I have an exchange 2013 running for over a year now and never had any problems with it. Until recently.
A request came in to make a new shared mailbox. So I did just that and gave rights to a security (not mail enabled) AD group. Just like I Always do. Everything worked fine. A few hours later I did exactly the same for another request and then the people could not access the shared mailbox. So I added my regular user to the AD group and I also couldn't (I tested it with OWA and Outlook). I tried to remove myself of one of my own shared mailboxes and the permissions wouldn't stick. When I removed the entire group then the permissions were gone(and I could not access the shared mailbox). When I added it back I had my permissions back but still wasn't in the group. Then I tried adding a distribution group with the same result.
It seems when I add normal users directly to the permissions everything works.
When I had to restart the server a few days later. All changes were applied but I could not change it again.
i'm a bit stumped on this one. i'm out of options.