Applies to: Exchange Server 2007, Exchange Server 2007 SP1 Topic Last Modified: 2007-08-24

This topic explains how to use the Exchange Management Shell to grant the Full Access permission for a mailbox or the Receive As permission for a mailbox database.

When you grant a user the Full Access permission to a mailbox, that user has full access to only the mailbox for which the permissions are applied. With the Full Access permission, the user can open and read the contents of the mailbox. However, the user cannot send as that mailbox without additional permissions. For information about granting the Send As permission, see How to Grant the Send As Permission for a Mailbox.

When you grant a user Receive As permission to a mailbox database, that user can log on to all mailboxes within that database, but is not able to send e-mail messages from those mailboxes. Also, if you grant Receive As permission at the storage group level, the specified user can log on to all mailboxes within all databases in the storage group. For example, you may want to grant access to the mailbox database for mobile access or for legal review.

Full Access or Receive As permissions are not granted until the Microsoft Exchange Information Store service caches the permissions and updates the cache. To grant the permissions immediately, stop and then restart the Microsoft Exchange Information Store service.

 Before You Begin

To perform this procedure, the account you use must be delegated the following:

• Exchange Organization Administrator role 
  

For more information about permissions, delegating roles, and the rights that are required to administer Microsoft Exchange Server 2007, see Permission Considerations.

 Procedure

Exchange 2007 SP1

 To use the Exchange Management Console to grant the Full Access permission for a mailbox

1. Start the Exchange Management Console.

2. In the console tree, click Recipient Configuration.

3. In the result pane, select the mailbox for which you want to grant the Full Access permission.

4. In the action pane, under the mailbox name, click Manage Full Access Permission. The Manage Full Access Permission wizard opens.

5. On the Manage Full Access Permission page, click Add.

6. In Select User or Group, select the user to which you want to grant the Full Access permission, and then click OK.

7. Click Manage.

8. On the Completion page, the Summary states whether the Full Access permission was successfully granted. The summary also displays the Exchange Management Shell command that was used to grant the Full Access permission.

9. Click Finish.

 To use the Exchange Management Shell to grant the Full Access permission for a mailbox

• Run the following command to add the Full Access permission directly to the mailbox.

  Add-MailboxPermission "Mailbox" -User "Trusted User" -AccessRights FullAccess

 To use the Exchange Management Shell to grant the Receive As permission for a mailbox database

• Run the following command to add the Receive As permission to the mailbox database.

  Add-ADPermission -Identity "Mailbox Store" -User "Trusted User" -ExtendedRights Receive-As

For detailed syntax and parameter information, see the Add-MailboxPermission and Add-ADPermission reference topics.

Exchange 2007 RTM

 To use the Exchange Management Shell to grant the Full Access permission for a mailbox

• Run the following command to add the Full Access permission directly to the mailbox.

  Add-MailboxPermission "Mailbox" -User "Trusted User" -AccessRights FullAccess

 To use the Exchange Management Shell to grant the Receive As permission for a mailbox database

• Run the following command to add the Receive As permission to the mailbox database.

  Add-ADPermission -Identity "Mailbox Store" -User "Trusted User" -ExtendedRights Receive-As

For detailed syntax and parameter information, see the Add-MailboxPermission (RTM) and Add-ADPermission (RTM) reference topics.

 For More Information

For more information about granting Microsoft Outlook permissions, see Delegate Access Permissions in Outlook Help.