This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 71%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDT%3C/text%3E%3C/svg%3E)
We have an Exchange Hybrid model with most of the mailboxes on-premises and all accounts in local AD, synced to Azure via AADSync.
Now I do have two mailboxes online and want to grant other users (local AD and local mailbox) Send As privilege on these mailboxes.
This does work for me, but I am also some super administrator, at least i have several powerful admin roles, but it does not work for my regular users in charge.
I have granted mailbox delegation for "Read and manage" + "Send As" (not send on behalf), but every time they try to send out emails from their Outlook the get the message that they are not allowed to send on behalf of that recipient.
First of all, they shouldn't send on behalf (if I'd grant that permission that would work), but send as, and second are they missing some special role or something? Because, as I said, for me it works, for them, it doesn't.
I have also checked permission on the mailbox, it is about user Michaela, see attachment.
This is a different screenshot, on another mailbox there is another user with same permissions, plus myself, how I am the only one which can send as.
Any idea? I have granted these permissions about 4 hours ago.
Any update about this thread now? Did you add the send as permission successfully?
Try this:
Get-RemoteMailbox xxx@company.de | Add-ADPermission -User michaela.yyyy-zzz@company.de -AccessRights ExtendedRight -ExtendedRights "Send As"
Thanks Andy, this worked and yes, now, with the combination of adding delegate permission send as to the remote mailbox in O365 and granting AD-Permission on that Remote Mailbox to the on-prem AD Account, it works
One can check if Send-As is assigned by firing this query:
Get-RemoteMailbox xxx@company.de | Get-ADPermission | where {$_.ExtendedRights -like "Send-As"} | fl *
Did you grant the on-prem users SEND AS to the on-prem remote mailbox as well?
I didn't really get the point. Whom shall I grant what on-prem?
An Exchange user with an on-prem mailbox shall be able to send as an Exchange user with an O365 mailbox. I have granted this user with on-prem mailbox "send as" to the O365 mailbox of the other user. The users basically are the same, both are AD Users synched to Azure. Am I missing something? Could be, because I have way more privileges (especially on-prem) as regular users. That's why I can send as, and others not? But what do you mean, I didn't get it?
On-prem these mailboxes are as Office 365 type and I cannot assign any permissions from the on-prem EAC
Get-RecipientPermission -Identity "h.xxx@mathieu.company .de" | Format-List
RunspaceId : 802c5669-1d9c-4e29-be70-6c86f6319e33
Identity : Hannes xxx (C1)
Trustee : NT AUTHORITY\SELF
AccessControlType : Allow
AccessRights : {SendAs}
IsInherited : False
InheritanceType : None
TrusteeSidString : S-1-5-10
IsValid : True
ObjectState : New
RunspaceId : 802c5669-1d9c-4e29-be70-6c86f6319e33
Identity : Hannes xxx (C1)
Trustee : michaela.xxx-spaeth@mathieu.company .de
AccessControlType : Allow
AccessRights : {SendAs}
IsInherited : False
InheritanceType : None
TrusteeSidString : S-1-5-21-3951766799-3417088378-1086044615-3937159
IsValid : True
ObjectState : New
This is what I get, but it doesn't work.
The on-prem user however is located in a different directory than the 365 mailbox, so you need to grant the on-prem mailbox send as to the on-prem remote mailbox using powershell:
