Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.
Solved
organisation management 2013
Posted on 2015-02-17
In relation to the group/role "organisation management" in exch2013, what permissions does this give the user, and what types of user typically require this permission? Or put another way, what could a malicious user do to your exchange environment if they got hold of an account with organisation management permissions.
I am reviewing security permissions and noticed generally the whole IT section (25+ employees) have been added organisation permissions - but I need to determine if this is common, or if you have only a few trusted users with organisation management permissions - and if so for what tasks do they require such access.
I am reviewing security permissions and noticed generally the whole IT section (25+ employees) have been added organisation permissions - but I need to determine if this is common, or if you have only a few trusted users with organisation management permissions - and if so for what tasks do they require such access.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2 Comments
Active 3 days ago
Org Management, is the top level administrative Group for Exchange 2013 (think of it as a domain admin account for an AD Domain). Users/Group that are associated with this built-in group have access to perform any administrative task in your Exchange Organization. If you have Users that are not Exchange Admins in your environment I would not have them part of this group.
Take a look at the technet below which explains Org Management Group in more detail.
https://technet.microsoft.com/en-us/library/dd335087%28v=exchg.150%29.aspx
Will.
Take a look at the technet below which explains Org Management Group in more detail.
https://technet.microsoft.com/en-us/library/dd335087%28v=exchg.150%29.aspx
Will.
I am reviewing security permissions and noticed generally the whole IT section (25+ employees) have been added organisation permissionsThat's way too many people. As Will has outlined above, the Organization Management group has almost complete access to your Exchange environment so only add the users that need to be in this group. For all others I would look at creating some custom RBAC roles and applying only the required access to these roles.
Start off here first to get a better understanding of the RBAC model in Exchange: https://technet.microsoft.com/en-us/library/dd298183(v=exchg.150).aspx
This article walks you through the process of creating a custom RBAC role group and adding specific permissions to this group so as to limit what users can do. Note that this is a four-part article: http://www.msexchange.org/articles-tutorials/exchange-server-2013/management-administration/rbac-made-easy-part1.html
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
One-stop solution for Exchange Administrators to address all MS Exchange Server issues, which is known by the name of Stellar Exchange Toolkit.
- Software-Other
- Exchange
- Email Servers
- Email Software
- Exchange 2007
- *Exchange Server 2010
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center.
Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center.
Navigate to the Organization >> Ad…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center.
Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center.
Navigate to the Mail Flow >> Rules tab.: To cr…
Suggested Courses
Course of the Month6 days, 5 hours left to enroll
688 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.