Exchange 2010 Management effect.

Posted on 2011-10-06
Last Modified: 2012-08-13
I'm trying to create a management scope for Exchange 2010 SP1 to allow some users in my organizations to manage mailboxes, DLs, etc... I need to apply the management scope to only allow them to see a specific subset of users (contained in a group). I've used the following powershell command:

Set-ManagementScope –Name "XYZManagers"  –RecipientRestrictionFilter {memberofgroup -eq "domain.local/ou/etc..."}

The command takes successfully. I assign the management scope to the Role Group's "Write Scope" (the user is assigned to the Role Group). However, when logging on, the user can still see all the email accounts in the organization, unfiltered.

Please let me know what I'm doing wrong here - thanks!!
Question by:jmichaelpalermo4
    LVL 26

    Expert Comment

    IMO, after the scope, still the user can see other DL, but will be blocked from writing\modifying the DLs

    One of the nice example is available @:
    LVL 26

    Expert Comment

    The error message (similar one -- "Test the configuration: (point #4))" is also available in this URL
    LVL 3

    Accepted Solution

    Thans e_aravind -

    This article doesn't apply to our situation. I just spoke to a Exchange master who said it's not possible to restrict the readscope using RBAC, just the writescope.
    LVL 3

    Author Closing Comment

    Not possible

    Featured Post

    Are your corporate email signatures appalling?

    Is it scary how unprofessional your email signatures look? Do users create their own terrible designs and give themselves stupid job titles? You can make this a lot easier for yourself by choosing an email signature management solution from Exclaimer today.

    Join & Write a Comment

    ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
    Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
    In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now