Question: How To Allow Administrators To Create And Manage Mailboxes In Specific Database In Exchange Server 2010

Answer: In Exchange Server 2010 SP1 Microsoft enabled the option to limit administrators to create and manage users in specific databases.

This can be very powerful when you have administrators in other offices that you want to give them limited management scope.

In this Example we will create a Role Group Of users that have permission to create mailboxes in 2 mailbox databases.

The new Role Group is called: LA Admins

The Databases Called: LA Databases

And the OU scope is: Copmany.local/LA Office

AD LA Administrators Security Group: ADLAadminisGroup

Step 1:

We create the Databases Management Scope:

New-ManagementScope -Name “LA Databases” -DatabaseList “LADB01”, “LADB02”

Step 2:

We create the Role Group with the Database and OU scopes:

New-RoleGroup “LA Admins” -Roles “mail recipient creation”, “mail
recipients”, “User Options” ,”View-Only Recipients” -Customconfigwritescope “LA Databases” -RecipientOrganizationalUnitScope “Company.local/LA Office”

Step 3:

We add the LA Active directory users \ Groups to the Role Group.

Add-RoleGroupMember “LA Admins” -Member ADLAadminisGroup

If you follow all steps correctly this should work.


Posted

in

,

by