Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Monday, February 7, 2011 9:47 PM
Hello, we have exchange 2010. I'm looking for a way to prevent users from deleting e-mails from a mailbox which is added to their outlook profiles as additional mailbox. I even set permissions on the Outlook inbox folder itself (Both direcly from the profile that owns the mailbox and from the profiles of the users who added this mailbox to their profiles) to delete=none, but it has no effects. Is there any other way?Lukasz
All replies (7)
Thursday, February 10, 2011 8:35 PM ✅Answered
My question was answered in this thread. http://social.technet.microsoft.com/Forums/en/exchange2010/thread/958d9f9f-a9eb-4335-ba5a-a4f8e23abaf9Lukasz
Tuesday, February 8, 2011 1:28 AM
What permissions to they have on the mailbox itself? You should remove any full mailbox perms and simply delegate Reviewer access to the folders they need.
Tuesday, February 8, 2011 12:09 PM
That was it. They had Full Access permissions. Thank you.Lukasz
Wednesday, February 9, 2011 5:16 AM
Hi Lukasz,
Full mailbox access permission will admit delete option to the owner's mailbox, so I would like to suggest you follow the steps below and just grant the reviewer permission to the inbox. It works well for me.
1. Log on to the mailbox with the owner's credential by using Outlook
2. Right-click [email protected] and select Folder Permissions
3. Add the user you want to give review permission in Permissions tab
4. Choose Reviewer permission at the Permission Level, and click OK
5. Right-click Inbox (you can also choose what folder you want) and select Properties
6. Add the same user in step 3 in the Name box
7. Also choose Reviewer permission at the Permission Level
8. Click OK
9. Now the user who was granted the review permission to the owner can only review the owner's Inbox, he cannot delete any items in the Inbox
Best regards,
Serena
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Wednesday, February 9, 2011 12:35 PM
Thanks Serena, that's exactly what I'm about to do, unless I find a better solution. Problem is I have to do this for like 50 users, so I wish there was something to this effect at the Exchange level. I'm asking this very question in another thread here: http://social.technet.microsoft.com/Forums/en/exchange2010/thread/958d9f9f-a9eb-4335-ba5a-a4f8e23abaf9
Thanks.
Lukasz
Lukasz
Friday, December 7, 2012 4:27 PM
I am struggling with this matter with no luck :(
Let me explain my setup:
I have SBS 2011 with Exchange 2010 and several users.
I also have a shared mailbox [email protected] which all the users use and I want to give to the users almost full access permissions, everything except deleting items to all users. I try to do this to the user John.
John has an AD account (and therefore he has an email [email protected] but he does not use it. He only uses [email protected] so when I add the mail account to his outlook, i add the exchange server and the [email protected] mailbox. I don't add the [email protected] mailbox and then the [email protected] as an additional mailbox.
If I give John FullAccess mailboxpermission on [email protected] then I can add the email to his outlook and everything works ok.
***Add-MailboxPermission -Identity [email protected] -User John -AccessRights FullAccess ***
If john does not have FullAccess mailboxpermission but i.e. ReadPermission then outlook keeps asking for password and it does not accept the password of John.
Add-MailboxPermission -Identity [email protected] -User John -AccessRights ReadPermission
I then tried to set permission at folder level of [email protected] and I gave John Reviewer Accessrights, which means that his rights are: ReadItems and FolderVisible, but the problem remains.
If he has mailbox permission full access then he access the [email protected] mailbox but can delete items and if he does not have full access permission then he cannot login to outlook!
Add-MailboxPermission -Identity [email protected]:\inbox -User John -AccessRights Reviewer
I also tried a solution I found on this forum to add fullaccess permission to the user and then deny the deleteitem:
***Add-MailboxPermission -Identity [email protected] -User John -AccessRights FullAccess ***
***Add-MailboxPermission -Identity [email protected] -User John -Deny -AccessRights DeleteItem ***
It still does not work. John can still delete any message!
Any help please?? Why is it so hard to achieve??
Wednesday, December 7, 2016 3:20 PM
Answer: I have it worked with 2 level of permissions, mailbox and Folder permissions
Make sure Mailbox Full Access Permission is remove
Remove-MailboxPermission -Identity merchant -User HThompson -AccessRights FullAccess
Add-MailboxPermission -Identity merchant -User HThompson -AccessRights ReadPermission
Make sure only Reviewer permission is given to MailboxFolder Inbox, and others
Add-MailboxFolderPermission -Identity merchant:\inbox -user HThompson -AccessRights Reviewer
Should work like a charm