Hi I have read several threads here and try myself to create an Exchange 2007 Service Account which is used to run a .Net application that insert calendar appointments into users mailboxes in domain. In 2003, i just use delegate full administrator and it works. Now when i upgrade to exchange 2007, it does not seem to work as it should be: I do the following: -Create a domain user (only Domain Users group is assigned to) - I grant account to the user at Exchange Server level with allow inheritance too all objects below Get-MailboxDatabase -server EXC-01 | add-adpermission -user soh\dduexch2 -accessRights GenericRead, GenericWrite -extendedrights Send-As, Receive-As, ms-Exch-Store-Admin, ms-Exch-Store-Visible -inheritanceType all - It looks fine when i list all the permissions to this service account - But when i open this service account's OWAand open other users mailbox, i get error message saying that i don't have permission to do so ?? Have i done anything wrong here or it is needed extra configuration? have been frustrated over this issue for several days now. I have also even tried use ADSIEdit to add permission as well, but it didn't help neither. Are there anyone outtheresuccesfully created a service account with full control? Thanks.

Did you ever find a resolution to this? I am running into a similar problem. I am trying to create a service account with full mailbox rights for backups and for mail archving. I can't seem to get the applications to access the mailboxes without an Access Denied error. Joe

Yesi did find the solution. I forgot to create user profile with serviceuser account againt that Exchange server. That's it...

I have a similar issue.I wanted to give access to all mailboxes so I set the add-adpermission for a user account and I found out it only gives me access to the mailbox if I add the mailbox through the Outlook Client. If I access it through OWA it will give me a access denied unless I explicitly give access to each individual mailbox.I am thinking it has something to do with the way I access the mailboxes through OWA/user@domain.pvt. I have set a recepient policy that accepts mail from domain.public for all mailboxes and it is primary? Obviously the permissions on the AD identity worked because it works when accessing all users mailboxes through the client. Any ideas?

sorry about my english but what do you mean or how do you create a profile with a serviceuser acount?. Can you explain that?