Answer the question
In order to leave comments, you need to log in
I
I
Ivan Trofimov2016-09-14 08:50:53
Ivan Trofimov, 2016-09-14 08:50:53
How to restrict rights to Exchange 2013 administrators?
There is technical support with limited rights for Exchange Server 2013. They create users in AD, mailboxes on Exchange, they can change user data, include an archive for the mailbox.
Assigned Roles:
- Active Directory Permissions
- Distribution Groups
- Mail Recipient Creation
- Mail Recipients
- User Options
These users can manage the users' Mailbox Delegation and as a result can give their account access to the user's mailbox and read their emails. Is it possible to somehow limit this functionality?
1 answer(s)
@cbone
A
akelsey, 2016-09-14 @cbone
If they may need "Mailbox Delegation" for their work, then it's best to set up an AdminAuditLog, and just monitor getting unapproved access (create a process to request such access) and punish accordingly.
PS
If you still need to remove the addition of rights to the mailbox, you need to create a new role "My Mail Recipients" - take "Mail Recipients" as the parent role and remove the "Add-MailboxPermission" cmdlet from there.
Similar questions
V
D
N
P
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question