1 out of 2 rated this helpful - Rate this topic

Add-MailboxPermission

Exchange 2010

Applies to: Exchange Server 2010

Topic Last Modified: 2011-03-19

Use the Add-MailboxPermission cmdlet to add permissions to a mailbox.


Add-MailboxPermission -Identity <MailboxIdParameter> -AccessRights <MailboxRights[]> -User <SecurityPrincipalIdParameter> [-Confirm [<SwitchParameter>]] [-Deny <SwitchParameter>] [-DomainController <Fqdn>] [-IgnoreDefaultScope <SwitchParameter>] [-InheritanceType <None | All | Descendents | SelfAndChildren | Children>] [-WhatIf [<SwitchParameter>]]


Add-MailboxPermission -Identity <MailboxIdParameter> -Owner <SecurityPrincipalIdParameter> [-Confirm [<SwitchParameter>]] [-DomainController <Fqdn>] [-IgnoreDefaultScope <SwitchParameter>] [-WhatIf [<SwitchParameter>]]


Add-MailboxPermission [-Identity <MailboxIdParameter>] -Instance <MailboxAcePresentationObject> [-AccessRights <MailboxRights[]>] [-Confirm [<SwitchParameter>]] [-Deny <SwitchParameter>] [-DomainController <Fqdn>] [-IgnoreDefaultScope <SwitchParameter>] [-InheritanceType <None | All | Descendents | SelfAndChildren | Children>] [-User <SecurityPrincipalIdParameter>] [-WhatIf [<SwitchParameter>]]

Parameters

Parameter	Required	Type	Description
AccessRights	Required	Microsoft.Exchange.Management.RecipientTasks.MailboxRights[]	The AccessRights parameter specifies the rights needed to perform the operation. Valid values include: `FullAccess` `SendAs` `ExternalAccount` `DeleteItem` `ReadPermission` `ChangePermission` `ChangeOwner`
Identity	Required	Microsoft.Exchange.Configuration.Tasks.MailboxIdParameter	The Identity parameter specifies the identity of the mailbox that's getting permissions added. You can use the following values: `Alias` `Display name` Domain\Account SMTP address `Distinguished name (DN)` `Object GUID` `User principal name (UPN)` `LegacyExchangeDN`
Instance	Required	Microsoft.Exchange.Management.RecipientTasks.MailboxAcePresentationObject	The Instance parameter is no longer used and will be deprecated.
Owner	Required	Microsoft.Exchange.Configuration.Tasks.SecurityPrincipalIdParameter	The Owner parameter specifies the owner of the mailbox object.
User	Required	Microsoft.Exchange.Configuration.Tasks.SecurityPrincipalIdParameter	The User parameter specifies the user mailbox that the permissions are being granted to on the other mailbox.
Confirm	Optional	System.Management.Automation.SwitchParameter	The Confirm switch can be used to suppress the confirmation prompt that appears by default when this cmdlet is run. To suppress the confirmation prompt, use the syntax `-Confirm:$False`. You must include a colon ( `:` ) in the syntax.
Deny	Optional	System.Management.Automation.SwitchParameter	The Deny switch specifies whether to deny permissions to the user on the mailbox.
DomainController	Optional	Microsoft.Exchange.Data.Fqdn	The DomainController parameter specifies the fully qualified domain name (FQDN) of the domain controller that writes this configuration change to Active Directory.
IgnoreDefaultScope	Optional	System.Management.Automation.SwitchParameter	The IgnoreDefaultScope parameter instructs the command to ignore the default recipient scope setting for the Exchange Management Shell session and use the entire forest as the scope. This allows the command to access Active Directory objects that aren't currently in the default scope. Using the IgnoreDefaultScope parameter introduces the following restrictions: You can't use the DomainController parameter. The command uses an appropriate global catalog server automatically. You can only use the DN for the Identity parameter. Other forms of identification, such as alias or GUID, aren't accepted.
InheritanceType	Optional	System.DirectoryServices.ActiveDirectorySecurityInheritance	The InheritanceType parameter specifies whether permissions are inherited by folders within the mailbox.
WhatIf	Optional	System.Management.Automation.SwitchParameter	The WhatIf switch instructs the command to simulate the actions that it would take on the object. By using the WhatIf switch, you can view what changes would occur without having to apply any of those changes. You don't have to specify a value with the WhatIf switch.

Detailed Description

You need to be assigned permissions before you can run this cmdlet. Although all parameters for this cmdlet are listed in this topic, you may not have access to some parameters if they're not included in the permissions assigned to you. To see what permissions you need, see the "Permissions and delegation" entry in the Mailbox Permissions topic.

Input Types

Return Types

Errors

Error	Description

Exceptions

Exceptions	Description

Examples

EXAMPLE 1

This example grants Kevin Kelly full access to Ellen Adam's mailbox.

Note:
The Identity parameter requires the full name of the user to be enclosed in quotation marks (").

Add-MailboxPermission -Identity "Ellen Adams" -User KevinKelly -AccessRights FullAccess -InheritanceType All

EXAMPLE 2

This example grants Ayla Kol read permission to Tony Smith's mailbox.

Add-MailboxPermission -Identity "Tony Smith" -User "Ayla Kol" -AccessRights ReadPermission

EXAMPLE 3

This example sets Tony Smith as the owner of the resource mailbox Room 222.

Add-MailboxPermission -Identity "Room 222" -Owner "Tony Smith"

Did you find this helpful? Yes No

Not accurate

Not enough depth

Need more code examples

(1500 characters remaining)