Went and investigated. I was thinking of "managedBy". A singleton in Exchange 2007, became group and multiple user enabled in Exchange 2010.
I apologize for the error. From: [email protected] [mailto:[email protected]] On Behalf Of Aakash Shah Sent: Friday, August 8, 2014 6:34 PM To: [email protected] Subject: [Exchange] RE: Full Access mailbox stays in Outlook, can't be removed. We used security groups to provide full mailbox access in Exchange 2003 (there was even a neat trick to get a security group to provide Send On Behalf access to a mailbox, which doesn't work anymore). I don't know if it worked in anything earlier than Exchange 2003. -Aakash Shah From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Michael B. Smith Sent: Friday, August 8, 2014 3:24 PM To: [email protected]<mailto:[email protected]> Subject: [Exchange] RE: Full Access mailbox stays in Outlook, can't be removed. Controlling access to a mailbox via a security group was a new feature in Exchange 2010. I believe it was introduced in SP1, but without reviewing old notes, I can't be certain. From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Daniel Wolf Sent: Friday, August 8, 2014 2:01 PM To: [email protected]<mailto:[email protected]> Subject: [Exchange] RE: Full Access mailbox stays in Outlook, can't be removed. Automap is Microsoft avoiding actually implementing proper ways for us to administer adding mailboxes to Outlook. Automap doesn't work if you control access via a security group. Who the hell controls access to a mailbox per-user? (If there actually is a way and I'm an idiot, do tell) Daniel Wolf From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Maglinger, Paul Sent: Friday, August 8, 2014 11:03 AM To: New Exchange List ([email protected]<mailto:[email protected]>) Subject: [Exchange] Full Access mailbox stays in Outlook, can't be removed. I had a case today where a user was granted full access to a mailbox. Automapping kicked in and the mailbox appeared in the user's Outlook client. The user no longer needed access so I removed the full access. The mailbox didn't go away and I was unable to remove it from Outlook. This caused me to search for a solution and I did find several such as using ADSIedit and others using the EMS. I used the EMS and put in: # Add-MailboxPermission -Identity JeroenC -User 'Mark Steele' -AccessRight FullAccess -InheritanceType All -Automapping $false And it worked. My question is that these solutions are almost 3 years old. Why is this still a problem? Seems that if automapping puts it there it should also be able to remove it. -Paul
