Environment
NetIQ Directory and Resource Administrator 9.1.0
NetIQ Directory and Resource Administrator 9.1.1.0
NetIQ Directory and Resource Administrator 9.1.1.1
Situation
How to grant DRA Security over Shared Mailbox Objects
What DRA Roles and powers are needed to manage shared mailbox objects within DRA
How to grant DRA Admins the ability to see Shared Mailboxes within DRA
Resolution
In order for a DRA Assistant Admin to see the AD user and its Exchange Shared Mailbox, the AA must have DRA powers over shared mailbox objects. This will require you to modify an existing active view, or create a new active view. The Active View will need to include the powers associated with shared mailboxes. These powers must cover either all objects or shared mailbox objects within the scope of the Active View.
Cause
When DRA is used to manage special mailbox types, powers must be applied to cover those object types. If the target object type of an operation is not covered by an existing active view rule, the operation will not be permitted. In the case of special mailbox types, those object types must be defined in an Active View rule.
Additional Information
Shared Mailbox object types were new to DRA 9.1.x. Resource mailbox types were introduced within DRA 8.7. DRA does not manage special Office 365 Online mailbox types as their own object type. DRA will only manage the user account associated with the mailbox.