Hello, I need to grant our WorkSite AD account the proper Exchange permissions so the account has the ability to file emails into our document management system. Here is the requesting permissions. Has a minimum of the following permissions at the Exchange Server level, Information Store Level, and user mailbox LevelExchange 2010: Write, Read, Send As Can someone assist me in accomplishing this task? This is all of the documentation I have to go off of. I need this setup where all current mailboxes are applied these settings and all new mailboxes created moving forward also receive these settings. ThanksJason

This is the command I think I should use. Get-MailboxDatabase -Identity 'db-o' | Add-ADPermission -User worksitecomm -AccessRights GenericAll Identity User Deny Inherited -------- ---- ---- --------- DB-O LAWFIRM\WorkSiteComm False False Does this look correct? Does GenericAll give Send-As permissions as well?Jason

You can use genericaAll but that probably won't be enough, AD perms don't translate into Exchange perms but rather allows you to impersonate certain rights. Use below get-mailboxserver exchange2010 | add-adpermission -user worksitecomm -accessrights GenericAll, -extendedrights Send-As, Receive-As, ms-Exch-Store-Admin The above is similar to configuring BES which is likely the exact same permissions your app needs however BES doesn't use GenericAll but just read\write. get-mailboxserver <Exchange 2007> | add-adpermission -user <BESAdmin> -accessrights GenericRead, GenericWrite -extendedrights Send-As, Receive-As, ms-Exch-Store-Admin James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

You can use genericaAll but that probably won't be enough, AD perms don't translate into Exchange perms but rather allows you to impersonate certain rights. Use below get-mailboxserver exchange2010 | add-adpermission -user worksitecomm -accessrights GenericAll, -extendedrights Send-As, Receive-As, ms-Exch-Store-Admin The above is similar to configuring BES which is likely the exact same permissions your app needs however BES doesn't use GenericAll but just read\write. get-mailboxserver <Exchange 2007> | add-adpermission -user <BESAdmin> -accessrights GenericRead, GenericWrite -extendedrights Send-As, Receive-As, ms-Exch-Store-Admin James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

Hi Jason, Any updates? Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.Frank Wang TechNet Community Support

Hello, Thank you all for the assistance here. I talked with the Systems Manager today and he reports to having no MAPI errors for our DMS. I did not use James Powershell command but I have no doubt that it would have resolved my issue. JJason