• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 679
  • Last Modified:

Exchange 2010 Impersonation Account Permissions

I have configured the Scope and Account for the Impersonation Account, I now need to grant permissions for multiple users to use the Impersonation Account to access the target Application. How do I do this?
  • 2
  • 2
1 Solution
BusbarSolutions ArchitectCommented:
Use these commands:
1- Command to create a new role called AppEWSImpersonationRole:
New-ManagementRole -Name AppEWSImpersonationRole -Parent ApplicationImpersonation

2- Command to assign a user to AppEWSImpersonationRoleAssignment:
New-ManagementRoleAssignment -Role AppEWSImpersonationRole -User Username AppEWSImpersonationRoleAssignment

you can use get-mailbox with the second command to assign it to multiple users.
CTCRMInfrastructure EngineerAuthor Commented:
I have created the Scope (New-ManagementScope -Name:Impersonationscope)

Then run (RecipientRestrictionFilter: Name -eq "Mailbox"), not sure what this line does but Impersonation Scope is set with the above filter.

Now to assign an account as the Impersonation Account I ran the following:
(New-ManagementRoleAssignment -Name:NewCRMAccess -Role:ApplicationImpersonation -User: crmexaccess -CustomRecipientWriteScope: Impersonationscope)

With this I now have the scope and account set and just want to assign 3 AD user accounts to use the above Impersonation Account to access CRM Application.

Can you provide the full PS command from the prompt on Exchange that would add User1, User2, and User3 please. Apologies for asking, I'm new to Power Shell.
BusbarSolutions ArchitectCommented:
the command already posted:

New-ManagementRoleAssignment -Role AppEWSImpersonationRole -User user1 AppEWSImpersonationRoleAssignment

New-ManagementRoleAssignment -Role AppEWSImpersonationRole -User user2 AppEWSImpersonationRoleAssignment

New-ManagementRoleAssignment -Role AppEWSImpersonationRole -User user3 AppEWSImpersonationRoleAssignment
CTCRMInfrastructure EngineerAuthor Commented:
Thanks for the support, this solution worked.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now