Solved

Create Accounts and Mailboxes only

Posted on 2010-11-18
2
655 Views
Last Modified: 2012-05-10
Windows 2003 / Exchange 2003 environment.  Need to figure out if there is a way to allow our Help Desk the ability to create account and mailbox only.  We do not want them to have the ability to read everyone's emails, delete accounts.  Is this possible?  Not sure what permissions are required.
0
Comment
Question by:ajruiz
2 Comments
 
LVL 23

Expert Comment

by:Stelian Stan
ID: 34166478
Select your Users OU or the specific OU you have the users > Right click on that OU > Delegate Control > Add all the users you want to give them permissions to create User Account > Check (Create, delete, and manage user accounts) > Next and Finish
0
 
LVL 12

Accepted Solution

by:
Rant32 earned 500 total points
ID: 34167356
Use the Delegate Control wizard to assign at least the 'Create user' common task to the Helpdesk group.

The Helpdesk group should also be a View Only Exchange Administrator. They need to be able to list the AGs and servers in the organization to assign the mailbox server. Use the Exchange Administrator to delegate View Only Administrator rights at the Organization or the Administrative Group, depending on the scope.

If your helpdesk uses AD Users & Computers to create accounts, then the Exchange management tools should be installed on the computer they run it on. These tools are not compatible with Outlook and should ideally not be installed on the same computer (I believe you even have to un-install Outlook to install the Exchange management tools and Outlook will nag about it afterwards).
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SCCM Active Directory Audit functions 2 27
Cannot access RDP (AD 2012) 6 46
AD account Auto logoff 1 35
Filter query to exclude users from one group in LDAP 8 20
In-place Upgrading Dirsync to Azure AD Connect
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

713 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question