Locking down Exchange Recipient Admins?

Hi,

We have a few exchange recipient admins and their main goal is only to create mailboxes for new users. We would like to prevent them from being able to give themself full-access permissions and opening a mailbox. Is there anyway to do this? Or is the exchange recipient administrator role not granular enough?

Thanks,
HT

Comments

  • blargoeblargoe Self-Described Huguenot NC, USAMember Posts: 4,174 ■■■■■■■■■□
    I didn't think recipient admins were able to manage security
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    blargoe wrote: »
    I didn't think recipient admins were able to manage security

    They're not. You need the highest Exchange Administrative rights to do this.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • hypnotoadhypnotoad Banned Posts: 915
    royal wrote: »
    They're not. You need the highest Exchange Administrative rights to do this.

    So there isn't any way an exchange recipient admin should be able to read someone's mailbox with the default Exchange 2007 SP1 configuration?
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    hypnotoad wrote: »
    So there isn't any way an exchange recipient admin should be able to read someone's mailbox with the default Exchange 2007 SP1 configuration?

    Not by default.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
Sign In or Register to comment.