Raji Subramanian: Exchange Server 2013 - Full Access Mailbox Permission Vs Send AS Permissions

Thursday, March 27, 2014

Exchange Server 2013 - Full Access Mailbox Permission Vs Send AS Permissions

Exchange Server 2013 - Full Access Mailbox Permission Vs Send AS Permissions

When USERA who want to have full access permission of another user mailbox USERB (i.e will allow only to open the other user mailbox and view the folders and emails) which can be achieved using the Exchange 2013 PowerShell cmdlet Add-MailboxPermission.

Although USERA have full acccess permission on USERB mailbox, USERA will not able to send email as USERB. In order to achieve it we need to user Add-ADPermission with Send-As Permission.

Earlier when user have full access they can able to send email as another user.This change was brought in place after the Exchange 2003 SP2 hotfix release.

To provide Send on Behalf of permission use Set-Mailbox cmdlet

E.g Adding: Set-Mailbox -Identity Raji -GrantSendOnBehalfto Mark

Removing: Set-Mailbox -Identity Raji -GrantSendOnBehalfto @{Remove="mark@mail.com"}

Note:

Send As Permission ------------ Add-Adpermission,
Full Access Mailbox Permission ------------ Add-MailboxPermission.
SendOnBehalf ------------ Set-Mailbox

Ø “Outlook uses the external namespace to connect to alternate mailboxes, even though Outlook is located on the internal network in Exchange Server 2013”. Reference: http://support.microsoft.com/kb/2839517

Adding Mailbox Permission with AutoMapping

Add-MailboxPermission -Identity Mark -User 'Raji' -AccessRights FullAccess -InheritanceType All -AutoMapping $True