Delegation rights for only Exchange server management
-
2. května 2012 19:28
Hi. We have SBS 2011 server.
Now I have to delegate to one employee, that he can manage only Exchange:
create\modify\delete users mailbox, distribution group.
Delegating rights for create users accounts i make via ADUC.
Which correct groups i can use for my task?
Thanks!
Všechny reakce
-
2. května 2012 19:35Moderátor
I would look at Recipient Management and see if that meets your needs
- Navržen jako odpověď Rhoderick Milne [MSFT]Microsoft Employee 2. května 2012 23:07
- Zrušeno navržení jako odpověď Anahaym 3. května 2012 10:03
- Označen jako odpověď Anahaym 3. května 2012 17:37
-
2. května 2012 19:35Recipient Management would be the one.
Sukh
- Navržen jako odpověď Rhoderick Milne [MSFT]Microsoft Employee 2. května 2012 23:07
- Zrušeno navržení jako odpověď Anahaym 3. května 2012 10:03
-
3. května 2012 5:47Moderátor
Hi Alex,
More information:
http://technet.microsoft.com/en-us/library/dd298028.aspx
Thanks.
Rowen
TechNet Community Support
-
3. května 2012 8:25I added account in this group. But then user try opening EMC - UAC ask administrative password, but user is only Domain user.
- Upravený Anahaym 3. května 2012 8:25
-
3. května 2012 9:44Add to local admin group and try again.
Sukh
-
3. května 2012 9:49
Add to local admin group and try again.
Hi. We have SBS 2011 server.
We have Small Business Server
User should not have Domain Admins rights.
-
3. května 2012 11:06Moderátor
Add to local admin group and try again.
Hi. We have SBS 2011 server.
We have Small Business Server
User should not have Domain Admins rights.
Nor should they be allowed to logon directly to the Server if that is what they are doing.
Install the Exchange 2010 Management tools only to their workstation if they have 64-bit or to a "tools" server that they can logon to interactively instead.
P.S. They can also use ECP via OWA.
- Upravený Andy D-MVP, Moderator 3. května 2012 11:10
-
3. května 2012 11:14
Alternative is to use a management PC. Install the tools on there.
Sukh
-
3. května 2012 11:33
EMC installed in my PC. But SBS 2011 - is not our network - it is colocation server... And we do not have extarnal firewall. Use only Windows Firewall. And use only OWA / Outlook Anywhere / ActiveSync
When i try connect i have error:
and in ECP i can't found there is i can change delivery options.
Windows Firewall have this rules:
HTTP
HTTPS
MSExchangeIS
MSExchangeSA
Windows Server Update Services (HTTP)
Windows Server Update Services (HTTPS)
Active Directory Domain Controller - Echo Request (ICMPv4-In) Active Directory Domain Services
Active Directory Domain Controller - Echo Request (ICMPv6-In) Active Directory Domain Services
Core Networking - Destination Unreachable Fragmentation Needed (ICMPv4-In) Core Networking
Core Networking - Internet Group Management Protocol (IGMP-In) Core Networking
Core Networking - IPHTTPS (TCP-In) Core Networking
DNS (TCP, Incoming) DNS Service
DNS (UDP, Incoming) DNS Service
File and Printer Sharing (Echo Request - ICMPv4-In) File and Printer Sharing
File and Printer Sharing (Echo Request - ICMPv6-In) File and Printer Sharing
File and Printer Sharing (Echo Request - ICMPv6-In) File and Printer Sharing
File and Printer Sharing (LLMNR-UDP-In) File and Printer Sharing
File and Printer Sharing (LLMNR-UDP-In) File and Printer Sharing
File and Printer Sharing (NB-Datagram-In) File and Printer
File and Printer Sharing (NB-Datagram-In) File and Printer
File and Printer Sharing (NB-Name-In) File and Printer Sharing
File and Printer Sharing (NB-Name-In) File and Printer Sharing
File and Printer Sharing (NB-Session-In) File and Printer Sharing
File and Printer Sharing (NB-Session-In) File and Printer Sharing
File and Printer Sharing (SMB-In) File and Printer Sharing
File and Printer Sharing (SMB-In) File and Printer Sharing
File and Printer Sharing (Spooler Service - RPC) File and Printer Sharing
File and Printer Sharing (Spooler Service - RPC) File and Printer Sharing
File and Printer Sharing (Spooler Service - RPC-EPMAP) File and Printer Sharing
File and Printer Sharing (Spooler Service - RPC-EPMAP) File and Printer Sharing
MSExchange - IMAP4 (GFW) (TCP-In) Microsoft Exchange Server
MSExchange - OWA (GFW) (TCP-In) Microsoft Exchange Server
MSExchange - POP3 (GFW) (TCP-In) Microsoft Exchange Server
MSExchangeIMAP4 (TCP-In) Microsoft Exchange Server
MSExchangeOWAAppPool (TCP-In) Microsoft Exchange Server
MSExchangePOP3 (TCP-In) Microsoft Exchange Server
MSExchangeTransportWorker (GFW) (TCP-In) Microsoft Exchange Server
MSExchangeTransportWorker (TCP-In) Microsoft Exchange Server
Remote Assistance (DCOM-In) Remote Assistance
Remote Assistance (PNRP-In) Remote Assistance
Remote Assistance (RA Server TCP-In) Remote Assistance
Remote Assistance (SSDP TCP-In) Remote Assistance
Remote Assistance (SSDP UDP-In) Remote Assistance
Remote Assistance (TCP-In) Remote Assistance
Secure Socket Tunneling Protocol (SSTP-In)
World Wide Web Services (HTTPS Traffic-In)
World Wide Web Services (HTTP Traffic-In)
-
3. května 2012 13:18Moderátor
I think you are going to have to contact the network folks at the colo site on the best way to make this work for you.
-
3. května 2012 13:25
it is our server. in provider site nobody have access to server.
Now i disabled Firewall - it is not helped me...
-
3. května 2012 17:39
http://support.microsoft.com/kb/2028305/
Enable Basic Authentication virtual folder "powershell" helped me.
.png)
