In the interest of saving money and manpower, we have decided to host exchange services at a central database for our corporate and remote offices. I have built, validated, tested and entered production with a CCR cluster housing 13 storage groups, all pointing SCR to a DR site in another state. It's all working flawlessly. I am wondering, however, if it is possible to allow remote site administrators the ability to administer one of the storage groups on the server without compromising the other SG's. permissions delegation only allows delegation for the entire server out of the box (at least from what I can see anyway). Has anyone encountered a way to use ADSIedit to provide necessary permissions to an AD security necessary for its members to manage only a storage group and not manage the server in its entirety?

Hi, Would you please let me know your requirement more detailed? Whether you would you like to have the remote site admin has ability to configure storage limit or other mailbox database settings belongs to specific storage group?If yes, I think that you can go to the Storage Group object by using Adsiedit.msc and grant Full Access Control permission. In addition, you also need to add the remote site admin into Exchange View-Only Administrators group. Nevertheless, if you have further requirements, you need to add further permissions. Thanks,Mike

Since you want to restrict access per SG and CCR only allows one DB per SG there is a simple solution to this. 1. Grant the user Exchange View Only Admin rights. 2. Using ADSI.edit open the configuration container in active directory browse down to services --> microsoft exchange --> (Exchange Org) --> Administrative Groups --> (E2K7 Admin Group) --> Servers --> InformationStore --> Storage Group. Go to the properites of the database object and click on security tab. You can give the user Administer Information Store rights which will allow them to control that information store.Sr. Exchange Engineer - Constellation Energy