When did having an Exchange Admin account become obsolete?

I am having a dispute within my company.  At one time (up through Exchange 2003 at least, I believe) it was necessary to have an Exchange Admin account (with the Exchange Full Administrator role) to perform certain tasks even for a small or medium business.  For example, when performing an Exchange migration from one server to another you might want to export mailboxes databases to PST files for later import back into a new Exchange server.  I believe there were other functions also where an Exchange Administrator or Full Administrator account were necessary even in a small  business and where a Domain Administrator account was insufficient.   (It may be true that in larger organizations Exchange Administrators are still necessary due to separation of duties on an IT staff.  But in a small business without any IT staff this is unlikely to be the case.)

I have been told that "at some point" in the past this ceased to be true and that Exchange Administrator accounts were no longer needed for such purposes (like Exchange migrations) because Microsoft made other tools available.   Therefore, the logic goes, we should delete or disable any Exchange Administrator accounts we or our small business clients still have in existence as they are not needed.

My question is if Exchange Administrator accounts are no longer routinely needed when EXACTLY did this become the case?  Did it happen when Exchange 2007 was introduced?  Or maybe Exchange 2010?  Or maybe at some other time when Microsoft introduced some additional tools to facilitate migrations?

Ideally I would like to be able to point to an official Microsoft publication (TechNet, blog article, whatever) as proof of the timeframe when Exchange Administrator accounts became not typically needed.

I am looking forward to some gurus being able to answer this question!
etcsAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Cliff GaliherCommented:
The answer is oddly "it depends." And is a matter of perspective.

2007 was the major rewrite and was needed to enable powershell management  which MS was huge on during that Vista/2008 era.

But the path wasn't really solid (like many things from MS between 2006-2008) until exchange 2010. 2010 was the first official version to have RBAC baked in end to end instead of ad-hoc. And would be what most people consider the replacement.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Cliff GaliherCommented:
As for proof  Google exchange RBAC. Plenty there.
Kevin StanushApplication DeveloperCommented:
What exactly do you mean by an "Exchange Administrator" account?  Active Directory accounts are assigned to groups, so there is the admin 'Domain Admins' group, and some operations require membership to the 'Enterprise Admins' group or the 'Organization Management' group.  These are builtin groups and I think when you install Exchange they will be assigned by default to the builtin administrator account, but can be granted to other accounts.
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

More Information
mbkitmgrCommented:
This talks towards the topic here at MS https://technet.microsoft.com/en-us/library/dd351175(v=exchg.160).aspx and refers to exchange 2016, but may point to others
etcsAuthor Commented:
Kevin Stanush, My apologies.  By "Exchange Administrator" I meant an account which had been assigned the Exchange permissions associated with the "Exchange Administrator" or "Exchange Full Administrator" roles circa Exchange 2003 as described in this TechNet article:  https://technet.microsoft.com/en-us/library/aa998982(v=exchg.65).aspx
Jeff GloverSr. Systems AdministratorCommented:
Exchange uses Role Groups to control who can do what. True, you do not need a dedicated "Administrator Account" to accomplish things but you definitely need to be a member of a Role Group. Even an Enterprise or Domain Admin cannot do a lot with Exchange unless they are a member of a role group. Although a lot can be done with Powershell, attempting it without proper Role Group Membership will just get you a log of Red text.
  Role groups also give you flexibility since, if the default ones do not meet your needs, you can create custom one.. You can also assign individual permissions (such as import/export mailboxes) to users.
etcsAuthor Commented:
Thanks all.  Pretty clearly the transition to RBAC is what made the old fashioned Exchange Administrator or Exchange Full Administrator level of permissions obsolete and apparently that became fully baked in Exchange 2010.   I guess the only question remaining is at what point (if ever) the old roles of "Exchange Administrator" or "Exchange Full Administrator" permission levels were deprecated completely in favor of the new RBAC roles.   Anybody know that?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.