[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Exchnage 2010 Administrative access and rights control

Posted on 2013-01-18
7
Medium Priority
?
193 Views
Last Modified: 2014-08-16
hello all,
I have 2x Exchange DAG's within the same organisation in different AD sites.

We have a DAG in the UK consisting of 2x physical mailbox servers and 2x virtual CAS/HT boxes.
We have the same setup in the USA.

The USA has it's own small junior IT team. I wan't to give certain access privileges without the USA junior admins being able to do anything on the UK servers.

So far, I have used RBAC's to create helpdesk roles and the like. However, I need to give the USA admins the ability to manage their own databases only (not the UK ones). This is to carry out actions such as;

- Active/move a DB copy on a server whilst suspending it on another mbx host. take a server offline for maintenance whilst keeping all DB's up on the USA DAG.


How can I increase the USA admins Exchange access ensuring, that they cannot do anything on the UK- London DAG?
thanks, regards
0
Comment
Question by:UBB
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
7 Comments
 
LVL 44

Assisted Solution

by:Amit
Amit earned 700 total points
ID: 38794109
I don't see any such restriction option, as DB resides at Org level, and if you are giving Org level permission, it give rights at highest level.
0
 
LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 38794276
I second Amit as its a single level access and maybe what you can try out is give Object level access using ADISIEDIT

- Rancy
0
 

Author Comment

by:UBB
ID: 38795073
hello,
appreciate the feedback. Rancy, are you able to give me a few more details re ADSIEdit?

I don't realy like messing with that unless I know exactly what I am after and where to look.

What container should I be connecting to in ADSI to find this 'key'?
Which object is it I should be looking at?
What values should I be changing in Adsi?
thanks.
0
 
LVL 52

Accepted Solution

by:
Manpreet SIngh Khatra earned 700 total points
ID: 38795150
In ADSIEDIT you have to browse to the Servers container and on the properties of the specific Server object go to Security Tab and give the account Full control and wait

- Rancy
0
 

Author Comment

by:UBB
ID: 38798277
thanks
i will try that this week and get back.. probably wont be till wed/thurs.
regards
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you an Exchange administrator employed with an organization? And, have you encountered a corrupt Exchange database due to which you are not able to open its EDB file. This article will explain all the steps to repair corrupt Exchange database.
As much as Microsoft wants to kill off PST file support, just as they tried to do with public folders, there are still times when it is useful or downright necessary to export Exchange mailboxes to PST files. Thankfully, it is still possible to e…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question