Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Create Accounts and Mailboxes only

Posted on 2010-11-18
2
Medium Priority
?
661 Views
Last Modified: 2012-05-10
Windows 2003 / Exchange 2003 environment.  Need to figure out if there is a way to allow our Help Desk the ability to create account and mailbox only.  We do not want them to have the ability to read everyone's emails, delete accounts.  Is this possible?  Not sure what permissions are required.
0
Comment
Question by:ajruiz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 23

Expert Comment

by:Stelian Stan
ID: 34166478
Select your Users OU or the specific OU you have the users > Right click on that OU > Delegate Control > Add all the users you want to give them permissions to create User Account > Check (Create, delete, and manage user accounts) > Next and Finish
0
 
LVL 12

Accepted Solution

by:
Rant32 earned 2000 total points
ID: 34167356
Use the Delegate Control wizard to assign at least the 'Create user' common task to the Helpdesk group.

The Helpdesk group should also be a View Only Exchange Administrator. They need to be able to list the AGs and servers in the organization to assign the mailbox server. Use the Exchange Administrator to delegate View Only Administrator rights at the Organization or the Administrative Group, depending on the scope.

If your helpdesk uses AD Users & Computers to create accounts, then the Exchange management tools should be installed on the computer they run it on. These tools are not compatible with Outlook and should ideally not be installed on the same computer (I believe you even have to un-install Outlook to install the Exchange management tools and Outlook will nag about it afterwards).
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question