Locking down Exchange Recipient Admins?

Hi,

We have a few exchange recipient admins and their main goal is only to create mailboxes for new users. We would like to prevent them from being able to give themself full-access permissions and opening a mailbox. Is there anyway to do this? Or is the exchange recipient administrator role not granular enough?

Thanks,
HT

Find more posts tagged with

Comments

blargoe

I didn't think recipient admins were able to manage security

royal

blargoe wrote: »

I didn't think recipient admins were able to manage security

They're not. You need the highest Exchange Administrative rights to do this.

hypnotoad

royal wrote: »

They're not. You need the highest Exchange Administrative rights to do this.

So there isn't any way an exchange recipient admin should be able to read someone's mailbox with the default Exchange 2007 SP1 configuration?

royal

hypnotoad wrote: »

So there isn't any way an exchange recipient admin should be able to read someone's mailbox with the default Exchange 2007 SP1 configuration?

Not by default.