Add-MailboxPermission for Exchange 2010 SP1 /hosting - Give Full Access to Mailbox to Another User
If I remember correctly when /hosting came out you could use the Add-MailboxPermission as the domain administrator. It seems now with a later rollup [correct me if I'm wrong] you can no longer use this command because it gives you errors such as:
The operation on mailbox "host.local/Microsoft Exchange Hosted Organizations/****/user01" failed because it's out of the current user's write scope. The object 'host.local/Microsoft Exchange Hosted Organizations/****/user01' must be within the read scope before and after it's modified. Can't perform the save operation.
+ CategoryInfo : NotSpecified: (host.local/Micr...S/checkrequests:ADObjectId) [Add-MailboxPermission], TaskInvalidOperationException
+ FullyQualifiedErrorId :7F410251,Microsoft.Exchange.Management.RecipientTasks.AddMailboxPermission
To fix this issue you must run the powershell as the organization administrator instead of the domain administrator.
Below is how you can accomplish this using remote powershell:
- Launch Exchange Shell / Powershell
$c = Get-Credential
$session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http:///powershell -Credential $c
Import-PSSession $session -AllowClobber
Get-Mailbox firstname.lastname@example.org | Add-MailboxPermission -AccessRights FullAccess -User
Basically what we are doing is running the powershell as the organization administrator. When you do this you will notice you only have access to mailboxes in that organization. So you will not be able to grant a user in another organization rights to a different organizations mailbox.
If you know a better way to do this please share! (or just move to Exchange 2010 SP2 lol)