Cannot move "private" items in shared mailbox issue

Bill Tkach 86 Reputation points
2020-10-01T23:38:15.21+00:00

I found this link to a similar problem.

It's from 2012.

So now, it's 2020, I am using Outlook 365, with an on-premise server, and I still seem to have this issue.

We have a shared mailbox, lets call it HR.
This mailbox is shared between several people. Lets say one is Joe.
Joe logs into his Outlook account. He was setup with Full Access and Send Access in ECP, so technically should be able to do everything in the HR shared mailbox. He wants to move some files around within the HR mailbox. Not out of it to his mailbox, or somewhere else, but just WITHIN it.

However, he finds that for any folder that contains a folder within it, it gives an error message if he tries to move it. Or delete it.
The only solution that I have found is to manually recreate the new folder in the new location. You then have to copy the folders that reside in the original folder location to the new location, and copy any emails over. Sloppy and error prone.

Now I've seen some solutions that say you need to give people Delegate Access, by logging in as the Shared folder, and then right clicking the inbox, and setting Joe as a delegate, but this is Shared folder on Exchange. It doesn't have an account that lets you log on. And Joe already has Full/Send Access on the HR mailbox.

What is the solution here? I see this one, but I don't know how I would grant them rights to "Private items"

Outlook Management
Outlook Management
Outlook: A family of Microsoft email and calendar products.Management: The act or process of organizing, handling, directing or controlling something.
4,873 questions
Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,335 questions
0 comments
Accepted answer
  1. Yuki Sun-MSFT 40,781 Reputation points
    2020-10-02T02:48:18.773+00:00

    Hi @Bill Tkach

    he finds that for any folder that contains a folder within it, it gives an error message if he tries to move it. Or delete it.

    Is the error message the same with what was cited in the thread you shared? That is: "cannot move the items. Cannot copy this folder because it may contain private items" ?
    What's the version of your Exchange server?

    As per your concern about the possible solution that grant the rights to "Private items", please follow the steps below to set up the shared mailbox as a separate account so that you would be able the assign the "Private items" permission:

    1. Let's say you are granted with the Full Access permission to the shared mailbox "HR". Please create a new Outlook profile from ether Control Panel or within Outlook(File > Account Settings > Manage Profiles, click Show Profiles, choose "Prompt for a profile to be used", click Add), specify a name for the profile, such as "HR", click OK:
      29727-1.png
    2. In the Add account dialogue box, enter the name and the email address of the shared mailbox only, don't fill out the other fields:
      29812-2.png
    3. Click Next to proceed the configuration, click Finish.
    4. Restart Outlook using the new created profile, it will prompt you for your user credentials. You can now choose "More choices" > Use a different account, and then fill out your own username and password:
      29728-3.png
      29793-4.png
    5. Now you would be able to go to File > Account Settings > Delegate Access, and give the user delegate rights with the permission to see the private items:
      29832-5.png

    If an Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    4 people found this answer helpful.

4 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Bill Tkach 86 Reputation points
    2020-10-02T21:00:00.47+00:00

    So this sent me down a rabbit hole.
    I followed the suggestions above, and I was unable to get it working.

    I then realized that when using the ECP, there is an option to give a user mailbox "Send On Behalf" permission, but this option does not show up for Shared Mailboxes.

    However, in the Exchange Management Shell, the command exists. 

    Set-mailbox 'HR' -Grantsendonbehalfto @{add="Joe@ourdomain.ca"}

    Apparently you need to have this Send-on-Behalf permission... to move folders around in a Shared folder to which you have access. Makes total sense. Anyway.

    Once I granted Joe that, Joe was then able to follow the instructions YukiSun-MSFT provided above. Even though you have Send-on-behalf, you still have to change the setting to enable the user to be able to be an Editor and move files around, and grant the "Delegate can see my private items."

    And now it works!

    If you want to see who has Send-on-Behalf on a mailbox 

    Get-Mailbox 'MySharedMailbox' | ft Name,grantsendonbehalfto -wrap

    Thanks for the help!

    1 person found this answer helpful.
  2. Bryce Wood 5 Reputation points
    2023-05-03T06:42:09.4633333+00:00

    I Just wanted to revisit this as I have just recently had this issue, I did attempt to perform the steps that @Bill Tkach and @Yuki Sun-MSFT suggested. Logging into the mailbox as the delegate using ust @Yuki Sun-MSFT instructions I received an error when delegating due to no Send on Behalf and so following @Bill Tkach steps got me a little further however I did seem to still get errors (attempted adding Send on Behalf from both PS and O365 ECP) in the end I did get the user showing Editor permissions with Private in the Delegate permissions but I still received the error "private items" when attempting to move the folder.

    I then tried using PS to add the Delegate Editor and Private items permission.

    Add-MailboxFolderPermission -Identity sharedmailbox@domain.com:\Calendar -User Username@domain.com -AccessRights Editor -SharingPermissionFlags Delegate,CanViewPrivateItems

    I wasn't convinced this would work as it applied to the Calendar items but there did not appear to be a \Inbox value.

    I then tested and was able to move the folder (containing subfolders) not only in the shared mailbox but also from one shared mailbox to another shared mailbox. I still wasn't sure if maybe some of the changes from the original attempts using the @Bill Tkach and @Yuki Sun-MSFT had just taken a while to propagate so I applied the same command to a 2nd shared mailbox that I had not performed any of the previous Delegation changes to. I had applied send on behalf access though.

    Add-MailboxFolderPermission -Identity sharedmailbox2@domain.com:\Calendar -User Username@domain.com -AccessRights Editor -SharingPermissionFlags Delegate,CanViewPrivateItems

    My gut says that this is the only command you need to run on the shared mailbox to get this to work but worst case is you may need to add the send on behalf right as well.

    1 person found this answer helpful.
    0 comments
  3. Robert Orenbaun 5 Reputation points
    2023-05-25T13:04:15.23+00:00

    It is ridiculous that you have to perform all these steps, just to give someone permissions to move items in a shared folder (that you have given full permissions to). Why is this not just a checkbox in the shared folder config in the admin page?

    1 person found this answer helpful.
  4. Folla, Gianluca 5 Reputation points
    2023-10-19T13:28:45.2033333+00:00

    Login to OWA with your normal account

    top right to open another mailbox

    type in the name of the other mailbox and open it

    There you can move every folder.

    1 person found this answer helpful.