I have spent several hours and cannot figure out how to add the domain admins group to have full mailbox access. I want them to be able to login to any mailbox, read the email if necessary and send email. I have used the following commands with my information: Add-ADPermission -Identity "First Storage Group" -User "domain admins" -ExtendedRights Receive-As Add-ADPermission -Identity "First Storage Group" -User "domain admins" -ExtendedRights Send-As I've read that domain admins have an explicit deny which overrides my allow but I cannot for the life of me figure out how to remove the deny. I have tried the following: Remove-ADPermission -Identity "First Storage Group" -User "Domain Admins" -ExtendedRights Receive-As -deny I am greeted with the message: WARNING: An inherited access control entry has been specified: [Rights: ExtendedRight, ControlType: Deny] and was ignored on object "CN=First Storage Group.... Any help would be greatly appeciated...

John,You could use the following command:Add-MailboxPermission "Test user" -AccessRights FullAccess -user "administrator"The last parameter can also be a group, see the following page Regards,Johan