removed as well.
Quick links:
Office 365
Using Exchange Control Panel
Go to portal.microsoftonline.com from any web browser and log in as some user which has admin privileges within your organization:
Once you are logged in, from the menu on the left-hand side, expand Admin centers and select Exchange
Go to Recipient and then desired mailbox type (Mailboxes/Resources/Shared)
Double click on the user on which you want to set up full mailbox access and go to Mailbox delegation
Scroll down until you see the part Full Access
Click on the + sign to add users which should have Full Access on this mailbox
Locate users manually or use the search filed and when you select them click on Add or double-click on that user so it would be added to the list at the bottom. You can do this for more than one users at once
After you click OK, you should see them on the list, and if you do, hit Save
When this is done through Web GUI, it usually takes about 10-15 minutes for these changes to be fully applied.
Using PowerShell
Open PowerShell on your local computer and type in these commands to connect to Office 365:
$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session
Next, to grant full access type in:
Add-MailboxPermission -Identity user1@someorganization.com -User admin@someorganization.com -AccessRights FullAccess
In this example user admin will have full access rights on user1’s mailbox.
Some useful examples:
To grant full access for admin on all User Mailboxes:
$Users = Get-Mailbox -RecipientTypeDetails UserMailbox
ForEach ($User in $Users)
{
Add-MailboxPermission -Identity $User -AccessRights admin@someorganization.com -AccessRights FullAccess
}
Same principal can be used if this needs to be applied to other mailbox types just by using one of these lines instead of the first one from previous example:
$Users = Get-Mailbox -RecipientTypeDetails SharedMailbox
$Users = Get-Mailbox -RecipientTypeDetails RoomMailbox
$Users = Get-Mailbox -RecipientTypeDetails EquipmentMailbox
Or if it needs to be applied for all mailbox types in the specific OU (replace “domain.local/company/users” with the path to your desired OU):
$Users = Get-Mailbox | where {$_.OrganizationalUnit -like "domain.local/company/users"}
When this is done through PowerShell, it is instantly applied.
When you are done just close PowerShell console to end the session or type in
Remove-PSSession $Session
Hosted Exchange 2007
Using Exchange Management Console
On the server, open Exchange Management Console, expand Recipient Configuration and click on Mailbox
Right click on the mailbox on which you want some other user to have full access and select Manage Full Access Permission…
In Select User or Group menu select users one by one, for easier selection, search field can be used
After desired user/users have been selected, they should now appear on the list.
Next press the Manage button which is located at the bottom of that window
If the operation is completed successfully, all notifications should be in color green and you just need to press Finish to close this window.
When this is done through Exchange Management Console, it usually takes about 10-15 minutes for these changes to be fully applied.
Using PowerShell
On Exchange server, open Exchange Management shell
Next to grant full access type in:
Add-MailboxPermission -Identity user1@someorganization.com -User admin@someorganization.com -AccessRights FullAccess
In this example user admin will have full access rights on user1’s mailbox.
When this is done through PowerShell, it is instantly applied.
Hosted Exchange 2010
Using Exchange Management Console
On the server, open Exchange Management Console, expand Recipient Configuration and click on Mailbox
Right click on the mailbox on which you want some other user to have full access and select Manage Full Access Permission…
In Manage Full Access Permission window click on +Add…
In Select User or Group menu select users one by one, for easier selection, search field can be used
With Ctrl/Shift + Click you can select more users at once
After desired user/users have been selected, they should now appear on the list.
Next press the Manage button which is located at the bottom of that window
If the operation is completed successfully, all notifications should be in color green and you just need to press Finish to close this window
When this is done through Exchange Management Console, it usually takes about 10-15 minutes for these changes to be fully applied.
Using PowerShell
On Exchange server, open Exchange Management shell
Next to grant full access type in:
Add-MailboxPermission -Identity user1@someorganization.com -User admin@someorganization.com -AccessRights
CMP Internal (Migrated deleted Agent)
Comments