0 penilaian0% menganggap dokumen ini bermanfaat (0 suara)
8 tayangan2 halaman
Exchange 2013 uses built-in admin roles and role groups to delegate administration responsibilities. There are 67 default admin roles that are grouped into 12 role groups and assigned permissions for recipient, configuration and search management. Additional custom roles can also be created. User roles are assigned through role assignment policies to grant end users permissions for self-administration tasks like modifying contact info, apps and group membership. The document provides an example of adding a user to the discovery management role group and creating a new role group and assignment policy.
Exchange 2013 uses built-in admin roles and role groups to delegate administration responsibilities. There are 67 default admin roles that are grouped into 12 role groups and assigned permissions for recipient, configuration and search management. Additional custom roles can also be created. User roles are assigned through role assignment policies to grant end users permissions for self-administration tasks like modifying contact info, apps and group membership. The document provides an example of adding a user to the discovery management role group and creating a new role group and assignment policy.
Exchange 2013 uses built-in admin roles and role groups to delegate administration responsibilities. There are 67 default admin roles that are grouped into 12 role groups and assigned permissions for recipient, configuration and search management. Additional custom roles can also be created. User roles are assigned through role assignment policies to grant end users permissions for self-administration tasks like modifying contact info, apps and group membership. The document provides an example of adding a user to the discovery management role group and creating a new role group and assignment policy.
Delegating responsibilities is an essential part to administration of larger scale Exchange organizations. As a result we have Role Groups and Roles that are built-in (and can be expanded upon). There are also user role assignment policies to control end-user permissions.
Built-in Admin Roles
• The admin role concept is simple
– There are 67 different default admin roles (and these vary in recipient and configuration scope) – The roles are added to Role Groups – There are 12 different built-in Admin Role Groups to choose from
• The primary Role Group is Organization
Management, however it is missing the Mailbox Search role (by default) The Deeper Side to Roles
• Although there are 67 default admin roles, you
can create additional ones or tweak the ones that exist
• These roles are based on underlying PowerShell
cmdlets and commands that are assigned
• You can use the Exchange Management Shell to
view information and alter information about roles – Get-Management Role –Cmdlet New-Mailbox – Get-ManagementRoleEntry “Public Folders\*”
User Roles: Role Assignment Policy
• You can configure polices that grants end users
permissions to set their Outlook Web App options and perform other self-administration tasks, such as: – Modifying contact information – View and modify distribution group membership – View and modify marketplace apps
Scenario
• We will add Joel Agrawal to the Discovery
Management Role Group
• We will create a new Role Group that includes the
following Roles: – Mail Recipient Creation – Mail Recipients – Recipient Policies – Public Folders
• Create a new Role Assignment Policy called Full
Control that allows end-users complete self- administration control – Assign the new policy to Brent Heyne and Edna Dorking