Grant rights to perform Exchange tasks

Using security roles, you can delegate Exchange tasks to your users and granuraly define what operations in Exchange they are allowed to perform. For example, you can allow your Help Desk to only set out of office replies, and be able to do it only for the users who are members of a specific group.

Permissions granted by security roles are effective only within Adaxes.

In this tutorial, you will learn how to add the permissions to perform various Exchange tasks to an existing security role.

  1. Launch Adaxes Administration console.

     How { #collapse1}
    • On the computer where Adaxes Administration console is installed, open Windows Start menu.

    • Click Adaxes Administration Console.

  2. Expand Adaxes service \ Configuration \ Security Roles and select the security role you want to modify.

  3. In the Permissions section on the right, click Add.

  4. In the list of object types, select:

    • User if you want to delegate permissions on regular user mailboxes or mail-enabled users.

    • Group if you want to delegate permissions on mail-enabled groups.

    • Contact if you want to delegate permissions on mail-enabled contacts.

    • Room Mailbox if you want to delegate permissions on room mailboxes.

    • Equipment Mailbox if you want to delegate permissions on equipment mailboxes.

    • Linked Mailbox if you want to delegate permissions on linked mailboxes.

  5. In the General permissions section:

    • Type Exch in the filter edit box to filter out permissions unrelated to Exchange.

    • Select the permission you need in the Allow column.

    Permissions for Exchange Properties

    • To grant the rights to modify all Exchange properties, select the Write All Properties (Exchange) permission in the Allow column.

    • To grant the rights to modify a specific section of Exchange properties, select it in the Allow column. For example, to allow the modification of the Automatic Replies section, select Write Automatic Replies (Exchange).

    • To grant the rights to modify specific Exchange properties, select the desired property in the Allow column in the Property-specific permissions list.

      The following tables list Exchange parameters and their correlation with object properties:

