Solved

Add member to Exchange 2010 role group.

Posted on 2016-08-24
5
45 Views
Last Modified: 2016-08-26
Hello,

I need to grant an AD account full permission to admin our Exchange 2010 environment.  

I login to ECP>Admin Roles, and add this account to Administrative Management.  

Is this enough?  Will this account have permission to run powershell script to change things or admin our public folders?

Please advise.  

Thanks.
0
Comment
Question by:nav2567
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 13

Expert Comment

by:Michael Machie
ID: 41769046
Add:
Organization Management
Public Folder management
Records Management
Server management
Recipient Management
0
 
LVL 16

Expert Comment

by:Todd Nelson
ID: 41769400
nav2567,

You will only need to assign your user the Organization Management role group via ECP; or via ADUC.
0
 
LVL 13

Assisted Solution

by:Michael Machie
Michael Machie earned 100 total points
ID: 41769427
Hi,
To clarify, were you looking for a listing of ALL required permissions to grant to the User to manage your entire Exchange, as stated?
"I need to grant an AD account full permission to admin our Exchange 2010 environment."

-OR-

Are you looking to grant only enough permissions to perform the stated processes?:
"Is this enough?  Will this account have permission to run powershell script to change things or admin our public folders?"

If you want to accomplish:
"I need to grant an AD account full permission to admin our Exchange 2010 environment."
You will need all of them I listed. Without all of the listed permissions you will not be able to perform some functions an admin would need to do.
0
 
LVL 16

Accepted Solution

by:
Todd Nelson earned 400 total points
ID: 41769509
Role Group: Assigned Roles
Public Folder Management: Mail Enabled Public Folders, Public Folders
Records Management: Audit Logs, Journaling, Message Tracking, Retention Management, Transport Rules
Server Management: Database Copies, Databases. Exchange Connectors, Exchange Server Certificates, Exchange Servers, Exchange Virtual Directories, Monitoring, POP3 And IMAP4 Protocols, Receive Connectors, Transport Queues
Recipient Management: Distribution Groups, Mail Enabled Public Folders, Mail Recipient Creation, Mail Recipients, Message Tracking, Migration, Move Mailboxes, Recipient Policies

All the above are included in Organization Management...

Organization Management: Active Directory Permissions, Address Lists, Audit Logs, Cmdlet Extension Agents, Database Availability Groups, Database Copies, Databases, Disaster Recovery, Distribution Groups, Edge Subscriptions, E-Mail Address Policies, Exchange Connectors, Exchange Server Certificates, Exchange Servers, Exchange Virtual Directories, Federated Sharing, Information Rights Management, Journaling, Legal Hold, Mail Enabled Public Folders, Mail Recipient Creation, Mail Recipients, Mail Tips, Message Tracking, Migration, Monitoring, Move Mailboxes, Organization Client Access, Organization Configuration, Organization Transport Settings, POP3 And IMAP4 Protocols, Public Folder Replication, Public Folders, Receive Connectors, Recipient Policies, Remote and Accepted Domains, Retention Management, Role Management, Security Group Creation and Membership, Send Connectors, Transport Agents, Transport Hygiene, Transport Queues, Transport Rules, UM Mailboxes, UM Prompts, Unified Messaging, User Options, View-Only Audit Logs, View-Only Configuration, View-Only Recipients

Therefore, you will only need to assign your user Organization Management rights.
0
 

Author Closing Comment

by:nav2567
ID: 41771637
Thanks a lot, guys.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question