Friday, April 27, 2012 2:39 PM
I am running Exchange 2010 SP1. I would like to give my help desk the ability to create new mailboxes. When a new mailbox is created, we select the option to assign a Retention policy to it. I added the help desk members to the "Recipient Management" group. They can now create new mailboxes but they get an access denied error when they select a retention policy to be assigned to it. As a member of the "Organization Management" group, I am able to assign retention policies to new mailboxes.
With the RBAC editor, I created a custom management role group called "Mailbox Management" based on the "Recipient Management" group and added the "Retention Management" role to the group. I believe this will give them the permissions to apply retention policies to new mailboxes but it also gives them the permissions to create/modify/delete retention policies themselves. I only want to give them the rights to add mailboxes to retention policies.
I assume I need to create a custom management role and assign this new role to my new management role group but can someone tell me the minimum role entries I need for my help desk to be able to assign rentention policies during the mailbox creation wizard process?
- Changed Type Simon_WuMicrosoft Contingent Staff, Moderator Friday, May 04, 2012 10:51 AM na
Monday, May 07, 2012 3:41 AMHi Steve,
Due to you post the issue in a wrong type, and we changed the type to give you a suggestion.
Please refer to below information:
The permissions required to configure messaging policy and compliance vary depending on the procedure being performed or the cmdlet you want to run. For more information about messaging policy and compliance, see Messaging Policy and Compliance, refer to above article you could find out what permissions you need to perform the procedure or run the cmdlet, then you coudl create a roleassignment for the customized role group.
TechNet Community Support
- Edited by Gavin-Zhang Monday, May 07, 2012 3:42 AM