I've been running into this issue lately. I cannot seem to use groups to allow full access to mailboxes. When I add them from the EMC, it will show up when you go to "Manage Full Access Permission...". After waiting a day and even restarting the Information Store service, the permissions do not take effect. When I view the msExchDelegateListLink attribute of the mailbox account, the group is not listed. When I grant a user full permission, it works and updates the attribute. However, on occasion when I revoke the full access permission for a user is doesn't always remove that user from the msExchDelegateListLink attribute. So the mailbox will still appear in Outlook, but the user isn't able to see new emails. Any ideas on what may be going wrong? Environment: Exchange Server 2010 SP1 Standard Windows Server 2008 R2 Standard Outlook 2010 SP1 (tried without SP1 as well) I was looking over Add-MailboxPermission on Technet (http://technet.microsoft.com/en-us/library/bb124097.aspx) and I noticed that it doesn't mention adding groups. Is this not possible?

This is just a guess, try mail-enabling the security group.Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

Just tried that. I tried switching it to a universal group first which didn't work. This hasn't worked yet either. The group shows up when I run Get-MailboxPermission -identity "mailboxname" as it did before.

That didn't appear to work even after a restart of the Information Store service. I even tried removing the group and adding it back. Still no luck. It does show up when running Get-MailboxPermission -identity "mailboxname". It just doesn't show up in Outlook. I've also tred deleting and recreating the Outlook profile. Any other ideas?

Hi wchar_t, I test in my lab (Exchange 2010 SP1), get the same result as you. If you only want members (in this security group) to have full access permission on the mailbox, you can use this command to achieve the goal: Get-DistributionGroupMember “Test Group” | foreach-Object { Add-MailboxPermission “Usermailbox” –AccessRights FullAccess –user $_.Name} Note: “Test Group” is a mail-enabled security group Thanks, Evan Liu TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.com

I appreciate the PS script to get this done. Is there any reaason groups shouldn't work? I had this issue prior to SP1 as well. I just didn't have a strong need like I do now. I really don't want to assign permissions by user as that isn't best practice. Thanks.

Since we have SA, I have opened a case with MS. But I'm still open to ideas from the forums. :)

Hi, I have experienced exactely same issue at a client place. Exchange 2010 SP1 within a DAG Windows Server 2008 R2 SP1 Outlook 2010 If i apply full access permission to an user, it works. If i apply full access permission to a security group, it never applies. Thanks to keep us updated about your case. Samir

I will definitely update this thread when I hear back from them. ~1 business day or so.

Hope MS will give you an answer :) Thanks!

Hi! Any update concerning the issue?

Heard back from MS, but nothing new to report. Made them aware of this thread and what has been tried already. I'll post back when I hear something from them

Any news?