Share via

Unable to change mailbox permissions

Nicholas 0 Reputation points
2025-01-23T00:39:28.57+00:00

Hi, We have inherited a Hybrid Exchange environment. It consists of 1 on-prem Exchange Server (Version 15.0 ‎(Build 1473.3)) and M365. All the mailboxes have been migrated to M365 and ADSync is present to replicate to M365.

The issue we have is that even as a Global and Exchange admin in M365, we are unable to edit the permissions of any users mailbox. Doing this via the M365 admin centre just returns a message saying "Something Went Wrong." If we try it in Powershell we get a "User is not allowed to call" message.

We are trying to understand if this is an issue with M365 or we are trying to make the permission change from the wrong location?

In a hybrid environment where all mailboxes have been migrated, from where you should you make permission changes to a mailbox?  Is there something else we are doing wrong here?

Microsoft Exchange Hybrid Management
Microsoft Exchange Hybrid Management
Microsoft Exchange: Microsoft messaging and collaboration software.Hybrid Management: Organizing, handling, directing or controlling hybrid deployments.
2,210 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Alex Zhang-MSFT 3,940 Reputation points Microsoft Vendor
    2025-01-27T07:59:10.7033333+00:00

    Hello, @Nicholas,

    Welcome to the Microsoft Q&A platform!

    The error messages you're encountering "Something Went Wrong" in the admin center and "User is not allowed to call" in PowerShell suggest there might be an issue with the permissions or roles assigned to your admin account.

    In a hybrid Exchange environment where all mailboxes have been migrated to Microsoft 365 (M365), you should manage mailbox permissions directly in the Exchange Online environment.

    User's image

    Meanwhile, ensure that your admin account has the necessary roles assigned in Exchange Online. Even if you are a Global Admin, specific Exchange roles might be required to manage mailbox permissions. Verify that your hybrid configuration is correctly set up to support mailbox permissions. Sometimes, additional configuration is needed to ensure permissions are synchronized properly between on-premises and Exchange Online.

    For more detailed information, please refer to:

    1.Permissions in Exchange hybrid deployments | Microsoft Learn

    2.Role assignment policies in Exchange Online | Microsoft Learn

    3.Manage role groups in Exchange Online | Microsoft Learn

    Should you need more help on this, you can feel free to post back. 

    If the answer is helpful, please click on “Accept answer” as it could help other members of the Microsoft Q&A community who have similar questions and are looking for solutions.

    Thank you for your support and understanding.

    Best Wishes,

    Alex Zhang

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.