Exchange Hybrid - Mailbox Permissions - ACLableSyncedObjectEnabled

The key here is to review the guidance at https://docs.microsoft.com/en-gb/exchange/hybrid-deployment/set-up-delegated-mailbox-permissions?redirectedfrom=MSDN#enable-aclable-object-synchronization

It is important that the ACLableSyncedObjectEnabled $True before you migrate mailboxes or you will need to reconfigure these manually following the migraiton of mailboxes to Exchange Online.




It is important that the ACLableSyncedObjectEnabled $True before you migrate mailboxes or you will need to reconfigure these manually following the migraiton of mailboxes to Exchange Online.


To enable ACLable Synced Object run the following on the on-premise Exchnage Organisation:

Set-OrganizationConfig -ACLableSyncedObjectEnabled $True


If you have forgotten to enabel this then you change change this buy running:

#To enable ACLs on a single mailbox, run the following command

Get-AdUser "UserMailbox Identity" | Set-AdObject -Replace @{msExchRecipientDisplayType=-1073741818}


#To enable ACLs on all mailboxes moved to Microsoft 365 or Office 365, run the following command

Get-RemoteMailbox -ResultSize unlimited | where {$_.RecipientTypeDetails -eq "RemoteUserMailbox"} | foreach {Get-AdUser -Identity $_.Guid | Set-ADObject -Replace @{msExchRecipientDisplayType=-1073741818}}

 

#To verify that the mailboxes have been successfully updated, run the following command:

Get-RemoteMailbox -ResultSize unlimited | ForEach {Get-AdUser -Identity $_.Guid -Properties msExchRecipientDisplayType | Format-Table DistinguishedName,msExchRecipientDisplayType -Auto




Comments