Exchange 2007 Administrative Roles

Categories
- Active Directory
- Antivirus
- Apple
- Backup Exec
- BES Server
- Black Berry
- BlackBerry Device
- Bluecoat
- Browsers
- ESX Server
- Excahnge 2000
- Excahnge 2003
- Excahnge 2007
- Exchange 2010
- Firefox
- Google
- Google Desktop
- GPO
- Guides
- HP
- Hyper-V
- Interview
- Iphone
- IT Humor
- Malicious Software
- Microsoft
- NetApp
- News
- Office 2007
- Other
- Outlook 2002 XP
- Outlook 2003
- Outlook 2007
- Scripts
- Security
- Server 2003
- Server 2008
- Server Blades
- SMBR
- Sox
- Spyware
- storage
- Symantec
- System Center
- Technology News
- Tools
- Trend Micro
- Videos
- Virtualization
- Virus
- Visio
- Vista
- VMware
- VPN
- Windows 7
- Windows XP
- WSUS
I Like
- Web Hosting Ratings

Exchange 2007 Administrative Roles

Posted on November 29th, 2008 in Excahnge 2007, Microsoft by Gil Kreslavsky

Exchange View Only Administrator – Gives users or groups the ability to view the Exchange organization and server configuration. Mailbox administrators required this role in order to
enumerate Exchange server names, storage groups, and mailbox store
names.
Exchange Administrator – Gives users or groups the ability to manage (create/change/delete)
Exchange objects at either the organization level or within a specific
administrative group, depending on where the role was delegated.
Exchange Full Administrator – Gives users or groups all of the permissions that an Exchange
Administrator has but also the ability to change permissions on objects.

The Exchange View-Only Administrators
role allows an administrator to view the Exchange configuration, but they cannot make any changes.
The Exchange Recipient Administrator role has the permissions to modify Exchange-related
properties of mail-enabled objects such as users, contacts, and groups. This information would
include information such as e-mail addresses, home server, Client Access server, and Unified
Messaging. This permission includes only read and write permissions to Exchange properties
for objects found in the Users container in each domain in which the Exchange 2007 Prepare-
Domain process has been run. For additional management permissions, an administrator
would have to be delegated Active Directory permissions to manage objects in an OU, given
membership in the Account Operators group, or be a member of Domain Admins. If a user or
group is delegated the Exchange Recipient Administrators, that user or group will have these
permissions for the entire organization.

The Exchange Public Folder Administrator role provides permissions to manage the public
folder hierarchy and public folder properties. This permission is new to Exchange 2007 Service
Pack 1.

The Exchange Server Administrator role can be delegated permissions to one or more
individual Exchange 2007 servers regardless of the roles that server maintains. Someone with
these permissions can manage any configuration data for that particular server, has the
Exchange View Only Administrators role, and will be made a member of the computer’s local
Administrators group. This role allows medium and large organizations to delegate
permissions for Exchange management more precisely.

Exchange Organization Administrator role provides the permissions necessary to
manage the organization wide properties of Exchange 2007 including connectors, accepted
e-mail domains, transport rules, Unified Messaging properties, ActiveSync policies, managed
folders, messaging records management policies, and managing global settings. This role is by
far the most powerful of the five Exchange 2007 roles.

www.kreslavsky.com

Categories

I Like

Recent Comments

Archives

Exchange 2007 Administrative Roles

Related Articles

Post a comment