When trying to assign full mailbox rights on an Exchange Multi Tenant installation, you receive this error:
Add-MailboxPermission -Identity [email protected] -User userb@domain -AccessRights ‘FullAccess’
The operation on mailbox [email protected] failed because it’s
out of the current user’s write scope. The object ‘userb’ must be within the read scope before and after it’s modified. Can’t perform the save operation.
+ CategoryInfo : NotSpecified: (ehosting.local/…C/Administrator:ADObjectId) [Add-MailboxPermission], Ta
skInvalidOperationException
+ FullyQualifiedErrorId : CFE6232C,Microsoft.Exchange.Management.RecipientTasks.AddMailboxPermission
The fix to this is to simply log into the hosted exchange as the admin for the organisation and run the command again and it works. 🙂
How can you log in to the server as the other organization admin? Did you modify your group policy to permit logons from the organization admins? Please explain, thanks!
Well I added that particular orgs admin to allow RDP access, ran the command successfully in powershell, then removed that org’s admin RDP access. Thanks!
Great, I’m glad that you got it working. Sorry for the late reply. 🙂