Administrative permissions isolation in Exchange 2007
Hi All, I got an urgent request regarding administrative permissions isolation in Exchange 2007. We are planning to hand over the exchange services to the operation team. Full control will be given at the servers level, however, at the application level we want to give less privileges without compromising the service and losing the ownership of it. The questionis: is their any Microsoft best practices for such process with the limitations in Exchange 2007? I know that the permissions model in Exchange 2010 is improved, however, no plans to upgrade any sooner. Thanks in advance....
December 19th, 2011 2:03pm

hi, there are some predefined groups on your Active Directoryserver which delivers only the required previledges to specified users. Further information on this groups you will find here: http://technet.microsoft.com/en-us/library/dd335157.aspx If you don´t find your appropriate group in this case you have to configure your own using the RBAC feature. You are able to specifiy the commands a user is allowed to execute. If you need further information about configuring RBAC this may be a helpful resource: http://technet.microsoft.com/en-us/library/aa997244%28EXCHG.80%29.aspx regards Thomas Paetzold visit my blog on: http://sus42.wordpress.com
Free Windows Admin Tool Kit Click here and download it now
December 19th, 2011 3:21pm

Hi, could I help you or have you got any updates on this issue. If your question is answered it would be nice if you mark it accordingsly. This may help others with the same or a similar question.regards Thomas Paetzold visit my blog on: http://sus42.wordpress.com
December 20th, 2011 4:29pm

Thank you. That was helpful Raid,
Free Windows Admin Tool Kit Click here and download it now
December 21st, 2011 2:58am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics