annayeg
asked on
Restricting domain admins group from having full mailbox permissions
Hi all,
I have been tasked to restrict the domain admins group from having full mailbox permissions on all the mailboxes. We do not have different accounts for domain admins. My concern is if I restrict them from having full mailbox permissions it will also restrict them from their mailbox and it will break their outlook, bb, iphone, ipad, etc.
Does anyone have any suggestions on how to get this done without breaking anything. We have Exchange 2007 sp3, Active Direcotry 2003.
Thanks
I have been tasked to restrict the domain admins group from having full mailbox permissions on all the mailboxes. We do not have different accounts for domain admins. My concern is if I restrict them from having full mailbox permissions it will also restrict them from their mailbox and it will break their outlook, bb, iphone, ipad, etc.
Does anyone have any suggestions on how to get this done without breaking anything. We have Exchange 2007 sp3, Active Direcotry 2003.
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Joseph Moody
You can't actually restricted admins from anything. You would be best to demote their permissions.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
How do I find out how the permissions were given? Is there any powershell commands I can run?
Powershell?? Ya' know,...there was life before Powershell?,...there was even life before Netsh.
The permissions were set right in the Exchange MMC,...at least it was in Exchange2003
The permissions were set right in the Exchange MMC,...at least it was in Exchange2003
ASKER
So, is there a way for me to find out how these permissions were set?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.