Remove From My Forums

Delegate Managing Send As Permissions in Exchange 2010’s RBAC

Question
0

Sign in to vote

Hi,

I’m having difficulty with Exchange 2010’s RBAC.

I’ve created a group called Exchange Recipient Management and added to the Recipient Management role group. The members of Exchange Recipient Management can now do everything they need to with the exception of managing send as permissions. Members of this group also have full permissions on the AD user objects they should be managing.

I’ve read http://technet.microsoft.com/en-us/library/dd638132.aspx and noted under Recipient Provisioning Permissions the feature ‘send as’ requires Recipient Management permissions, so it should just work right?

The send as option doesn’t appear as an option so I can only assume either the documentation is wrong or they also need to be in Organization Management (which scares me!)

What have I missed?

Kind Regards,

John

Monday, August 23, 2010 9:44 AM

Answers

8

Sign in to vote
I solved it!

I need to add "Active Directory Permissions" to the role group, I created a new group to save modifying the default one. I've copied the code below incase anyone else finds it useful

Vote as helpful if it's useful ;o)

$RG = Get-RoleGroup "Recipient Management" New-RoleGroup "Recipient Management WC" -roles $RG.roles Set-RoleGroup "Recipient Management WC" -ManagedBy $rg.ManagedBy New-ManagementRoleAssignment -securitygroup "Recipient Management WC" -role "Active Directory Permissions"
- Marked as answer by John Grenfell Friday, December 3, 2010 9:55 PM
Friday, December 3, 2010 9:55 PM

All replies

0

Sign in to vote

Sounds like maybe you need to add the "Send on behalf of" right for those users. Starting in 2007 the Send as right seems to have lost it's functionality somewhat, and so adding the "Send on behalf of" right populates the mailbox with these users having delegate access.

Good Luck.

Monday, August 23, 2010 4:21 PM
0

Sign in to vote

Hi,

I'm trying to setup helpdesk users to be able to give send as permissions. So in EMC when you have a mailbox selected the "Manage Send As Pemission .." Action does not appear even though they are in a role which based on the documentation should give them that ability.

Kind Regards,

John

Thursday, August 26, 2010 7:18 AM
8

Sign in to vote
I solved it!

I need to add "Active Directory Permissions" to the role group, I created a new group to save modifying the default one. I've copied the code below incase anyone else finds it useful

Vote as helpful if it's useful ;o)

$RG = Get-RoleGroup "Recipient Management" New-RoleGroup "Recipient Management WC" -roles $RG.roles Set-RoleGroup "Recipient Management WC" -ManagedBy $rg.ManagedBy New-ManagementRoleAssignment -securitygroup "Recipient Management WC" -role "Active Directory Permissions"
- Marked as answer by John Grenfell Friday, December 3, 2010 9:55 PM
Friday, December 3, 2010 9:55 PM
0

Sign in to vote

Hi John,

Thanks for your solution, I had the same problem.

I also had to assign helpdesk users, the right to assign Send As rights to mailboxes in EMC and this works.

I only made a role "Recipient Management Plus" and assigned it to a AD group witht the helpdesk user.

Rerards,

Stephan

Monday, January 30, 2012 2:15 PM
0

Sign in to vote

To expand on John Grenfell's answer, to do this in the GUI:

- Open the ECP (OR Exchange Management Console -> Toolbox -> Role Based Access Control (RBAC) User Editor)

- Under Administrator Roles, open Recipient Management

- Add Role

- Select "Active Directory Permissions"

- Save

Note that this didn't take effect immediately, but it definitely worked.

Tuesday, July 25, 2017 12:46 AM

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support options

More support

Not an IT pro?

Answered by:

Delegate Managing Send As Permissions in Exchange 2010’s RBAC

Question

Answers

All replies