none
Messagebind for delegate users is possible? RRS feed

  • Question

  • Hi!

    Can someone confirm properly if the MS Exchange 2016 knows the messagebind for delegate users or not?

    Thanks for your help.


    • Edited by CavaHUN Tuesday, March 8, 2016 1:51 PM misspelled
    Tuesday, March 8, 2016 1:51 PM

Answers

  • Hi,

    Here is what I tried for reference

    [PS] C:\windows\system32>Set-Mailbox User2 -AuditEnabled $true -AuditDelegate @{add="MessageBind"}
    [PS] C:\windows\system32>Get-Mailbox User2 | fl *audit*


    AuditEnabled     : True
    AuditLogAgeLimit : 90.00:00:00
    AuditAdmin       : {Update, Move, MoveToDeletedItems, SoftDelete, HardDelete, FolderBind, SendAs, SendOnBehalf, Create}
    AuditDelegate    : {Update, SoftDelete, HardDelete, SendAs, MessageBind, Create}
    AuditOwner       : {}


    [PS] C:\windows\system32>Get-MailboxPermission User2 -User User1

    Identity             User                 AccessRights                                                 IsInherited Deny
    --------             ----                 ------------                                                 ----------- ----
    contoso.com/TestU... CONTOSO\user1        {FullAccess}                                                 False       False


    [PS] C:\windows\system32>Search-MailboxAuditLog user2 -LogonTypes delegate -ShowDetails | ? {$_.Operation -eq "messagebind"}

    Best Regards.


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com

    Lynn-Li
    TechNet Community Support


    • Marked as answer by CavaHUN Friday, March 11, 2016 8:35 AM
    • Edited by Lynn-LiModerator Friday, March 11, 2016 9:07 AM
    Friday, March 11, 2016 1:57 AM
    Moderator

All replies

  • Hi,

    Although in TechNet document, the messagebind action for delegate users will not be logged in exchange 2016.

    https://technet.microsoft.com/en-us/library/ff459237%28v=exchg.160%29.aspx

    But as my test, if you configure messagebind action for delegate users, it will be logged.

    Best Regards.


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com

    Lynn-Li
    TechNet Community Support

    Wednesday, March 9, 2016 2:30 AM
    Moderator
  • Hi,

    Although in TechNet document, the messagebind action for delegate users will not be logged in exchange 2016.

    But as my test, if you configure messagebind action for delegate users, it will be logged.

    Best Regards.


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com


    Thanks for your answear but i tried the messagebind command for the delegate users but it's not worked. The management shell just denied it. So how you did?

    • Edited by CavaHUN Thursday, March 10, 2016 3:00 PM
    Thursday, March 10, 2016 2:59 PM
  • Hi,

    Here is what I tried for reference

    [PS] C:\windows\system32>Set-Mailbox User2 -AuditEnabled $true -AuditDelegate @{add="MessageBind"}
    [PS] C:\windows\system32>Get-Mailbox User2 | fl *audit*


    AuditEnabled     : True
    AuditLogAgeLimit : 90.00:00:00
    AuditAdmin       : {Update, Move, MoveToDeletedItems, SoftDelete, HardDelete, FolderBind, SendAs, SendOnBehalf, Create}
    AuditDelegate    : {Update, SoftDelete, HardDelete, SendAs, MessageBind, Create}
    AuditOwner       : {}


    [PS] C:\windows\system32>Get-MailboxPermission User2 -User User1

    Identity             User                 AccessRights                                                 IsInherited Deny
    --------             ----                 ------------                                                 ----------- ----
    contoso.com/TestU... CONTOSO\user1        {FullAccess}                                                 False       False


    [PS] C:\windows\system32>Search-MailboxAuditLog user2 -LogonTypes delegate -ShowDetails | ? {$_.Operation -eq "messagebind"}

    Best Regards.


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com

    Lynn-Li
    TechNet Community Support


    • Marked as answer by CavaHUN Friday, March 11, 2016 8:35 AM
    • Edited by Lynn-LiModerator Friday, March 11, 2016 9:07 AM
    Friday, March 11, 2016 1:57 AM
    Moderator
  • Hi,

    Here is what I tried for reference

    [PS] C:\windows\system32>Set-Mailbox User2 -AuditEnabled $true -AuditDelegate @{add="MessageBind"}
    [PS] C:\windows\system32>Get-Mailbox User2 | fl *audit*


    AuditEnabled     : True
    AuditLogAgeLimit : 90.00:00:00
    AuditAdmin       : {Update, Move, MoveToDeletedItems, SoftDelete, HardDelete, FolderBind, SendAs, SendOnBehalf, Create}
    AuditDelegate    : {Update, SoftDelete, HardDelete, SendAs, MessageBind, Create}
    AuditOwner       : {}


    [PS] C:\windows\system32>Get-MailboxPermission User2 -User User1

    Identity             User                 AccessRights                                                 IsInherited Deny
    --------             ----                 ------------                                                 ----------- ----
    contoso.com/TestU... CONTOSO\user1        {FullAccess}                                                 False       False


    [PS] C:\windows\system32>Search-MailboxAuditLog user2 -LogonTypes delegate -ShowDetails | ? {$_.Operation -eq "messagebin
    d"}

    Best Regards.


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com


    You are great! It's worked! Thank You!
    Friday, March 11, 2016 8:36 AM
  • As of 2019, 'Set-Mailbox User -AuditEnabled $true -AuditDelegate @{add="MessageBind"}' gives this:

    Invalid audit operation specified. Supported audit operations for Delegate are None, Create, FolderBind, SendAs, SendOnBehalf, SoftDelete, HardDelete,
    Update, Move, MoveToDeletedItems and UpdateFolderPermissions.
        + CategoryInfo          : NotSpecified: (Microsoft.Excha...asks.SetMailbox:SetMailbox) [], RecipientTaskException
        + FullyQualifiedErrorId : [Server=DM6PR06MB6236,RequestId=a492f745-686e-4cf0-ae94-444394175f22,TimeStamp=7/17/2019 7:13:18 PM] [FailureCategory=Cmdlet-Re
       cipientTaskException] AFA15B04
        + PSComputerName        : ps.outlook.com

    Wednesday, July 17, 2019 7:15 PM