[Solved] Deliberately breaking multi-tenancy  


0

Hi folks,

i have the usual: Windows Server 2012 R2 Standard, Active-Directory, MS Exchange 2016 CU5, some Remote Desktop Servers and a host of different companies, all belonging to the same person. I used Cloudpanel v3.1.x to set up the environement with lots of different companies.

Seggregation works fine: one Company does not see the others. I updated to Cloudpanel v3.1.1540 and all runs well.

Now the boss comes along and tells me there is a new Company (set up in Cloudpanel last month) and all the People working there work now and will keep on working in other Companies we also host.

I am to enable User A from Company A to have Full Access/Send as-Rights to User B Company B, log on as User A/Company A, configure Outlook 2013 to open both Mailboxes and to send mails as User B/Company B.

The part of giving him/her the right to Full Access / Send As works fine.

Outlook 'knows' all by itself that it should 'mount' both mailboxes. I can see everything, set up appointments, read mail etc.pp..

The Moment i change the sender to emailuserb@companyb.ch i get the message that i am not allowed to send as emailuserb@companyb.ch!?!

How should i set this up, while still using Cloudpanel?

The exact errormessage is:

[start error]

Ihre Nachricht hat einige oder alle Empfänger nicht erreicht.

 

 

 

      Betreff:    Test 14:09 Uhr

 

      Gesendet am:      16.05.2017 14:09

 

 

 

Folgende(r) Empfänger kann/können nicht erreicht werden:

 

 

 

      'Wolfgang Bär' am 16.05.2017 14:10

 

            Diese Nachricht konnte nicht gesendet werden. Versuchen Sie es später erneut, oder wenden Sie sich an den Netzwerkadministrator. Sie besitzen nicht die Berechtigung, die Nachricht im Auftrag des angegebenen Benutzers zu senden. Fehler: [0x80070005-0x0004dc-0x000524].

[end error]

[Rough tranlation:

... This Messages could not be send. Try again later or contact your Network Administrator. You do not have the right, to SEND AS the designated user. Error: [0x80070005-0x0004dc-0x000524].

end Translation]

Problem is: i know that User A/Company A has the Full Access/ Send As-Rights for User b/Company B

I do not want to stop using Cloudpanel because the majority of our Users/Companies will stay seggregated. I need some powershell magic - or AD-User Groups / Exchange-Groups magic - to get this to work. Please advise me 🙂

Thanks for your help!

Kind regards,

Wolfgang Bär/Net/Access AG/Switzerland

 

 

 

 

I am having the exact problem and issue. However, if i try via OWA it works.

only through Outlook client its not working. any update on this ?

0

There is Send-On-Behalf permissions and Send-As. I assume you are modifying USER-B by adding USER-A for Send-As permissions. This is all you should have to do to grant that user to ability to send as the other user. Can you email the following to support@knowmoreit.com and tell me who USER-A is:

Exchange Powershell

Get-Mailbox -Identity <USER-B> | Get-ADPermission | fl
 
  
Working

Please Login or Register