Microsoft Exchange Server 2007 Administrators Pocket Consultant Second Edition

In Exchange Management Console, you add a new Exchange administrator role to assign administrative permissions for the Exchange organization. The level of permissions you set is determined by the role you assign a particular user or group.

Understanding Administration Roles

Adding Exchange permissions lets you assign any of the following administrative roles to users and groups:

To view the currently assigned Exchange permissions for users and groups, you select the Organization Configuration node in the Exchange Management Console, as shown in Figure 10-5, or type get-exchangeadministrator at the Exchange Management Shell prompt.

Figure 10-5: View Exchange administrators by selecting the Organization Configuration node.

Adding Exchange Permissions to a User or Group

In Exchange Management Console, you can assign permissions to a user or group for administering the Exchange environment by completing the following steps:

  1. Right-click the Organization Configuration node, and then select Add Exchange Administrator. This starts the Add Exchange Administrator Wizard, as shown in Figure 10-6.

  2. On the Add Exchange Administrator page, click Browse to display the Select User Or Group dialog box.

  3. Select the user or group to which you want to assign permissions, and then click OK.

  4. Select the role to add using the options provided. If you are assigning the Exchange Server Administrator role, click Add. Use the Select Exchange Server dialog box to select the Exchange server on which to add permissions, and then click OK.

  5. Click Add, and then click Finish.

Figure 10-6: Use the Add Exchange Administrator Wizard to assign Exchange administrator permissions.

In Exchange Management Shell, you can assign Exchange permissions using the Add-ExchangeAdministrator cmdlet. Sample 10-1 provides the syntax and usage. You can set the –Role parameter to RecipientAdmin, ServerAdmin, ViewOnlyAdmin, or OrgAdmin.

Sample 10-1: Add-ExchangeAdministrator cmdlet syntax and usage

Syntax for Organization and Recipient Admins Add-ExchangeAdministrator -Identity 'UserOrGroupID' -Role 'Role' Usage Add-ExchangeAdministrator -Identity 'http://cpandl.com/Users/Arlene Huff' - Role 'RecipientAdmin' Syntax for Server Admins Add-ExchangeAdministrator -Identity 'UserOrGroupID' -Role 'ServerAdmin' -Scope 'Server' Usage Add-ExchangeAdministrator -Identity 'http://cpandl.com/Users/William Stanek' -Role 'ServerAdmin' -Scope 'CORPSVR127'

Removing Delegated Exchange Permissions

In Exchange Management Console, you can remove the administrator permissions you have assigned to a user or group by completing the following steps:

  1. Select the Organization Configuration node.

  2. Right-click the user or group for which you want to remove permissions, and then select Remove.

  3. When prompted to confirm, click Yes.

In Exchange Management Shell, you can remove Exchange permissions using the Remove-ExchangeAdministrator cmdlet. Sample 10-2 provides the syntax and usage. You can set the –Role parameter to RecipientAdmin, ServerAdmin, ViewOnlyAdmin, or OrgAdmin.

Sample 10-2: Remove-ExchangeAdministrator cmdlet syntax and usage

Syntax for Organization and Recipient Admins Remove-ExchangeAdministrator -Identity 'UserOrGroupID' -Role 'Role' Usage Remove-ExchangeAdministrator -Identity 'http://cpandl.com/Users/Arlene Huff' - Role 'RecipientAdmin' Syntax for Server Admins Remove-ExchangeAdministrator -Identity 'UserOrGroupID' -Role 'ServerAdmin' -Scope 'Server' Usage Remove-ExchangeAdministrator -Identity 'http://cpandl.com/Users/Arlene Huff' -Role 'ServerAdmin' -Scope 'CORPSVR127'

Категории