locked
Impersonation RRS feed

  • Question

  • Hello all !

    I would like to configure impersonation to development needs. I'm using Exchange SP2 Rollup 4 x64.

    My users are in a global security group "group1", in an OU "ou1". I would like the user "master.user" can impersonate the members of group "group1"

    I'm trying the following: (with real values)

    New-ManagementScope -Name "scope1" -RecipientRestrictionFilter { MemberOfGroup -eq "CN=group1,OU=Groups,CN=contoso,CN=com" }

    New-ManagementRoleAssignment -Name "role1" -Role:ApplicationImpersonation -User:master.user -CustomRecipientWriteScope "scope1"

    But nothing, I get the unauthorized to impersonate error. It works when I use the filter LastName with one of the member, so, it's the MemberOfGroup condition which fails.

    I've also tried with New-ManagementScope -Name "scope1" -RecipientRestrictionFilter { MemberOfGroup -eq "OU=ou1,CN=contoso,CN=com" }

    Thanks by advance

    Wednesday, August 29, 2012 9:07 AM

Answers

  • Try changing your group to a universal security group.
    Wednesday, August 29, 2012 2:37 PM