Forum Discussion

Marc Pituley's avatar
Marc Pituley
Copper Contributor
May 02, 2018

Enabling Cross-premises delegate access

I am trying to enable cross-premises delegate access in my organization (specifically folder level permission), but my experience is not matching what I have seen documented and was hoping others might have ran into this already.

 

From my understanding, in order to allow a cloud user to add an on-premises user as a delegate, you simply need to set the following on-prem:

Set-OrganizationConfig -ACLableSyncedObjectEnabled $true

 

And to enable on-prem users to add a cloud user as a delegate you simply need to do this for every user that was migrated prior to setting 'ACLableSyncedObjectEnabled' to $true:

Get-RemoteMailbox | ForEach { Get-AdUser -Identity $_.Guid | Set-ADObject -Replace @{msExchRecipientDisplayType=-1073741818}}

 

However, what I am finding is that while the second thing is working (on-prem users can add cloud users as delegates), the first is not (cloud users still can't assign delegate permissions to an on-prem user).  If you try the users still appear in the GAL like:

And trying to add them as a delegate results in:

non-local users cannot be given rights on this server.

Is there an undocumented requirement somewhere that I am missing?

We are currently running Exchange 2013 CU19 on-premises.

Resources