John Doe is a user in your Active Directory environment (Windows Server 2008 R2 Forest Function Level) with a mailbox on the email server (Exchange Server 2010 with SP2):
You want to grant a domain local group named “Test Group” the full access permission to John Doe’s mailbox:
You attempt to grant this permission by selecting “Manage Full Access Permission” from the Exchange 2010 Management Console:
When you click add and search for the group, it doesn’t appear:
PowerShell to the Rescue! The only way I’ve figured out how to accomplish this (work-around for this issue) is to use the “Exchange Management Shell” (PowerShell). In this scenario, use the following PowerShell script:
Add-MailboxPermission -Identity "John Doe" -User "Test Group" -AccessRights "FullAccess"
Even though the syntax uses the parameter name “-User”, you can specify a group name.
The full access permission for John Doe’s mailbox is now assigned to the “Test Group”: