I have an exchange server that I have full exchange admin rights on. I can do things like Exmerges and reconnect mailboxes exc.
There is another group in Active directory whos members need to manage that groups poeple.
I'm going to create a storage group with those groups users only and let that group manage it.
How can I do this and let them run Exmerge, Exchange Tasks, Mail Enable poeple and stuff while giving them the least permissions to do this job?
I was thinking of just applying permissions to that storage group or store? for that group and give sendas/receiveas permissions?
I beleive they also need to be local admins in order to successfully do an Exmerge and export PST's or whatever? In that case can they be local account operators or something very minimal that won't allow them to bang up the actual server or do things outside of ESM?