Migrating Mail Delegates in M365

The option ‘Migrate Account Delegates’ in Microsoft Office 365 destination Advanced Settings has been updated and is now off by default. When turned on, the following mail delegate types will be migrated for the selected users. 

Delegate Types:

  • Send As - Allows sending emails from another mailbox  
  • Send on Behalf - Allows sending emails on behalf of another mailbox 
  • Full Access - Allows modifying content and reading email from another mailbox 

Mail delegates must be migrated as part of a delta migration, as they will fail to import if the delegate user does not exist in the destination domain. In order to carry out domain and username replacements for mail delegates, each user that is to be granted delegate access must be included in the migration. Alternatively, an address replacement csv can be provided to map the delegate users. Destination users must also have relevant licences applied so that they have a valid mailbox. 

Azure AD App Setup

The Azure AD Apps used for both export and import need to have the ‘Exchange.ManageAsApp’ API and the ‘Full_access_as_app’ API application level permission. 

The role ‘Exchange Administrator’ must also be granted to the Azure AD Apps.

The ‘Create Azure AD App’ option will generate an app with the above permissions included automatically for you.

How we migrate this information

Powershell is used to migrate mail delegates and to do so a remote session will be established with both the source and destination domains at the start of the migration. This session is used to execute Powershell commands and once the migration is complete, the sessions will be closed. 

How we report on mail delegates

Each individual delegate user that is migrated is recorded as an ‘Other’ type migration item. 

Was this article helpful?
0 out of 0 found this helpful