Freeing up Exchange / AD admins
We'd like our helpdesk to be able to Create Active directory users (AD Win2k12r2) and Exchange Mailboxes (Exchange 2013). Without giving them Domain Admin and total Exchange Admin permissions...
If it could be automated as much as possible great....
Any native software or 3rd party software that can help we'll take a look at.
We're trying to free up our AD/Exchange Admins from the basic user setups
If it could be automated as much as possible great....
Any native software or 3rd party software that can help we'll take a look at.
We're trying to free up our AD/Exchange Admins from the basic user setups
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Just add your helpdesk team to account operator and recipient management group in AD. That is enough rights to create, modify and remove user or mailbox. No Domain admin rights required.
If you use Delegate rights, then you need to give them on every OU, I try to avoid delegating rights. As you will not be freed and helpdesk will be calling you for right issue again and again.
If you use Delegate rights, then you need to give them on every OU, I try to avoid delegating rights. As you will not be freed and helpdesk will be calling you for right issue again and again.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hi how did you get on
ASKER
Thanks Experts! So sorry for the delay
Try this article and this article
Then depending on what version of windows your servers and desktops are running you may be able to give the users you want to be able to do this access via server manager installed on the desktop.