Jul 08 2020 04:07 AM
Jul 08 2020 04:07 AM
received an error message during the creation of a new shared mailbox.
The shared mailbox was created despite the error message.
it happens only when adding send as permissions to new shared mailbox
we host the exchange server 2016 on premise and latest CU is installed
Exchange Server is installed in an Forest with 18 Domains and 46 Domain Controllers.
Looks like an issue regarding not connecting to correct DC while trying to set up Active Directory Based Send AS Permission on new Shared Mailbox
help would be welcome :)
Mar 21 2023 12:05 AM
Mar 21 2023 05:45 AM
From my perspective the problem is related to connectivity/replication time. If you run the configuration of a new shared mailbox through ECP or a single PS line, the shared mailbox will be created but in some cases the permissions are not replicated, ( ECP gives an error but PS not ). If you grant the permissions after creation, all works fine.
I tested it with the 2 following examples:
1- Created a new Shared, ("Sales Department2") mailbox by PS piping all the desired permissions:
New-Mailbox -Shared -Name "Sales Department3" -DisplayName "Sales Department3" -Alias SalesDepartment3 | Set-Mailbox -GrantSendOnBehalfTo "EmailAddress" | Add-MailboxPermission -User "EmailAddress" -AccessRights FullAccess -InheritanceType All
PS gives no errors:
But in ECP I can see the shared mailbox without the FullAccess permissions:
2- Then I created another one, ("Sales Department3") but running it as a script, not with a single line, in order to get the mailbox created before granting the permissions:
New-Mailbox -Shared -Name "Sales Department3" -DisplayName "Sales Department3" -Alias SalesDepartment3 Get-Mailbox SalesDepartment3 | Set-Mailbox -GrantSendOnBehalfTo "EmailAddress" Get-Mailbox SalesDepartment3 | Add-MailboxPermission -User "EmailAddress" -AccessRights FullAccess -InheritanceType All
That worked fine and I see the permissions:
Mar 21 2023 06:23 PM
Mar 22 2023 02:19 AM
So, this happens only to one of your admins?
Let's say, if another one tries the exact same steps it works well? In the same environment?
If the answer to all this questions is yes, please compare the roles with the other one working well. Also try to reset them, ( remove the affected admin from the roles groups, wait 30 mins and add him/her again ).
If only one admin is affected in the same environemnt, sounds like this is not a replication issue... more a specific object issue.
Also check everything that could be different for that affected admin.... (working from a specific machine, different connections, location...)
In any case, very strange... I've seen this issues before but was always a replication time topic... Your case seems different. I would appreciate your post back if you find the root cause/fix. :)