May 27, 2014

Office 365 - Shared mailboxes auto-mapping

Exchange On-premises to Office 365 post migration auto-mapping issue:

Here is msExchDelegateListLink attribute that is being populated when you grant full access to mailbox.This attribute is responsible for auto-mapping shared mailboxes in users outlook.
If you migrate mailbox to Office 365 this attribute is migrated as well according to http://social.technet.microsoft.com/wiki/contents/articles/19901.list-of-attributes-that-are-synced-by-the-windows-azure-active-directory-sync-tool.aspx

In Office 365 (if we connect remotely using http://technet.microsoft.com/en-us/library/jj984289%28v=exchg.150%29.aspx) we couldn't manage msExchDelegateListLink attribute due to Office 365 limitations.

As result we can't disable or manage auto-mapping for mailbox changes that took place before migration.

When we run "Get-MailboxPermission SharedMailbox1@example.com" we do not see any permission entires for user1@example.com but shared mailbox is still showing up in users outlook.

If we need to remove auto-mapping (as result remove Full Access permission) for user1@example.com from SharedMailbox1@example.com we have to grant permission first and then remove it.

Add-MailboxPermission SharedMailbox1@example.com -User user1@example.com -AccessRights FullAccess -InheritanceType All
Remove-MailboxPermission SharedMailbox1@example.com -User user1@example.com -AccessRights FullAccess -InheritanceType All


Also it worth to check mailbox folder permissions in case if you provided permissions for mailbox internally:

Get-MailboxFolderPermission SharedMailbox1@example.com
Remove-MailboxPermission SharedMailbox1@example.com -User user1@example.com -AccessRights FullAccess -InheritanceType All

3 comments:

  1. You're da man!

    ReplyDelete
  2. Thank you! Very helpful for my exchange management and troubleshooting.

    ReplyDelete