Import - Export Mailboxes

by Jaap Wesselius [Published on 23 Feb. 2010 / Last Updated on 23 Feb. 2010]

Taking a look at how to import and export mailboxes.


In Exchange 2003 and before there was a utility called Exmerge. With Exmerge you have the possibility to import and export mailboxes to .PST files. This is useful for interforest migrations, or for legal purposes. In the latter case the legal department can request a .PST file of a particular mailbox for investigation.

In Exchange Server 2007, Exmerge does not work anymore and the functionality is replaced by two cmdlets in the Exchange Management Shell:

  • Export-Mailbox
  • Import-Mailbox

By default, the Domain Administrators cannot use this since there’s an explicit ban by the Domain Admins group because of security reasons. The best way to use Import-Mailbox and Export-Mailbox is not to fiddle around with the Domain Admins group, but to create a separate user with sufficient permissions that can be used for exporting and importing data.

The first step is to create a new user in Active Directory, let’s call him ExAdmin. This user should be a member of the Domain Users group and NOT a member of the Domain Admins group. You can give this user a mailbox, but this is not really necessary.

The second step is to grant the ExAdmin user permissions on the Exchange Organization level. The minimum required permissions are the permissions that come with the “Exchange Server Administrator Role”. This way the ExAdmin user can manipulate only the Exchange Server to which the ExAdmin has been delegated permissions. Please note that the ExAdmin user needs to be a member of the Local Administrators Security Group on the particular Exchange server.

On the Exchange Server 2007 Server open the Exchange Management Console and select the Organization Configuration. In the Actions Pane select “Add Exchange Administrator”. In the wizard select the ExAdmin user, select the “Exchange Server Administrator Role” and add the appropriate Exchange server:

Figure 1: Add the ExAdmin user as an Exchange Server Administrator

Click Add followed by Finish to grant the ExAdmin user these permissions.

Figure 2: A warning message is shown saying that the ExAdmin users also needs to be a member of the local Administrators group

To give the ExAdmin user read access to all mailboxes for exporting purposes, the ExAdmin user needs the “Receive As” permissions on the Database where the particular mailbox resides. This way the ExAdmin user can access all mailboxes in that database, but cannot send messages out of a particular mailbox.

To give the ExAdmin user the “Receive As” permissions on the default Exchange Server 2007 Mailbox Database enter the following command in an Exchange Management Shell:

Add-ADPermission –Identity “First Storage Group\Mailbox Database” 
–UserExAdmin –ExtendedRights Receive-As

Change the name of the Database according to the Database name on your own Exchange server.

If you want to grant this permission to the ExAdmin user for all Mailbox Databases enter the following command in an Exchange Management Shell:

Get-MailboxDatabase | Add-ADPermission -User ExAdmin -ExtendedRights

Please be aware that the permissions are not available until the Information Store refreshes its cache, this can take up to 2 hours. To speed up the process, the Information Store service can be restarted, but this automatically means that all your databases will be dismounted and therefore unavailable to end users.


Now you can go to a management workstation with the Exchange Management Tools installed (32-bits!) and with Outlook installed. Login on the Management Server using the ExAdmin credentials, open an Exchange Management Shell and enter the following command:

Export-Mailbox –Identity J.Wesselius –PSTFolderPath c:\temp
The output of this command will be shown on your screen immediately:
[PS] C:\Windows\System32>export-mailbox -Identity j.wesselius -PSTFolderPath c:\temp –Confirm:$FALSE
Identity                         : labs.local/Accounts/Jaap Wesselius
DistinguishedName                : CN=Jaap Wesselius,OU=Accounts,DC=labs,
DisplayName                      : Jaap Wesselius
Alias                            : J.Wesselius
LegacyExchangeDN                 : /o=ExchangeLabs/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=J.Wesselius
PrimarySmtpAddress               :
SourceServer                     : X2007SRV.labs.local
SourceDatabase                   : X2007SRV\First Storage Group\Mailbox Database
MailboxSize                      : 17770KB
IsResourceMailbox                : False
TargetFolder                     :
PSTFilePath                      : c:\temp\J.Wesselius.pst
MoveType                         : ExportToPST
MoveStage                        : Completed
StartTime                        : 22-12-2009 13:34:54
EndTime                          : 22-12-2009 13:34:59
StatusCode                       : 0
StatusMessage                    : This mailbox has been exported to the PST file.
ReportFile                       : C:\Program Files\Microsoft\Exchange Server\Logging\MigrationLogs\export-Mailbox20091222-133448-8861463.xml
[PS] C:\Windows\System32>

And there’s your PST.


To import a .PST file in Exchange Server 2007 there’s the same permissions issue, members of the domain admins group cannot perform this task, so again the ExAdmin users will be used. For the import-mailbox to function correctly the ExAdmin user needs to be granted the Send-As permission. To grant this permission open the Exchange Management Shell and enter the following command:

Add-ADPermission –Database “First Storage Group\Mailbox Database” 
–UserExAdmin –ExtendedRightsSend-As

As with granting the Receive-As permission you have to be aware that this can take some time before the permissions are effective.

To import the .PST file into a user’s mailbox open the Exchange Management Shell and enter the following command:

Import-Mailbox –Identity J.Wesselius –PSTFolderPath c:\temp\J.Wesselius.pst

And there’s your data inside the Mailbox.

Exchange Server 2010

Changing the permissions with the Add-ADPermission command is prone to error, and difficult to troubleshoot. With Exchange Server 2010, Microsoft introduced the concept of Role Based Access Control or RBAC. With RBAC multiple roles are predefined, the only thing you have to do is add a particular member, in our example the ExAdmin user to a Role. It is also possible to create your own Roles and add members to this role.

To assign the “Mailbox Import Export” Role to a particular user open an Exchange Management Shell and enter the following command:

New-ManagementRoleAssignment –Role “Mailbox Import Export” –User “ExAdmin”

For the Import and Export to function properly Outlook needs to be installed on the (Management) server. The problem at the time of writing this article is that Outlook needs to be a 64-bit version (there’s no 32-bit version of Exchange Server 2010, not even the Management Tools!) and this automatically means Outlook 2010 which is currently in beta. Also, the (management) server needs to have the Mailbox Server Role installed, but there’s no need to have a Mailbox Database mounted.

To export a mailbox to a .PST file open an Exchange 2010 Management Shell and enter the following command:

Export-Mailbox –Identity J.Wesselius –PSTFolderPath c:\temp

The mailbox content will now be exported:

Figure 3

To import a .PST file into a mailbox enter the following command:

Import-Mailbox –Identity J.Wesselius –PSTFilePath c:\temp\j.wesselius.pst

Figure 4

And there are the mailbox contents!

See Also

The Author — Jaap Wesselius

Jaap Wesselius avatar

Jaap Wesselius is a senior consultant in The Netherlands, working for DM Consultants, a Microsoft Gold Partner with a strong focus on Messaging and Collaboration solutions.


Featured Links