Thursday, February 5, 2009

Adding NT AUTHORITY\SELF back for permissions to your mailboxes

Some of you that have upgraded exchange for years like myself may notice that in EXCHANGE 2007, users don't get rights to their own mailboxes, they user "NT AUTHORITY\SELF" to gain access.

Some older users were granted rights directly to their own mailboxes. Before you remove those (and lock them out of their email) run this Powershell script to grant that Authority account back in.

Get-mailbox | Add-Mailboxpermission -user "NT AUTHORITY\SELF" -Accessrights FullAccess

4 comments:

... said...

I believe the syntax is incorrect.

I tried it and it failed, however:

Say you have
Mailbox: John Doe

and want to add the permissions: NT Authority\SELF

Enter the following:

add-MailboxPermission -Identity "John Doe" -User "NT Authority\SELF" -Accessright Fullaccess

Zondra said...

I found that the syntax was correct and worked as is for all the mailboxes in my database. It checked and returned those that needed changed and those that didn't were denoted also.

John Sherman said...

It's almost impossible to find knowledgeable people about this topic, but you sound like you know what you’re talkĐľng about!
Thanks
You are welcome to my blog:
appliance authorized repair
b

Inflatable Brian minor said...

Thanks, this saved me after I accidentally removed NT AUTHORITY\SELF from the list of 'Send As' shared mailbox delegation members in Office 365. There's no way to add it back in via the web interface that I could see. Now I feel like quite the PowerShell l33t haxxorz.