Grant Rights to Perform Exchange Tasks

Using Security Roles, you can granularly define which Exchange tasks you want to delegate to which users, and specify the scope on which they can perform the delegated tasks. For example, you can allow your Help Desk to only set out of office replies for the users who are members of a specific group.

In this tutorial, you will learn how to add permissions to perform various Exchange tasks to an existing Security Role.

1. Launch Adaxes Administration Console.
   Expand Adaxes service \ Configuration \ Security Roles and select the Security Role you want to modify.

   ---

   

2. In the Permissions section located to the right, click Add.

   

3. In the list of object types, select:

   ---

   • User if you want to delegate permissions on mailboxes or mail-enabled users,
   • Group if you want to delegate permissions on mail-enabled groups,
   • Contact if you want to delegate permissions on mail-enabled contacts.

   

4. In the General permissions list:

   ---

   • Type Exch in the filter edit box to filter out permissions unrelated to Exchange.

   • Check the permission you need in the Allow column.

     

   Permissions for Exchange Properties

   ---

   • To grant the rights to modify all Exchange properties, select the Write All Properties (Exchange) permission in the Allow column.

     

     ---

   • To grant the rights to modify a specific section of Exchange properties, select it in the Allow column. For example, to allow modification of the Automatic Replies (OOF) section, select Write Automatic Replies (Exchange).

     

     ---

   • To grant the rights to modify specific Exchange properties, in the Property-specific permissions list, check the desired property in the Allow column.

     

     ---

     The following tables show which AD object property corresponds to which Exchange parameter:

     General

     Parameter	Property Name
     Exchange Alias	Exchange Alias
     Simple Display Name	Simple Display Name
     Hide from address lists	ms-Exch-Hide-From-Address-Lists
     Use MAPI Rich Text Format	ms-Exch-MAPI-Recipient
     Set expansion server	ms-Exch-Expansion-Server-Name
     Send out-of-office message to originator	ms-Exch-OOF-Reply-To-Originator
     Delivery reports	ms-Exch-OOF-Report-To-Owner, ms-Exch-OOF-Report-To-Originator
     Custom Attributes	Extension Attribute 1 ... Extension Attribute 15

     Storage Quotas

     Parameter	Property Name
     Use mailbox database defaults	ms-Exch-MDB-Use-Defaults
     Issue warning at	ms-Exch-MDB-Storage-Quota
     Prohibit send at	ms-Exch-MDB-Over-Quota-Limit
     Prohibit send and receive at	ms-Exch-MDB-Over-Hard-Quota-Limit
     Deleted item retention	ms-Exch-Deleted-Item-Flags
     Keep deleted items for (number of days)	Garbage-Coll-Period

     Email Address

     Parameter	Property Name
     Email Addresses	Email Proxy Addresses
     Automatically update e-mail addresses based on e-mail address policy	MsExchEmailAddressPolicyEnabled

     Mailbox Features

     Policies

     Parameter	Property Name
     Sharing policy	ms-Exch-Sharing-Policy-Link
     Role Assignment policy	ms-Exch-RBAC-Policy-Link
     Retention policy, Managed Folder policy	ms-Exch-Mailbox-Template-Link
     Address Book policy	ms-Exch-Address-Book-Policy-Link

     Features

     Unified Messaging

     Parameter	Property Name
     Enabled/Disabled	MsExchUMEnabled
     Reset PIN	MsExchUMResetPinParams
     UM mailbox policy	ms-Exch-UM-Template-Link
     Personal operator extension	ms-Exch-UM-Operator-Number
     Additional UM extensions	MsExchUMExtentions
     Enable for Automatic Speech Recognition	MsExchUMAutoSpeechRecognitionEnabled
     Allow UM calls from non-users	ms-Exch-UM-List-In-Directory-Search
     Allow users to receive faxes	MsExchUMFaxEnabled
     Allow divert calls without caller ID to leave message	MsExchUMAnonymousCanLeaveMessages
     Allow users to configure call answering rules	MsExchUMCallAnswerRulesEnabled

     Exchange Active Sync

     Parameter	Property Name
     Enabled/Disabled	MsExchActiveSyncEnabled
     Mobile device mailbox policy	ms-Exch-Mobile-Mailbox-Policy-Link

