Skip to content

Mailbox delegation

Set Send As delegates

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

# Connect to the Adaxes service
$admNS = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$admService = $admNS.GetServiceDirectly("localhost")

# Bind to the user
$userDN = "CN=John Smith,CN=Users,DC=example,DC=com"
$user = $admService.OpenObject("Adaxes://$userDN", $NULL, $NULL, 0)

# Create an instance of the AdmExchangeMailboxParameters class
$mailboxParams = New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxParameters"

$sendAs = $mailboxParams.SendAs
$sendAs.OverrideOldValues = $False

$groupDN = "CN=Help Desk,CN=Users,DC=example,DC=com"

$objReference = New-Object "Softerra.Adaxes.Adsi.AdmObjectReference"
$objReference.ObjectDN = $groupDN

$sendAs.Add("ADS_PROPERTY_APPEND", $objReference)
$mailboxParams.SendAs = $sendAs

# Save changes
$user.SetMailParameters($mailboxParams, "ADM_SET_EXCHANGE_PARAMS_FLAGS_NONE")

Set Send on Behalf Of delegates

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

# Connect to the Adaxes service
$admNS = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$admService = $admNS.GetServiceDirectly("localhost")

# Bind to the user
$userDN = "CN=John Smith,CN=Users,DC=example,DC=com"
$user = $admService.OpenObject("Adaxes://$userDN", $NULL, $NULL, 0)

# Create an instance of the AdmExchangeMailboxParameters class
$mailboxParams = New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxParameters"

$sendOnBehalfOf = $mailboxParams.GrantSendOnBehalfTo
$sendOnBehalfOf.OverrideOldValues = $False

$groupDN = "CN=Help Desk,CN=Users,DC=example,DC=com"

$objReference = New-Object "Softerra.Adaxes.Adsi.AdmObjectReference"
$objReference.ObjectDN = $groupDN

$sendOnBehalfOf.Add("ADS_PROPERTY_APPEND", $objReference)
$mailboxParams.GrantSendOnBehalfTo = $sendOnBehalfOf

# Save changes
$user.SetMailParameters($mailboxParams, "ADM_SET_EXCHANGE_PARAMS_FLAGS_NONE")

Set the Full Mailbox Access permission

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

# Connect to the Adaxes service
$admNS = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$admService = $admNS.GetServiceDirectly("localhost")

# Bind to the user
$userDN = "CN=John Smith,CN=Users,DC=example,DC=com"
$user = $admService.OpenObject("Adaxes://$userDN", $NULL, $NULL, 0)

# Create an instance of the AdmExchangeMailboxParameters class
$mailboxParams = New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxParameters"

$groupDN = "CN=Help Desk,CN=Users,DC=example,DC=com"

$objReference = New-Object "Softerra.Adaxes.Adsi.AdmObjectReference"
$objReference.ObjectDN = $groupDN

$permission = New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxPermission"
$permission.AllowedRights = "ADM_EXCHANGE_MAILBOX_RIGHTS_FULL_ACCESS"
$permission.Trustee = $objReference

$permissionModification = 
    New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxRightsModification"
$permissionModification.Operation = "ADS_PROPERTY_APPEND"
$permissionModification.Permission = $permission

$mailboxRights = $mailboxParams.MailboxRights

$mailboxRights.AddModification($permissionModification)
$mailboxParams.MailboxRights = $mailboxRights

# Save changes
$user.SetMailParameters($mailboxParams, "ADM_SET_EXCHANGE_PARAMS_FLAGS_NONE")

Change mailbox owner

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

# Connect to the Adaxes service
$admNS = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$admService = $admNS.GetServiceDirectly("localhost")

# Bind to the user
$userDN = "CN=John Smith,CN=Users,DC=example,DC=com"
$user = $admService.OpenObject("Adaxes://$userDN", $NULL, $NULL, 0)

# Create an instance of the AdmExchangeMailboxParameters class
$mailboxParams = New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxParameters"

# Trustee
$groupDN = "CN=MyGroup,CN=Users,DC=example,DC=com"

$objReference = New-Object "Softerra.Adaxes.Adsi.AdmObjectReference"
$objReference.ObjectDN = $groupDN

# Permissions granted: Change permissions, Delete mailbox storage, Take ownership
$permission = New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxPermission"
$permission.AllowedRights = @("ADM_EXCHANGE_MAILBOX_RIGHTS_CHANGE_PERMISSION", 
  "ADM_EXCHANGE_MAILBOX_RIGHTS_DELETE_ITEM")
$permission.DeniedRights = "ADM_EXCHANGE_MAILBOX_RIGHTS_CHANGE_OWNER"
$permission.Trustee = $objReference

$permissionModification =
    New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxRightsModification"
$permissionModification.Operation = "ADS_PROPERTY_APPEND"
$permissionModification.Permission = $permission

$mailboxRights = $mailboxParams.MailboxRights

$mailboxRights.AddModification($permissionModification)
$mailboxParams.MailboxRights = $mailboxRights

# Save changes
$user.SetMailParameters($mailboxParams, "ADM_SET_EXCHANGE_PARAMS_FLAGS_NONE")

Assign specific mailbox rights

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

# Connect to the Adaxes service
$admNS = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$admService = $admNS.GetServiceDirectly("localhost")

# Bind to the user
$userDN = "CN=John Smith,CN=Users,DC=example,DC=com"
$user = $admService.OpenObject("Adaxes://$userDN", $NULL, $NULL, 0)

# Create an instance of the AdmExchangeMailboxParameters class
$mailboxParams = New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxParameters"

# Trustee
$groupDN = "CN=MyGroup,CN=Users,DC=example,DC=com"

$objReference = New-Object "Softerra.Adaxes.Adsi.AdmObjectReference"
$objReference.ObjectDN = $groupDN

# Permissions granted: Change permissions, Delete mailbox storage, Take ownership
$permission = New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxPermission"
$permission.AllowedRights = @("ADM_EXCHANGE_MAILBOX_RIGHTS_CHANGE_PERMISSION", 
  "ADM_EXCHANGE_MAILBOX_RIGHTS_DELETE_ITEM")
$permission.DeniedRights = "ADM_EXCHANGE_MAILBOX_RIGHTS_CHANGE_OWNER"
$permission.Trustee = $objReference

$permissionModification =
    New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxRightsModification"
$permissionModification.Operation = "ADS_PROPERTY_APPEND"
$permissionModification.Permission = $permission

$mailboxRights = $mailboxParams.MailboxRights

$mailboxRights.AddModification($permissionModification)
$mailboxParams.MailboxRights = $mailboxRights

# Save changes
$user.SetMailParameters($mailboxParams, "ADM_SET_EXCHANGE_PARAMS_FLAGS_NONE")

See also