EMC or Exchange Management Shell has made easy task to Administrator. Simple command that will perform such tasks.
Add-ADPermission "User1" -User "Ourdomain\User2" -Extendedrights "Send As" huh... got error message : " Active Directory operation failed on DC.OurDomain.pri. This error is not retriable. Additional information: Access is denied. Active directory response: 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0 + CategoryInfo : WriteError: (0:Int32) [Add-ADPermission], ADOperationException + FullyQualifiedErrorId : EDBB94A3,Microsoft.Exchange.Management.RecipientTasks.AddADPermission " So checked the permission in EMC under Recipient Management
- open up “AD Users & Computers” with the “Advanced Features” view
- Go to the properties of User1
- Hit “Advanced” on the Security tab
- Select “Add”
- enter in “User2” and select “Send As” Allow.
If it’s still not working
Yes here we should remember in mind that “Send-As” is an AD permission – not an exchange permission as you might have expected.
Step 1: Find the user in AD Users & Computers and go to the properties >> Security >> Bottom of the Tab you will “Advanced Tab”.
Step 2: Need to ENABLE the option to “Include inheritable permissions from this object’s parent”.
Once that is done you should be able to complete the folder share script.
Then actually grant the rights using this command:
Add-ADPermission user1 -User Ourdomain\User2 -ExtendedRights "Send As"
Hope that helps others who have the same problem.
MCTS | Exchange Server