I realize that this is a "feature" not a bug, but in my case it is just annoying. I use my account to administer Exchange. I need full access permissions to all mailboxes in the database in order to do what I need to do, but I DO NOT want every mailbox to appear in Outlook 2010 when I open it to my own mailbox. Is there a way to prevent this from happening?Deb

How did you grant the access using "fullaccess" or "receive-as"? Do receive-as and not full accesss. This example grants the user Ayla Kol Full Access permission to Chris Ashton's mailbox. Add-MailboxPermission "Chris Ashton" -User "Ayla Kol" -AccessRights FullAccess This example grants the user Ayla Kol Receive As permission for mailboxes on mailbox database DB01. Ayla will be able to log on to every mailbox on that database. Add-ADPermission -Identity "DB01" -User "Ayla" -ExtendedRights Receive-As James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

Hi Synoff, Here is a good article how you disable auto mapping of mailboxes. http://www.stevieg.org/2011/02/disable-exchange-2010-sp1s-auto-shared-mailbox-mapping/Adam Bokiniec

Adam - Thanks for the suggestion, but I've already tried that script and couldn't get it to work - don't know why. Maybe my lack of skill and knowledge with the Exchange Management shell, but every time I try to run it, I get a "not a recoginizable command...." message. James - That sounds like a good way to go, although it's a pain to have to do it for every mailbox individually. Is it possible to grant those permissions to the entire mailbox store in a single command? Also, if my login is also a member of the Exchange Organization administrative role and a domain admin, will that still work, or do I have to work around some deny permissions?Deb

On Sun, 8 May 2011 14:25:31 +0000, SYNOFF wrote: >Adam - Thanks for the suggestion, but I've already tried that script and couldn't get it to work - don't know why. Maybe my lack of skill and knowledge with the Exchange Management shell, but every time I try to run it, I get a "not a recoginizable command...." message. Are you using the Exchange Management Shell to run the script or are you just using the bare-bones Powershell? Knowing *what* command isn't recognizable would help. --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP

Hi Deb, Maybe you can follow these steps to have a try: Open the additional mailbox properties in Adsiedit.msc, and remove the attribute msExchDelegateListLink having its value as DN of the user account who has full access to the additional mailbox. You can remove the additional mailbox attribute “msExchDelegateListLink” in additional mailbox properties (which having its value as DN of the user account who has full access to the additional mailbox) under CN=users Restart Outlook then you will find the additional mailboxes are not added in Outlook now. Thanks, Evan Liu TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.com Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

I Agree with Evan Please go through below mentioned article which will explain things in detail http://www.howexchangeworks.com/2010/09/auto-mapping-mailboxes-with-full-access.html Let me know if this helpsPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Thanks Prateek

You don't run the command on every mailbox individually. The example sets it on the entire database. If you wanted to run against all the databases in single liner then you just do get-exchangeserver or get-mailboxdatabase and pipe it to Add-ADpermission This example grants the user Ayla Kol Receive As permission for mailboxes on mailbox database DB01. Ayla will be able to log on to every mailbox on that database. Add-ADPermission -Identity "DB01" -User "Ayla" -ExtendedRights Receive-As get-mailboxserver <Exchange2007> | add-adpermission -user admin -extendedrights Receive-As get-mailboxdatabase | add-adpermission -user admin -extendedrights Receive-AsJames Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

I tried that, and it's still adding those mailboxes back to my Outlook profile each time I open Outlook - VERY strange. I opened adsiedit and removed all the links, and they were still showing up in Outlook. So then I removed my full access privileges through the EMC (GUI) and opened Outlook again, and they were still showing up. So, I checked and double-checked the users in adsiedit, and the msExchDelegateListLink attribute is definitely blank. Then before opening Outlook again, I checked my profile settings and they were still there, so I deleted each personal individually from my profile. When I opened Outlook again, they all appeared again within a few seconds of my mailbox opening. Can't figure that one out since now I don't even have full access permissions to these mailboxes, unless the GUI setting doesn't really work...Deb

To finally resolve this issue, I did the following: Followed the steps using adsiedit.msc to remove the msExchDelegateListLink property from the users, as described by Evan. Removed the full mailbox access settings that I had originally applied through the Exchange Management Console. Used the management shell to add the "receive as" permissions for the entire mailbox store to my user login, as described by James Chong. Deleted my original Outlook profile on my workstation and created a new one. All that put together seems to have resolved the issue for me. Deb