Share via

query on Access

Roger Roger 7,306 Reputation points
2024-09-07T22:09:31.1633333+00:00

Hi All,

I am using an Exchange 2016 hybrid environment. We create shared mailboxes on-premises and migrate them to Exchange Online, or create remote shared mailboxes from on-premises. Let's say my shared mailbox is ******@contoso.com. I have a few external users (i.e user type is guest), and I want to provide them with delegated access to this shared mailbox. I have created a mail-enabled security group and added these guest users. Is it possible to provide delegated access/calendar access to the shared mailbox for these guest users?

Exchange Online
Exchange Online
A cloud-based service included in Microsoft 365, delivering scalable messaging and collaboration features with simplified management and automatic updates.
Exchange | Exchange Server | Other
Exchange | Exchange Server | Other
A robust email, calendaring, and collaboration platform developed by Microsoft, designed for enterprise-level communication and data management.Miscellaneous topics that do not fit into specific categories.
Exchange | Exchange Server | Management
Exchange | Exchange Server | Management
The administration and maintenance of Microsoft Exchange Server to ensure secure, reliable, and efficient email and collaboration services across an organization.
Exchange | Hybrid management
Exchange | Hybrid management
The administration of a hybrid deployment that connects on-premises Exchange Server with Exchange Online, enabling seamless integration and centralized control.
Answer accepted by question author
  1. Anonymous
    2024-09-09T02:50:21.37+00:00

    Hi, @Roger Roger

    In Exchange 2016 hybrid environment, providing delegated or calendar access to shared mailboxes for guest users can be somewhat complex because of certain limitations and constraints.

    First, delegated permissions across environments are migrated via DirSync, but delegated access may not work properly when principals and delegates are distributed across on-premises and online environments. This means that if the shared mailbox is in Exchange Online and the guest user is on-premises, or vice versa, delegated access won't work as expected.

    In addition, mailbox permissions, such as Send As and full access, are migrated when a mailbox is moved through the Mailbox Replication Service. However, the mailbox permissions for referenced distribution lists and mail-enabled users are not retained and must be manually re-added using cmdlets such as Add-RecipientPermission and Add-MailboxPermission.

    If you've created a mail-enabled security group and added guest users, you need to make sure that these guest users have the appropriate licenses and are properly configured in Azure AD, make sure that mail is enabled, and sync between on-premises and Azure AD, then you can try the following commands.

    If you want to assign full access:

    Add-MailboxPermission -Identity ******@contoso.com -User ******@contoso.com -AccessRights FullAccess -InheritanceType all

    If you want to assign calendar access:

    Add-MailboxFolderPermission -Identity ******@contoso.com:\Calendar -User ******@contoso.com -AccessRights Editor

    More information can be found Add-MailboxFolderPermission (ExchangePowerShell) | Microsoft Learn

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Amit Singh 5,311 Reputation points
    2024-09-09T06:56:18.1366667+00:00

    If you want to give access of shared mailboxes to guest users. You can do this by running the command in Powershell.

    For Full Access Permission- Add-MailboxPermission -Identity "******@contoso.com" -User "YourSecurityGroup" -AccessRights FullAccess

    By running this command, it allows members of the group to fully access the mailbox.

    For Calendar Access permission- Add-MailboxFolderPermission -Identity "******@contoso.com:\Calendar" -User "YourSecurityGroup" -AccessRights Editor

    Also check guest users have Microsoft accounts to properly access the mailbox.

    0 comments
  2. Roger Roger 7,306 Reputation points
    2024-09-12T22:40:08.5+00:00

    Do i need to assign any license to guest users? will exchange online plan1 license work?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.