Delegate is unable to see private items if permissions are granted to distribution group or security group
RAPID PUBLISHING ARTICLES PROVIDE INFORMATION IN RESPONSE TO EMERGING OR UNIQUE TOPICS, AND MAY BE UPDATED AS NEW INFORMATION BECOMES AVAILABLE.
Windows 2003Service Pack 1
- Exchange Version: 2003
- Exchange SP: 1
Delegates unable to see private messages.
When userA gives full mailbox access permissions to userB (for all his items and check "delegates can see my private items"), userB can see userA's private items without any problem.
But, If the user B is the member of a security group we cannot add that security group to the "delegates can see my private items" option in outlook.
It is possible to add a distribution group instead of security group to the "delegates can see my private items" option in outlook but even this will not allow the members of the distribution group to see the private messages.
- Create an Outlook profile and log on to the Resource1 mailbox.
- On the Tools menu, click Options, and then click the Delegates tab.
- Click Permissions and assign Reviewer permissions (or higher) to the Inbox.
- Click to select the Delegate can see my private items check box.
The workaround to this would be:
- Create a Universal Security Group in AD Users and Computers (not a Distribution Group).
- Add users who should have access to the Public Folder.
- Create a mail-enabled Public Folder in Exchange System Manager.
- Go into the properties of the Public Folder in Exchange System Manager and select the "Permissions" tab.
- Set Default and Anonymous users to the "Contributor" role (this way anyone can send email to the Public Folder)
- Add the Universal Security Group that was created in step 1 above and set the permissions appropriately (you could set the group as Owner, but if they don't ever need to modify or delete anything you may want to use a role that just has "Read" permissions).
At this point you'll have the new Public Folder with its own email address and the correct users will have permissions to access it. To make the change seamless to people sending email into the resource mailboxes, you can configure the existing Resource Mailboxes to forward all incoming mail to their new Public Folders. Use these steps to do this:
- Go into the properties of the resource mailbox in Exchange System Manager.
- Select the Exchange General tab
- Click "Delivery Options"
- In the "Forwarding Address" section, select "Forward To:" and click "Modify" to select the Public Folder to which you want the email forwarded. It will redirect all incoming mail to this Public Folder unless you check the box labeled "Deliver messages to both forwarding address and mailbox"
- You can then open the resource mailbox as a user who has write permissions on the Public Folder and drag/drop all the old messages into the Public Folder.
Article ID: 924259 - Last Review: 04/17/2009 17:17:57 - Revision: 3.0
- kbprb kbtshoot kbrapidpub KB924259