Grant rights to perform Exchange tasks

Using security roles, you can delegate Exchange tasks to your users and granuraly define what operations in Exchange they are allowed to perform. For example, you can allow your Help Desk to only set out of office replies, and be able to do it only for the users who are members of a specific group.

In this tutorial, you will learn how to add the permissions to perform various Exchange tasks to an existing security role.

1. Launch Adaxes administration console.

    How

   • On the computer where Adaxes administration console is installed, open Windows Start menu.

   • Click Adaxes Administration Console.

2. Expand Adaxes service \ Configuration \ Security Roles and select the security role you want to modify.

3. In the Permissions section on the right, click Add.

4. In the list of object types, select:

   • User if you want to delegate permissions on regular user mailboxes or mail-enabled users.

   • Group if you want to delegate permissions on mail-enabled groups.

   • Contact if you want to delegate permissions on mail-enabled contacts.

   • Room Mailbox if you want to delegate permissions on room mailboxes.

   • Equipment Mailbox if you want to delegate permissions on equipment mailboxes.

   • Linked Mailbox if you want to delegate permissions on linked mailboxes.

5. In the General permissions section:

   • Type Exchange in the filter edit box to filter out permissions unrelated to Exchange.

   • Select the permission you need in the Allow column.

   Permissions for Exchange Properties

   • To grant the rights to modify all Exchange properties, select the Write All Properties (Exchange) permission in the Allow column.

   • To grant the rights to modify a specific section of Exchange properties, select it in the Allow column. For example, to allow the modification of the Automatic Replies section, select Write Automatic Replies (Exchange).

   • To grant the rights to modify specific Exchange properties, select the desired property in the Allow column in the Property-specific permissions list.

     The following tables list Exchange parameters and their correlation with object properties:

      General

     Parameter	Property Name
     Alias	Email
     Simple display name	Simple display name
     Hide from address lists	Hidden from address lists
     Custom Attributes	Extension attribute 1 ... Extension attribute 15
     Use MAPI rich text format (mail-enabled users and contacts)	ms-Exch-MAPI-Recipient
     Expansion server (mail-enabled groups)	ms-Exch-Expansion-Server-Name
     Send out-of-office message to originator (mail-enabled groups)	ms-Exch-OOF-Reply-To-Originator
     Delivery Reports section (mail-enabled groups)	ms-Exch-OOF-Report-To-Owner, ms-Exch-OOF-Report-To-Originator
     Capacity (room and equipment mailboxes)	Capacity
     Address book policy (room and equipment mailboxes)	ms-Exch-Address-Book-Policy-Link

      Storage Quotas

     Parameter	Property Name
     Use mailbox database defaults	ms-Exch-MDB-Use-Defaults
     Issue warning at	Issue a warning at
     Prohibit send at	Prohibit send at
     Prohibit send and receive at	Prohibit send and receive at
     Deleted item retention	ms-Exch-Deleted-Item-Flags
     Keep deleted items for (number of days)	Keep deleted items for

      Email Address

     Parameter	Property Name
     Email Addresses	Proxy addresses
     Automatically update e-mail addresses based on e-mail address policy	MsExchEmailAddressPolicyEnabled
     External E-mail Address (contacts)	ms-Exch-Target-Address

      Mailbox Features

      Policies

     Parameter	Property Name
     Sharing policy	ms-Exch-Sharing-Policy-Link
     Role Assignment policy	ms-Exch-RBAC-Policy-Link
     Retention policy, Managed Folder policy	ms-Exch-Mailbox-Template-Link
     Address Book policy	ms-Exch-Address-Book-Policy-Link

      Features

      Unified Messaging

     Parameter	Property Name
     Enabled/Disabled	MsExchUMEnabled
     Reset PIN	MsExchUMResetPinParams
     UM mailbox policy	Unified Messaging policy
     Personal operator extension	ms-Exch-UM-Operator-Number
     Additional UM extensions	MsExchUMExtentions
     Enable for Automatic Speech Recognition	MsExchUMAutoSpeechRecognitionEnabled
     Allow UM calls from non-users	ms-Exch-UM-List-In-Directory-Search
     Allow users to receive faxes	MsExchUMFaxEnabled
     Allow divert calls without caller ID to leave message	MsExchUMAnonymousCanLeaveMessages
     Allow users to configure call answering rules	MsExchUMCallAnswerRulesEnabled

      Exchange ActiveSync

     Parameter	Property Name
     Enabled/Disabled	MsExchActiveSyncEnabled
     Mobile device mailbox policy	Mobile Device policy
     Mobile Devices section	MsExchMobileDevices

      OWA for Devices

     Parameter	Property Name
     Enabled/Disabled	MsExchOutlookAppEnabled
     Mobile device mailbox policy	Mobile Device policy
     Mobile Devices section	MsExchMobileDevices

      Outlook Web App

     Parameter	Property Name
     Enabled/Disabled	MsExchOwaEnabled
     Outlook Web App mailbox policy	Outlook web app policy

