Question : Opening Other Mailboxes

I want to set globally myself and my director to be able to open other mailboxes of any user in our organization. I've read a couple KBs on here and saw a couple URLs referenced (http://technet.microsoft.com/en-us/library/aa996343(EXCHG.80).aspx, http://exchange-genie.blogspot.com/2007/08/add-adpermission.html,
http://exchange-genie.blogspot.com/2007/07/add-mailbox-permission-vs-add.html, and http://exchangepedia.com/blog/2007/06/how-to-grant-full-mailbox-access.html) and know I'm close but not quite there with the syntax. I think I've narrowed it down to having to use the "Get-MailboxDatabase" cmdlet, but where my problem is coming is the "-Identity" parameter. You see, I have 4 storage groups, and the SG databases are on separate drives (F:\ and G:\, NOT C:\Program Files\Microsoft\Exchange Server\Mailbox\First Storage Group). So, what do I specifically type for a storage group on say the G:\ drive? Let's say my DB is at the following path -> G:\DBFolder\Storage Group Name\DB.edb...what would be the cmdlet/parameters I use to grant myself (john.doe) full access to all mailboxes in the DB.edb? This is what I attempted:

Get-MailboxDatabase -Identity "G:\DBFolder\Storage Group Name\DB.edb" | Add-ADPermission -User john.doe -AccessRights GenericAll

And got the following error:

Get-MailboxDatabase : Cannot bind parameter 'Identity'. Cannot convert value "G:\DBFolder\Storage Group Name\DB.edb" to type "Microsoft.Exchange.Configuration.Tasks.DatabaseIdParameter". Error: "'G:\DBFolder\Storage Group Name\DB.edb' is not a valid value for the identity. Parameter name: Identity"
At line:1 char:30
+ Get-MailboxDatabase -Identity <<<< "G:\DBFolder\Storage Group Name\DB.edb' " | Add-ADPermission -User john.doe -AccessRights GenericAll

Any assistance would be greatly appreciated.

Thanks!

Answer : Opening Other Mailboxes

Hi there,

I don't think that command will do what you want. It's not how you set Full Mailbox Access. I suspect what you actually want is this command

Get-Mailbox | Add-MailboxPermission -AccessRights Fullaccess -User john.doe

Which adds John Doe with Full Mailbox Access to every mailbox configured in Exchange.

Still, it would be useful to know why the command above isn't working. Lets take a look at this:

Get-MailboxDatabase -Identity "G:\DBFolder\Storage Group Name\DB.edb"

The command uses a logical identity not a physical path (logical in that's how you see it in Exchange System Manager). For example if you had this structure in Exchange:

UK-EXCH-01 <-- Server Name
Mailbox Group 1 <-- Storage Group
Database 1 <-- Database Name

You would have an identity of:

"UK-EXCH-01\Mailbox Group 1\Database 1"

That can be shortened to just "Database 1" if there's only one of those on your server, as long as it manages a unique match.

If you're not sure what the identities might be, run:

Get-MailboxDatabase | Format-List

It'll show you a lot, but most importantly it'll show you the Identity of each store on your server. If you're doing this for all stores you should be able to do:

Get-MailboxDatabase | Add-ADPermission -User john.doe -AccessRights GenericAll

Chris

Random Solutions

dsn=5.0.0, stat=Service unavailable

IIS Worker Process encountered a problem

file sharing vista business accessing xp pro

Word 2003 crashes when selecting a recipient source durning a mail merge

Hyperlink to launch client's local executable program with parameters

CURRENT and COMPLETE WordPress 2.7 plugin writing tutorial?

MSexchange Cluster fails to start services

add a two line label on button component

Memory Allocation

Empty Message problem while sending email by sp_send_dbmail