Grant Admin Read Rights to Users Mail Boxes

This question is not answered This question is not answered

I have a requirment where Exchange 2010 Online Administrator should able to view mail boxes (basically want to read emails) of any user in the domain. On there onprimse installation of exchange they have this functionality available , I guess they are using one of the settings as mentioned in the link . Is there any setting that allows this behaviour in Exchange 2010 Online? so far I dont see any way to get this done..


All Replies
  • Hello,

    Users assigned the RBAC Global Admin role *should* have the ability to open another user's mailbox in OWA (similar to the way that users granted full-control over a mailbox could open it in Exchange 2007 OWA).  However, there is currently a known issue where Global Admins cannot do this -- attempting to open another mailbox results in a "this mailbox is unavailable" error.  The Exchange Online engineering folks have acknowledged this bug and are currently working on a solution.  I apologize for any inconvenience this issue may be causing.



  • Thanks Chase. Can you please mention the steps that are required to view other user's mailbox, even though there is a bug right now but I still need steps for the future use. For the moment I am trying getting to user mail box as follows

    1. From Exchange Online Admin page Select "Mail"

    2. From "What to Manage" drop down , select "Another User"

    3. From the list of users select a User (e.g David)

    4. After the selection of user previous step launced new browser window  but I get follwing error

    "You don't have permission to open this page. If you're a new user or were recently assigned credentials, please wait 15 minutes and try again."

    I am sure that I am Global Admin , but if there is some way to confirm this (other than by the actions I am performing) then it would be good.

  • Hello,

    This is a different scenario.  Choosing the "manage other user" here is just the same as picking the user off of the list in "Users & Groups" then selecting "details".  You don't get to see the user's mail here -- this is for managing the user account itself.

    That being said, you should at least get the default behavior I described above.  I would recommend contacting us directly so that we can verify this behavior on your account, and open up an investigation with our Exchange engineer team as necessary.



  • Update on this one:

    Global admin should be able to manage (in the ECP) or open another mailbox (from OWA) out of the box, but this isn't happening right now.

    Both of these can be accomplished by granting mailbox permissions through Powershell:

    Add-MailboxPermission -Identity <Mailbox ID 1> -User <Mailbox ID 2> -AccessRights FullAccess -InheritanceType All

    In this command line, <Mailbox ID 1> represents the mailbox that you want to grant rights to and <Mailbox ID 2> is the mailbox of the user who you want to grant Full Access rights.

    If an administrator wants to grant a user access to a room mailbox, the administrator may want to specify that user as the Owner. To do this, use the following command line:

    Add-MailboxPermission -Identity <Mailbox ID 1> -Owner <Mailbox ID 2>

    Note Only users that have Exchange mailboxes can be granted access to other mailboxes. Users who do not have mailboxes receive a permissions error when they try  to access the other mailboxes.

    I just tested this out and it works.




  • Has there been any fix for this added (besides the powershell solution) This is important and one would think basic feature that should work.