     Outlook Web App

     Parameter	Property Name
     Enabled/Disabled	MsExchOwaEnabled
     Outlook Web App mailbox policy	ms-Exch-OWA-Policy

     IMAP

     Parameter	Property Name
     Enabled/Disabled	MsExchImapEnabled
     Use protocol defaults	MsExchImapUseProtocolDefaults
     Message retrieval format	MsExchImapMsgRetrievalMimeFormat

     POP3

     Parameter	Property Name
     Enabled/Disabled	MsExchPop3Enabled
     Use protocol defaults	MsExchPop3UseProtocolDefaults
     Message retrieval format	MsExchPop3MsgRetrievalMimeFormat

     MAPI

     Parameter	Property Name
     Enabled/Disabled	MsExchMapiEnabled

     Retention Hold

     Parameter	Property Name
     Enabled/Disabled	MsExchRetentionHoldEnabled
     Start date	Retention Hold Start Date
     End date	Retention Hold End Date

     Litigation Hold

     Parameter	Property Name
     Enabled/Disabled	MsExchLitigationHoldEnabled
     Note	ms-Exch-Retention-Comment
     URL	ms-Exch-Retention-URL

     Archiving

     Parameter	Property Name
     Enabled/Disabled	MsExchArchiveEnabled
     Archive database	ms-Exch-Archive-Name
     Quota value	ms-Exch-Archive-Quota
     Issue warning at	ms-Exch-Archive-Warn-Quota

     Outlook Mobile Access (Exchange 2003 only)

     Parameter	Property Name
     Enabled/Disabled	MsExchOmaEnabled

     User Initiated Synchronization (Exchange 2003 only)

     Parameter	Property Name
     Enabled/Disabled	MsExchUisEnabled

     Up-to-date Notifications (Exchange 2003 only)

     Parameter	Property Name
     Enabled/Disabled	MsExchUdnEnabled

     Mail Flow

     Delivery Options

     Parameter	Property Name
     Forward to	Forward To
     Deliver message to both forwarding address and mailbox	ms-Exch-Deliver-And-Redirect
     Maximum recipients	ms-Exch-Recip-Limit

     Message Size Restrictions

     Parameter	Property Name
     Sending message size	ms-Exch-Submission-Cont-Length
     Receiving message size	ms-Exch-Deliv-Cont-Length

     Message Delivery Restrictions

     Parameter	Property Name
     Accept Messages From	ms-Exch-RequireAuthToSendTo (Only senders inside my organization) ms-Exch-Auth-Orig (List of senders to accept messages from)
     Reject Messages From	ms-Exch-Unauth-Orig

     Mail Flow Settings

     Message Size Restrictions

     Parameter	Property Name
     Sending message size	ms-Exch-Submission-Cont-Length
     Receiving message size	ms-Exch-Deliv-Cont-Length

     Message Delivery Restrictions

     Parameter	Property Name
     Accept Messages From	ms-Exch-RequireAuthToSendTo (Only senders inside my organization) ms-Exch-Auth-Orig (List of senders to accept messages from)
     Reject Messages From	ms-Exch-Unauth-Orig

     Delivery Management

     Parameter	Property Name
     Accept Messages From	ms-Exch-RequireAuthToSendTo (Only senders inside my organization) ms-Exch-Auth-Orig (List of senders to accept messages from)
     Reject Messages From	ms-Exch-Unauth-Orig

     Message Approval

     Parameter	Property Name
     Messages sent to this group have to be approved by a moderator	ms-Exch-Enable-Moderation
     Moderators	ms-Exch-Moderated-By-Link
     Senders who don't require message approval	ms-Exch-Bypass-Moderation-Link
     Notifications	ms-Exch-Moderation-Flags

     Calendar Settings

     Parameter	Property Name
     Calendar Settings	MsExchMailboxCalendarSettings

     MailTip

     Parameter	Property Name
     MailTip	MailTip

     Delegation

     Parameter	Property Name
     Send As	MsExchSendAs
     Send on Behalf	ms-Exch-Public-Delegates
     Mailbox Rights	ms-Exch-Mailbox-Security-Descriptor

     Automatic Replies (OOF)

     Parameter	Property Name
     Auto-Reply Configuration	MsExchMailboxAutoReplyConfiguration

   When done, click OK.

5. Click Save changes.