Grant Rights to Perform Exchange Tasks


Using Security Roles, you can granularly define which Exchange tasks you want to delegate to which users, and specify the scope on which they can perform the delegated tasks. For example, you can allow your Help Desk to only set out of office replies for the users who are members of a specific group.

Permissions granted by Security Roles are effective only within Adaxes.

In this tutorial, you will learn how to add permissions to perform various Exchange tasks to an existing Security Role.


  1. Launch Adaxes Administration Console.
    Expand Adaxes service \ Configuration \ Security Roles and select the Security Role you want to modify.


  2. In the Permissions section located to the right, click Add.

  3. In the list of object types, select:


    • User if you want to delegate permissions on mailboxes or mail-enabled users,
    • Group if you want to delegate permissions on mail-enabled groups,
    • Contact if you want to delegate permissions on mail-enabled contacts.

  4. In the General permissions list:


    • Type Exch in the filter edit box to filter out permissions unrelated to Exchange.
    • Check the permission you need in the Allow column.

    Permissions for Exchange Properties


    • To grant the rights to modify all Exchange properties, select the Write All Properties (Exchange) permission in the Allow column.


    • To grant the rights to modify a specific section of Exchange properties, select it in the Allow column. For example, to allow modification of the Automatic Replies (OOF) section, select Write Automatic Replies (Exchange).


    • To grant the rights to modify specific Exchange properties, in the Property-specific permissions list, check the desired property in the Allow column.


      The following tables show which AD object property corresponds to which Exchange parameter:

      Parameter Property Name
      Exchange Alias Exchange Alias
      Simple Display Name Simple Display Name
      Hide from address lists ms-Exch-Hide-From-Address-Lists
      Use MAPI Rich Text Format ms-Exch-MAPI-Recipient
      Set expansion server ms-Exch-Expansion-Server-Name
      Send out-of-office message to originator ms-Exch-OOF-Reply-To-Originator
      Delivery reports ms-Exch-OOF-Report-To-Owner,
      ms-Exch-OOF-Report-To-Originator
      Custom Attributes Extension Attribute 1 ... Extension Attribute 15
      Parameter Property Name
      Use mailbox database defaults ms-Exch-MDB-Use-Defaults
      Issue warning at ms-Exch-MDB-Storage-Quota
      Prohibit send at ms-Exch-MDB-Over-Quota-Limit
      Prohibit send and receive at ms-Exch-MDB-Over-Hard-Quota-Limit
      Deleted item retention ms-Exch-Deleted-Item-Flags
      Keep deleted items for (number of days) Garbage-Coll-Period
      Parameter Property Name
      Email Addresses Email Proxy Addresses
      Automatically update e-mail addresses based on e-mail address policy MsExchEmailAddressPolicyEnabled
      Parameter Property Name
      Sharing policy ms-Exch-Sharing-Policy-Link
      Role Assignment policy ms-Exch-RBAC-Policy-Link
      Retention policy,
      Managed Folder policy
      ms-Exch-Mailbox-Template-Link
      Address Book policy ms-Exch-Address-Book-Policy-Link
      Parameter Property Name
      Enabled/Disabled MsExchUMEnabled
      Reset PIN MsExchUMResetPinParams
      UM mailbox policy ms-Exch-UM-Template-Link
      Personal operator extension ms-Exch-UM-Operator-Number
      Additional UM extensions MsExchUMExtentions
      Enable for Automatic Speech Recognition MsExchUMAutoSpeechRecognitionEnabled
      Allow UM calls from non-users ms-Exch-UM-List-In-Directory-Search
      Allow users to receive faxes MsExchUMFaxEnabled
      Allow divert calls without caller ID to leave message MsExchUMAnonymousCanLeaveMessages
      Allow users to configure call answering rules MsExchUMCallAnswerRulesEnabled
      Parameter Property Name
      Enabled/Disabled MsExchActiveSyncEnabled
      Mobile device mailbox policy ms-Exch-Mobile-Mailbox-Policy-Link
      Parameter Property Name
      Enabled/Disabled MsExchOwaEnabled
      Outlook Web App mailbox policy ms-Exch-OWA-Policy
      Parameter Property Name
      Enabled/Disabled MsExchImapEnabled
      Use protocol defaults MsExchImapUseProtocolDefaults
      Message retrieval format MsExchImapMsgRetrievalMimeFormat
      Parameter Property Name
      Enabled/Disabled MsExchPop3Enabled
      Use protocol defaults MsExchPop3UseProtocolDefaults
      Message retrieval format MsExchPop3MsgRetrievalMimeFormat
      Parameter Property Name
      Enabled/Disabled MsExchMapiEnabled
      Parameter Property Name
      Enabled/Disabled MsExchRetentionHoldEnabled
      Start date Retention Hold Start Date
      End date Retention Hold End Date
      Parameter Property Name
      Enabled/Disabled MsExchLitigationHoldEnabled
      Note ms-Exch-Retention-Comment
      URL ms-Exch-Retention-URL
      Parameter Property Name
      Enabled/Disabled MsExchArchiveEnabled
      Archive database ms-Exch-Archive-Name
      Quota value ms-Exch-Archive-Quota
      Issue warning at ms-Exch-Archive-Warn-Quota
      Parameter Property Name
      Enabled/Disabled MsExchOmaEnabled
      Parameter Property Name
      Enabled/Disabled MsExchUisEnabled
      Parameter Property Name
      Enabled/Disabled MsExchUdnEnabled
      Parameter Property Name
      Forward to Forward To
      Deliver message to both forwarding address and mailbox ms-Exch-Deliver-And-Redirect
      Maximum recipients ms-Exch-Recip-Limit
      Parameter Property Name
      Sending message size ms-Exch-Submission-Cont-Length
      Receiving message size ms-Exch-Deliv-Cont-Length
      Parameter Property Name
      Accept Messages From ms-Exch-RequireAuthToSendTo (Only senders inside my organization)
      ms-Exch-Auth-Orig (List of senders to accept messages from)
      Reject Messages From ms-Exch-Unauth-Orig
      Parameter Property Name
      Sending message size ms-Exch-Submission-Cont-Length
      Receiving message size ms-Exch-Deliv-Cont-Length
      Parameter Property Name
      Accept Messages From ms-Exch-RequireAuthToSendTo (Only senders inside my organization)
      ms-Exch-Auth-Orig (List of senders to accept messages from)
      Reject Messages From ms-Exch-Unauth-Orig
      Parameter Property Name
      Accept Messages From ms-Exch-RequireAuthToSendTo (Only senders inside my organization)
      ms-Exch-Auth-Orig (List of senders to accept messages from)
      Reject Messages From ms-Exch-Unauth-Orig
      Parameter Property Name
      Messages sent to this group have to be approved by a moderator ms-Exch-Enable-Moderation
      Moderators ms-Exch-Moderated-By-Link
      Senders who don't require message approval ms-Exch-Bypass-Moderation-Link
      Notifications ms-Exch-Moderation-Flags
      Parameter Property Name
      Calendar Settings MsExchMailboxCalendarSettings
      Parameter Property Name
      MailTip MailTip
      Parameter Property Name
      Send As MsExchSendAs
      Send on Behalf ms-Exch-Public-Delegates
      Mailbox Rights ms-Exch-Mailbox-Security-Descriptor
      Parameter Property Name
      Auto-Reply Configuration MsExchMailboxAutoReplyConfiguration

    When done, click OK.

  5. Click Save changes.

Open tutorial filtering

Got questions?
Support Forum