Solved

Add member to Exchange 2010 role group.

Posted on 2016-08-24
5
42 Views
Last Modified: 2016-08-26
Hello,

I need to grant an AD account full permission to admin our Exchange 2010 environment.  

I login to ECP>Admin Roles, and add this account to Administrative Management.  

Is this enough?  Will this account have permission to run powershell script to change things or admin our public folders?

Please advise.  

Thanks.
0
Comment
Question by:nav2567
  • 2
  • 2
5 Comments
 
LVL 13

Expert Comment

by:Michael Machie
ID: 41769046
Add:
Organization Management
Public Folder management
Records Management
Server management
Recipient Management
0
 
LVL 15

Expert Comment

by:Todd Nelson
ID: 41769400
nav2567,

You will only need to assign your user the Organization Management role group via ECP; or via ADUC.
0
 
LVL 13

Assisted Solution

by:Michael Machie
Michael Machie earned 100 total points
ID: 41769427
Hi,
To clarify, were you looking for a listing of ALL required permissions to grant to the User to manage your entire Exchange, as stated?
"I need to grant an AD account full permission to admin our Exchange 2010 environment."

-OR-

Are you looking to grant only enough permissions to perform the stated processes?:
"Is this enough?  Will this account have permission to run powershell script to change things or admin our public folders?"

If you want to accomplish:
"I need to grant an AD account full permission to admin our Exchange 2010 environment."
You will need all of them I listed. Without all of the listed permissions you will not be able to perform some functions an admin would need to do.
0
 
LVL 15

Accepted Solution

by:
Todd Nelson earned 400 total points
ID: 41769509
Role Group: Assigned Roles
Public Folder Management: Mail Enabled Public Folders, Public Folders
Records Management: Audit Logs, Journaling, Message Tracking, Retention Management, Transport Rules
Server Management: Database Copies, Databases. Exchange Connectors, Exchange Server Certificates, Exchange Servers, Exchange Virtual Directories, Monitoring, POP3 And IMAP4 Protocols, Receive Connectors, Transport Queues
Recipient Management: Distribution Groups, Mail Enabled Public Folders, Mail Recipient Creation, Mail Recipients, Message Tracking, Migration, Move Mailboxes, Recipient Policies

All the above are included in Organization Management...

Organization Management: Active Directory Permissions, Address Lists, Audit Logs, Cmdlet Extension Agents, Database Availability Groups, Database Copies, Databases, Disaster Recovery, Distribution Groups, Edge Subscriptions, E-Mail Address Policies, Exchange Connectors, Exchange Server Certificates, Exchange Servers, Exchange Virtual Directories, Federated Sharing, Information Rights Management, Journaling, Legal Hold, Mail Enabled Public Folders, Mail Recipient Creation, Mail Recipients, Mail Tips, Message Tracking, Migration, Monitoring, Move Mailboxes, Organization Client Access, Organization Configuration, Organization Transport Settings, POP3 And IMAP4 Protocols, Public Folder Replication, Public Folders, Receive Connectors, Recipient Policies, Remote and Accepted Domains, Retention Management, Role Management, Security Group Creation and Membership, Send Connectors, Transport Agents, Transport Hygiene, Transport Queues, Transport Rules, UM Mailboxes, UM Prompts, Unified Messaging, User Options, View-Only Audit Logs, View-Only Configuration, View-Only Recipients

Therefore, you will only need to assign your user Organization Management rights.
0
 

Author Closing Comment

by:nav2567
ID: 41771637
Thanks a lot, guys.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question