Microsoft® Exchange mailbox access permissions – Grant Permissions
The Import from Microsoft Exchange MailboxA directory or folder used for receipt, filing, and storing messages of emails. Wizard within Import Export Tool uses the credentials of the logged-on user when run on the Microsoft® Exchange Server machine directly. To run the wizard on a server that is not the Microsoft® Exchange Server machine, specify a username and a password. This account needs to be granted full mailbox access (‘SendAs’ and ‘ReceiveAs’ permissions) on the mailboxes from which emails are to be extracted.
NOTE
It is recommended to remove these permissions after extracting the mailboxes.
Importing mailboxes remotely from Microsoft® Exchange Server 2007
Grant the Import Export Tool user full mailbox access on the mailboxes from which emails are to be extracted:
1. Open the Microsoft Exchange Management Console.
2. Expand Recipient Configuration in the left pane.
3. In the right pane, locate the name of the user you want to grant permission to. Right-click the name and select Manage Send As Permission....
4. In the wizard, click Add.
5. Select the user name of the mailbox owner from which you will be importing emails and click Manage.
6. Click Finish.
7. Right-click the name again and select Manage Full Access Permission...
8. In the wizard, click Add.
9. Select same user name selected in step 5, and click Manage.
10. Click Finish.
Importing mailboxes remotely from Microsoft® Exchange Server 2007 SP1 SP2 SP3
Grant the Import Export Tool user full mailbox access on the mailboxes from which emails are to be extracted:
1. Open the ‘Exchange Management Shell’ on the Microsoft® Exchange Server 2007.
2. Run the following Windows® PowerShell commandlet:
foreach ($exchangeServer in Get-ExchangeServer)
{
if ($exchangeServer.ServerRole -match 'ClientAccess')
{
Add-ADPermission -Identity $exchangeServer.DistinguishedName -User 'domain\user' -ExtendedRights ms-Exch-EPI-Impersonation
}
}
Example:
foreach ($exchangeServer in Get-ExchangeServer)
{
if ($exchangeServer.ServerRole -match 'ClientAccess')
{
Add-ADPermission -Identity $exchangeServer.DistinguishedName -User 'master-domain\administrator' -ExtendedRights ms-Exch-EPI-Impersonation
}
}
Importing mailboxes remotely from Microsoft® Exchange Server 2010/2013/2016
Grant the Import Export Tool user full mailbox access on the mailboxes from which emails are to be extracted:
1. Open the ‘Exchange Management Shell’ on the Microsoft® Exchange Server.
2. Run the following PowerShell commandlet:
New-ManagementScope -name "MAUMPolling" -recipientrestrictionfilter {recipienttype -eq "UserMailbox"}
3. On completion, run the following PowerShell commandlet:
New-ManagementRoleAssignment -name "MAExportEmails" -role:applicationimpersonation -user "administrator@domain.com" -customrecipientwritescope "MAUMpolling"
Example:
New-ManagementRoleAssignment -name " MAExportEmails " -role:applicationimpersonation -user "administrator@mydomain.com" -customrecipientwritescope "MAUMpolling"
NOTE
Ensure that latest MAPIMessage Application Programming Interface version is installed on the Exchange server for this procedure to work.