This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 66%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
Hi Folks,
I am trying to research what exactly Default and Anonymous means when giving permission in Outlook and Exchange Online.
Specifically:
If I give Default owner rights to my inbox (as a user from outlook), does that mean that anyone in my organization (or beyond) has access to do whatever they want?
If I give Anonymous account owner rights to my inbox (as a user from outlook), does that mean that anyone in my organization (or beyond) has access to do whatever they want?
Also, trying to understand the difference between Default and Anonymous.
Does anyone have a good explanation or link about it?
Default = Default Permission set on that folder for authenticated users
Anonymous = Permission set for external, non-authenticated users
You don't want to change those defaults typically for a user mailbox.
If you were to set Default to Owner, any user in your org could, in theory, open your inbox and have full access to it.
Same with anonymous.
Its not common to delegate any folder but your calendar. Often, users set their calendar to Default Reviewer so anyone in the org can view it.
Delegates who need higher permissions are then added explicitly.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 55.00000000000001%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
IIs there a way to restore those profiles if accidentally deleted?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 67%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJS%3C/text%3E%3C/svg%3E)
Agree with what Andy said:
Default is for users that authenticated with the domain but don't have specific permission.
Anonymous is for users that not authenticated with the domain.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 39%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
These setting are awful security policy's, Microsoft does not allow you to remove the Default or Anonymous permission on an Exchange Online mailbox? Wow just WOW If Joe user wants to open his Inbox to the world I guess organizations can't stop them. No DLP no nothing. Corporate data exposed because Joe user opens it up to the world. I can't believe you can't control this as an admin or an organization. This is atrocious security.