Solved

Add member to Exchange 2010 role group.

Posted on 2016-08-24
5
34 Views
Last Modified: 2016-08-26
Hello,

I need to grant an AD account full permission to admin our Exchange 2010 environment.  

I login to ECP>Admin Roles, and add this account to Administrative Management.  

Is this enough?  Will this account have permission to run powershell script to change things or admin our public folders?

Please advise.  

Thanks.
0
Comment
Question by:nav2567
  • 2
  • 2
5 Comments
 
LVL 13

Expert Comment

by:Michael Machie
Comment Utility
Add:
Organization Management
Public Folder management
Records Management
Server management
Recipient Management
0
 
LVL 14

Expert Comment

by:Todd Nelson
Comment Utility
nav2567,

You will only need to assign your user the Organization Management role group via ECP; or via ADUC.
0
 
LVL 13

Assisted Solution

by:Michael Machie
Michael Machie earned 100 total points
Comment Utility
Hi,
To clarify, were you looking for a listing of ALL required permissions to grant to the User to manage your entire Exchange, as stated?
"I need to grant an AD account full permission to admin our Exchange 2010 environment."

-OR-

Are you looking to grant only enough permissions to perform the stated processes?:
"Is this enough?  Will this account have permission to run powershell script to change things or admin our public folders?"

If you want to accomplish:
"I need to grant an AD account full permission to admin our Exchange 2010 environment."
You will need all of them I listed. Without all of the listed permissions you will not be able to perform some functions an admin would need to do.
0
 
LVL 14

Accepted Solution

by:
Todd Nelson earned 400 total points
Comment Utility
Role Group: Assigned Roles
Public Folder Management: Mail Enabled Public Folders, Public Folders
Records Management: Audit Logs, Journaling, Message Tracking, Retention Management, Transport Rules
Server Management: Database Copies, Databases. Exchange Connectors, Exchange Server Certificates, Exchange Servers, Exchange Virtual Directories, Monitoring, POP3 And IMAP4 Protocols, Receive Connectors, Transport Queues
Recipient Management: Distribution Groups, Mail Enabled Public Folders, Mail Recipient Creation, Mail Recipients, Message Tracking, Migration, Move Mailboxes, Recipient Policies

All the above are included in Organization Management...

Organization Management: Active Directory Permissions, Address Lists, Audit Logs, Cmdlet Extension Agents, Database Availability Groups, Database Copies, Databases, Disaster Recovery, Distribution Groups, Edge Subscriptions, E-Mail Address Policies, Exchange Connectors, Exchange Server Certificates, Exchange Servers, Exchange Virtual Directories, Federated Sharing, Information Rights Management, Journaling, Legal Hold, Mail Enabled Public Folders, Mail Recipient Creation, Mail Recipients, Mail Tips, Message Tracking, Migration, Monitoring, Move Mailboxes, Organization Client Access, Organization Configuration, Organization Transport Settings, POP3 And IMAP4 Protocols, Public Folder Replication, Public Folders, Receive Connectors, Recipient Policies, Remote and Accepted Domains, Retention Management, Role Management, Security Group Creation and Membership, Send Connectors, Transport Agents, Transport Hygiene, Transport Queues, Transport Rules, UM Mailboxes, UM Prompts, Unified Messaging, User Options, View-Only Audit Logs, View-Only Configuration, View-Only Recipients

Therefore, you will only need to assign your user Organization Management rights.
0
 

Author Closing Comment

by:nav2567
Comment Utility
Thanks a lot, guys.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

"Migrate" an SMTP relay receive connector to a new server using info from an old server.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now