Read Permission for Mailbox

Modified on Tue, 03 Jan 2023 at 04:04 AM

Problem Statement:

Can I grant Read Only Permission to a User's Mailbox (Cloud based service)?


Solution:

  • Currently granting Read Permission to the entire Mailbox is not possible due to a Microsoft limitation.
  • The Access Rights 'ReadPermission' refers to the ability to read the Permission on the Mailbox and it doesn't grant any permission to the mailbox (including Read Only).
  • You can grant Read and manage delegation which is equivalent to Full Permission and it allows a delegate to open the mailbox and behave as the mailbox owner.


Read Permission is only usable for on-premise. It's not intended for end user's access.


To check other Mailbox Permission kindly refer to the KB article - How to Grant Access To Mailbox


You can however grant Read Permission at Folder Level using PowerShell or using Custom Action in CoreView.


Mailbox Folder Permission:


PowerShell cmdlet for Mailbox Folder level permission:


To add folder level permissions for users in mailboxes you can use PowerShell cmdlet - 

 "Add-MailboxFolderPermission".


This cmdlet is available in on-premises Exchange and in the cloud-based service. Some parameters and settings may be exclusive to one environment or the other.


Syntax:

Add-MailboxFolderPermission   
[-Identity] <MailboxFolderIdParameter>   
-AccessRights <MailboxFolderAccessRight[]>  
-User <MailboxFolderUserIdParameter>  
[-Confirm]  
[-DomainController <Fqdn>]  
[-SendNotificationToUser <Boolean>]  
[-SharingPermissionFlags <MailboxFolderPermissionFlags>]  
[-WhatIf]  
[<CommonParameters>]


Some Examples:


Add-MailboxFolderPermission -Identity ayla@contoso.com:\Marketing -User ed@contoso.com -AccessRights Owner

# This example grants the Owner role to Ed on the Marketing folder in Ayla's mailbox.
Add-MailboxFolderPermission -Identity ayla@contoso.com:\Calendar -User julia@contoso.com -AccessRights Editor -SharingPermissionFlags Delegate

# In Exchange Online, this example adds Julia as a calendar delegate to Ayla's mailbox, but without access to private items.
Add-MailboxFolderPermission -Identity ayla@contoso.com:\Calendar -User laura@contoso.com -AccessRights Editor -SharingPermissionFlags Delegate,CanViewPrivateItems

# In Exchange Online, this example adds Laura as a calendar delegate to Ayla's mailbox
with access to private items.


For more information on Mailbox Folder Permission kindly refer MSDN article:  Add-MailboxFolderPermission


Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article