       General { #collapse1}
      Parameter Property Name
      Alias Exchange Alias
      Simple display name Simple Display Name
      Hide from address lists ms-Exch-Hide-From-Address-Lists
      Custom Attributes Extension Attribute 1 ... Extension Attribute 15
      Use MAPI rich text format
      (mail-enabled users and contacts)
      ms-Exch-MAPI-Recipient
      Expansion server
      (mail-enabled groups)
      ms-Exch-Expansion-Server-Name
      Send out-of-office message to originator
      (mail-enabled groups)
      ms-Exch-OOF-Reply-To-Originator
      Delivery Reports section
      (mail-enabled groups)
      ms-Exch-OOF-Report-To-Owner,
      ms-Exch-OOF-Report-To-Originator
      Capacity
      (room and equipment mailboxes)
      Capacity
      Address book policy
      (room and equipment mailboxes)
      ms-Exch-Address-Book-Policy-Link
       Storage Quotas { #collapse2}
      Parameter Property Name
      Use mailbox database defaults ms-Exch-MDB-Use-Defaults
      Issue warning at ms-Exch-MDB-Storage-Quota
      Prohibit send at ms-Exch-MDB-Over-Quota-Limit
      Prohibit send and receive at ms-Exch-MDB-Over-Hard-Quota-Limit
      Deleted item retention ms-Exch-Deleted-Item-Flags
      Keep deleted items for (number of days) Garbage-Coll-Period
       Email Address { #collapse3}
      Parameter Property Name
      Email Addresses Proxy Addresses
      Automatically update e-mail addresses based on e-mail address policy MsExchEmailAddressPolicyEnabled
      External E-mail Address
      (contacts)
      ms-Exch-Target-Address
       Mailbox Features { #collapse4}
       Policies
      Parameter Property Name
      Sharing policy ms-Exch-Sharing-Policy-Link
      Role Assignment policy ms-Exch-RBAC-Policy-Link
      Retention policy,
      Managed Folder policy
      ms-Exch-Mailbox-Template-Link
      Address Book policy ms-Exch-Address-Book-Policy-Link
       Features
       Unified Messaging
      Parameter Property Name
      Enabled/Disabled MsExchUMEnabled
      Reset PIN MsExchUMResetPinParams
      UM mailbox policy ms-Exch-UM-Template-Link
      Personal operator extension ms-Exch-UM-Operator-Number
      Additional UM extensions MsExchUMExtentions
      Enable for Automatic Speech Recognition MsExchUMAutoSpeechRecognitionEnabled
      Allow UM calls from non-users ms-Exch-UM-List-In-Directory-Search
      Allow users to receive faxes MsExchUMFaxEnabled
      Allow divert calls without caller ID to leave message MsExchUMAnonymousCanLeaveMessages
      Allow users to configure call answering rules MsExchUMCallAnswerRulesEnabled
       Exchange ActiveSync
      Parameter Property Name
      Enabled/Disabled MsExchActiveSyncEnabled
      Mobile device mailbox policy ms-Exch-Mobile-Mailbox-Policy-Link
      Mobile Devices section MsExchMobileDevices
       OWA for Devices
      Parameter Property Name
      Enabled/Disabled MsExchOutlookAppEnabled
      Mobile device mailbox policy ms-Exch-Mobile-Mailbox-Policy-Link
      Mobile Devices section MsExchMobileDevices
       Outlook Web App
      Parameter Property Name
      Enabled/Disabled MsExchOwaEnabled
      Outlook Web App mailbox policy ms-Exch-OWA-Policy
       IMAP
      Parameter Property Name
      Enabled/Disabled MsExchImapEnabled
      Use protocol defaults MsExchImapUseProtocolDefaults
      Message retrieval format MsExchImapMsgRetrievalMimeFormat
       POP3
      Parameter Property Name
      Enabled/Disabled MsExchPop3Enabled
      Use protocol defaults MsExchPop3UseProtocolDefaults
      Message retrieval format MsExchPop3MsgRetrievalMimeFormat
       MAPI
      Parameter Property Name
      Enabled/Disabled MsExchMapiEnabled
       Retention Hold
      Parameter Property Name
      Enabled/Disabled MsExchRetentionHoldEnabled
      Start date Retention Hold Start Date
      End date Retention Hold End Date
       Litigation Hold
      Parameter Property Name
      Enabled/Disabled MsExchLitigationHoldEnabled
      Litigation hold duration MsExchLitigationHoldDuration
      Note ms-Exch-Retention-Comment
      URL ms-Exch-Retention-URL
       Archiving
      Parameter Property Name
      Enabled/Disabled MsExchArchiveEnabled
      Archive database ms-Exch-Archive-Name
      Quota value ms-Exch-Archive-Quota
      Issue warning at ms-Exch-Archive-Warn-Quota
       Mail Flow
       Delivery Options
      Parameter Property Name
      Forward to Forward To
      Deliver message to both forwarding address and mailbox ms-Exch-Deliver-And-Redirect
      Maximum recipients ms-Exch-Recip-Limit
       Message Size Restrictions
      Parameter Property Name
      Sending message size ms-Exch-Submission-Cont-Length
      Receiving message size ms-Exch-Deliv-Cont-Length
       Message Delivery Restrictions
      Parameter Property Name
      Accept Messages From section ms-Exch-RequireAuthToSendTo (Only senders inside my organization)
      ms-Exch-Auth-Orig (List of senders to accept messages from)
      Reject Messages From section ms-Exch-Unauth-Orig
       Mail Flow Settings { #collapse5}
       Message Size Restrictions
      Parameter Property Name
      Sending message size ms-Exch-Submission-Cont-Length
      Receiving message size ms-Exch-Deliv-Cont-Length
       Message Delivery Restrictions
      Parameter Property Name
      Accept Messages From section ms-Exch-RequireAuthToSendTo (Only senders inside my organization)
      ms-Exch-Auth-Orig (List of senders to accept messages from)
      Reject Messages From section ms-Exch-Unauth-Orig
       Delivery Management { #collapse6}
      Parameter Property Name
      Accept Messages From ms-Exch-RequireAuthToSendTo (Only senders inside my organization)
      ms-Exch-Auth-Orig (List of senders to accept messages from)
      Reject Messages From ms-Exch-Unauth-Orig
       Message Approval { #collapse7}
      Parameter Property Name
      Messages sent to this group have to be approved by a moderator ms-Exch-Enable-Moderation
      Moderators ms-Exch-Moderated-By-Link
      Senders who don't require message approval ms-Exch-Bypass-Moderation-Link
      Notifications ms-Exch-Moderation-Flags
       Calendar Permissions { #collapse8}
      Parameter Property Name
      Permissions MsExchMailboxCalendarPermissions
       MailTip { #collapse9}
      Parameter Property Name
      MailTip MailTip
       Delegation { #collapse10}
      Parameter Property Name
      Send As MsExchSendAs
      Send on Behalf Delegates
      Full Access (Mailbox Rights) ms-Exch-Mailbox-Security-Descriptor
       Automatic Replies { #collapse11}
      Parameter Property Name
      Auto-Reply Configuration MsExchMailboxAutoReplyConfiguration
       Booking Delegates { #collapse12}
      Parameter Property Name
      Delegates MsExchResourceDelegates
      Forward meeting requests to delegates MsExchForwardRequestsToDelegates
      Booking Requests section MsExchInPolicyBookFrom,
      MsExchInPolicyBookFromMode,
      MsExchInPolicyRequestFrom,
      MsExchInPolicyRequestFromMode,
      MsExchInPolicyRequestsProcessingMode
      Out-of-Policy Requests section MsExchOutPolicyRequestFrom,
      MsExchOutPolicyRequestFromMode
       Booking Policies { #collapse13}
      Parameter Property Name
      Allow conflicting meeting requests MsExchAllowConflicts
      Allow repeating meetings MsExchAllowRecurringMeetings
      Allow scheduling only during working hours MsExchScheduleOnlyDuringWorkHours
      Always decline if the end date is beyond the maximum booking lead time MsExchEnforceSchedulingHorizon
      Maximum booking lead time MsExchBookingWindowInDays
      Maximum duration MsExchMaximumDurationInMinutes
      Reply text for the meeting organizer MsExchMeetingOrganizerReply
      Send organizer information when a request is declined due to conflicts MsExchSendOrganizerInfoOnRequestDeclined
       Calendar Settings { #collapse14}
      Parameter Property Name
      Delete attachments MsExchDeleteAttachments
      Delete comments MsExchDeleteComments
      Delete the subject MsExchDeleteSubject
      Delete non-calendar items MsExchDeleteNonCalendarItems
      Add the organizer's name to the subject MsExchAddOrganizerToSubject
      Remove the private flag on accepted meetings MsExchRemovePrivateProperty
      Mark pending requests as Tentative MsExchTentativePendingApproval

    Click OK.

  6. Click Save changes.