      IMAP

     Parameter	Property Name
     Enabled/Disabled	MsExchImapEnabled
     Use protocol defaults	MsExchImapUseProtocolDefaults
     Message retrieval format	MsExchImapMsgRetrievalMimeFormat

      POP3

     Parameter	Property Name
     Enabled/Disabled	MsExchPop3Enabled
     Use protocol defaults	MsExchPop3UseProtocolDefaults
     Message retrieval format	MsExchPop3MsgRetrievalMimeFormat

      MAPI

     Parameter	Property Name
     Enabled/Disabled	MsExchMapiEnabled

      Retention Hold

     Parameter	Property Name
     Enabled/Disabled	MsExchRetentionHoldEnabled
     Start date	Retention start date
     End date	Retention end date

      Litigation Hold

     Parameter	Property Name
     Enabled/Disabled	MsExchLitigationHoldEnabled
     Litigation hold duration	MsExchLitigationHoldDuration
     Note	Retention note
     URL	Retention URL

      Archiving

     Parameter	Property Name
     Enabled/Disabled	MsExchArchiveEnabled
     Archive database	Archive database
     Quota value	Archive quota
     Issue warning at	Archive quota warning

      Mail Flow

      Delivery Options

     Parameter	Property Name
     Forward to	Forward to
     Deliver message to both forwarding address and mailbox	Deliver and redirect
     Maximum recipients	Recipient limit

      Message Size Restrictions

     Parameter	Property Name
     Sending message size	Sent messages max size
     Receiving message size	Received messages max size

      Message Delivery Restrictions

     Parameter	Property Name
     Accept Messages From section	ms-Exch-RequireAuthToSendTo (Only senders inside my organization) ms-Exch-Auth-Orig (List of senders to accept messages from)
     Reject Messages From section	ms-Exch-Unauth-Orig

      Mail Flow Settings

      Message Size Restrictions

     Parameter	Property Name
     Sending message size	Sent messages max size
     Receiving message size	Received messages max size

      Message Delivery Restrictions

     Parameter	Property Name
     Accept Messages From section	ms-Exch-RequireAuthToSendTo (Only senders inside my organization) ms-Exch-Auth-Orig (List of senders to accept messages from)
     Reject Messages From section	ms-Exch-Unauth-Orig

      Delivery Management

     Parameter	Property Name
     Accept Messages From	ms-Exch-RequireAuthToSendTo (Only senders inside my organization) ms-Exch-Auth-Orig (List of senders to accept messages from)
     Reject Messages From	ms-Exch-Unauth-Orig

      Message Approval

     Parameter	Property Name
     Messages sent to this group have to be approved by a moderator	ms-Exch-Enable-Moderation
     Moderators	ms-Exch-Moderated-By-Link
     Senders who don't require message approval	ms-Exch-Bypass-Moderation-Link
     Notifications	ms-Exch-Moderation-Flags

      Calendar Permissions

     Parameter	Property Name
     Permissions	MsExchMailboxCalendarPermissions

      MailTip

     Parameter	Property Name
     MailTip	MailTip

      Delegation

     Parameter	Property Name
     Send As	MsExchSendAs
     Send on Behalf	Delegates
     Full Access (Mailbox Rights)	ms-Exch-Mailbox-Security-Descriptor

      Automatic Replies

     Parameter	Property Name
     Auto-Reply Configuration	MsExchMailboxAutoReplyConfiguration

      Booking Delegates

     Parameter	Property Name
     Delegates	MsExchResourceDelegates
     Forward meeting requests to delegates	MsExchForwardRequestsToDelegates
     Booking Requests section	MsExchInPolicyBookFrom, MsExchInPolicyBookFromMode, MsExchInPolicyRequestFrom, MsExchInPolicyRequestFromMode, MsExchInPolicyRequestsProcessingMode
     Out-of-Policy Requests section	MsExchOutPolicyRequestFrom, MsExchOutPolicyRequestFromMode

      Booking Policies

     Parameter	Property Name
     Allow conflicting meeting requests	MsExchAllowConflicts
     Allow repeating meetings	MsExchAllowRecurringMeetings
     Allow scheduling only during working hours	MsExchScheduleOnlyDuringWorkHours
     Always decline if the end date is beyond the maximum booking lead time	MsExchEnforceSchedulingHorizon
     Maximum booking lead time	MsExchBookingWindowInDays
     Maximum duration	MsExchMaximumDurationInMinutes
     Reply text for the meeting organizer	MsExchMeetingOrganizerReply
     Send organizer information when a request is declined due to conflicts	MsExchSendOrganizerInfoOnRequestDeclined

      Calendar Settings

     Parameter	Property Name
     Delete attachments	MsExchDeleteAttachments
     Delete comments	MsExchDeleteComments
     Delete the subject	MsExchDeleteSubject
     Delete non-calendar items	MsExchDeleteNonCalendarItems
     Add the organizer's name to the subject	MsExchAddOrganizerToSubject
     Remove the private flag on accepted meetings	MsExchRemovePrivateProperty
     Mark pending requests as Tentative	MsExchTentativePendingApproval

   Click OK.

6. Click Save changes.