Managing Shared mailbox and resource permissions in Exchange Online with local AD

Copper Contributor

I have been struggelig for some time managing permissions to shared mailboxes and calendars with my users.

For most of the users it seems to work as expeced, but i have the odd user that is not getting the correct permissions to shared resources and i can't figure out why.

We are running a local AD where user management is controlled by an IAM solution. All users are synced to Azure with AzureAD Connect and licensed for mailboxes.

We still have one Exchange server locally, that was originally created to handle the migration to O365 and then planned to be decomissoned. Due to the need for an SMTP relay it was kept in play, and as i have accumulated more knowledge about Exchange we realise that to be in an supported setup it has to stay.

 

For all our resources, all new shared mailboxes and calendar are created in EXO (while some migrated once still come from the local AD).

 

I keep running into problems where i assing permissions to the resources, be that author rights to a calendar or FullAccess to a shared mailbox, where the user is not getting access through Outlook.
When we test in OWA everything works as expected.
For testing purposes i have tried recreating the Outlook profile or deleting and re-adding calendars while not on the corporate network and that usually results in everyting working.

 

Latest issue, and user that has had access to several shared calendar for months suddenly lost her access when upgrading to a new computer. Once she connected to an external network and removed and re-added the calendars all was working as expected again.

 

I can't figure out what is wrong to make this problem keep happening on our corporate network, and hope someone has a good idea or suggestion to where i can start to poke in order to make this work better for my users.

0 Replies