Exchange 2010 Sp1 personal archive permissions and shared mailboxes

Since Exchange 2010 it’s possible to assign a personal archive to a normal or shared mailbox. If you create a shared mailbox with a personal archive, and give a user Full Access Permissions, the personal archive of the shared mailbox and the shared mailbox become available in Outlook 2010 or Outlook Web App. This is a normal behavior.

If you want to give a bunch of users Full Access permissions to a shared mailbox, you can use a security group to give the access to the users who are member of the group. If you are member of the group you will be given access to the shared mailbox. You should expect that the personal archive also becomes available but unfortunately the permissions won’t flow down to the personal archive and the personal archive doesn’t come available in Outlook 2010 or Outlook Web App.

I don’t know if this is a bug or normal behavior, but if you know the possible answer don’t hesitate to drop me a line! In the mean while I will contact Microsoft to get more info about this behavior.

Update 18-1-2010: The Exchange 2010 SP1 Technet Help states the following: “In Exchange 2010 SP1, when you assign Full Access permissions to a mailbox, the delegate to which you assign the permissions can also access the user’s personal archive. Delegates must use Outlook 2010 to access the mailbox, and they must connect to an Exchange 2010 SP1 Client Access server for Autodiscover purposes….. When delegates use Outlook 2010 to access an Exchange 2010 SP1 mailbox, both the primary mailbox and the personal archive to which they have access are visible from Outlook 2010.” So I will be looking further and try to find out why it won’t work if you assign the full access permissions to a group. 😉

Update 26-01-2011: The Microsoft Online Partner Support department reproduced the issue in their test environment and reported the issue to the Exchange Server Product Team for further investigation.

Comments

Total
0
Shares
3 comments
  1. Since the archive mailbox is another mailbox, with a different set of ACLs, I find it not so strange. Setting the mailbox perms to Full Mailbox Access (it’s also in the name) sets the ACLs for you on the mailbox, not the (optional) archive box.
    But then again, perhaps something for a feature request.

    1. Hi Michel,

      Thanks for your reply.

      If you set the Full Mailbox Access permission to only another user, you will then also have access to the personal archive belonging to the mailbox on which you have full mailbox access permissions.

      So in some way the ACL is replicated only if the user has “direct permissions” to a shared mailbox.

      Cheers,
      Peter

Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

SCSM 2010 SP1 Exchange Connector, a first look

Next Post

CEP meeting #8 summary “SCCM 2012 Software Update Management”

Related Posts
Total
0
Share