Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

O365 Permissions = EAS Device Quarantine Question

Posted on 2014-02-25
2
1,085 Views
Last Modified: 2014-03-12
We are wanting to allow our local helpdesk technicians at each of our sites to have the ability to look at users ActiveSync devices thru the O365 tenant portal. By default we quarantine all EAS devices and manually allow/block or delete device access requests.

These users don't have any admin access on the tenant. As mentioned, we JUST want them to have permission to quarantine/unquarantine user devices via the web interface as they wouldn't have powershell access. They shouldn't have access edit any mailbox features other that the mobile devices for users.

How is this managed? Please provide as granular details as possible and perhaps specific how to's.

I assume a new Role and permissions would required? Then users of the local helpdesk be added?

Thanks in advance.
0
Comment
Question by:GCTTechs
2 Comments
 
LVL 40

Assisted Solution

by:Vasil Michev (MVP)
Vasil Michev (MVP) earned 250 total points
ID: 39885261
You can use the Exchange RBAC. If you want them to ONLY have access to allow/block devices, you can create a custom Role  the cmdlet you need is "Set-CasMailbox" cmdlet.

Here are some articles to get you started:

http://technet.microsoft.com/en-us/library/dd298183(v=exchg.150).aspx

http://technet.microsoft.com/en-us/library/dd298043.aspx

And here is a suitable example that will work in your case:

http://blogs.technet.com/b/exchange/archive/2012/09/12/rbac-walkthrough-of-creating-a-role-that-can-wipe-activesync-devices.aspx
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 250 total points
ID: 39886026
In order to manage quarantined devices, they must be assigned the "Organization Client Access" administrator role as well as one of the following:

View-Only Recipients
User Options
or
Mail Recipients

Full documentation about this is here:
http://help.outlook.com/en-us/140/Ff969895.aspx

Jeff
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is my first article on Expert Exchange on the Manual Method of Exporting Office 365 Mailboxes to PST format by using the eDiscovery mechanism of Office. Hope you will enjoy the article.
This Experts Exchange lesson shows how to use VBA to loop through rows in Excel.  In order to sort, filter, and use database features, there needs to be a value in each column for every row. When data arrives with values missing, code to copy values…
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question