Tuesday, 31 July 2012

Exchange 2013 default created Role Groups

Like exchange server 2010, we have the Universal Security Role Groups created automatically in Exchange Server 2013, and we can customize these role groups to set the granular permission based on our requirement. Below are the default Roles groups available in Exchange Server 2013 Preview, In exchange 2010 we have 11 default Role Groups and in Exchange 2013 we have 16 Roles Groups.

Compliance Management - This role group will allow a specified user to manage compliance feature on Exchange 2013

Delegated Setup - Members of this management role group have permissions to install and uninstall Exchange on provisioned servers. This role group shouldn't be deleted.

Discovery Management - Members of this management role group can perform searches of mailboxes in the Exchange organization for data that meets specific criteria.

Exchange Servers - This group contains all the Exchange servers. This group shouldn't be deleted.

Exchange Trusted Subsystem - This group contains Exchange servers that run Exchange cmdlets on behalf of users via the management service. Its members have permission to read and modify all Exchange configurations

Exchange Windows Permissions - This group contains Exchange servers that run Exchange cmdlets on behalf of users via the management service. Its members have permission to read and modify all Windows accounts and groups. This group should not be deleted.

ExchangeLegacyInterop - This group is for interoperability with Exchange 2003 servers within the same forest. This group should not be deleted.

Help Desk - Members of this management role group can view and manage the configuration for individual recipients and view recipients in an Exchange organization. Members of this role group can only manage the configuration each user can manage on his or her own mailbox. Additional permissions can be added by assigning additional management roles to this role group.

Hygiene Management - Members of this management role group can manage Exchange anti-spam features and grant permissions for antivirus products to integrate with Exchange.

Organization Management - Members of this management role group have permissions to manage Exchange objects and their properties in the Exchange organization. Members can also delegate role groups and management roles in the organization. This role group shouldn't be deleted.

Public Folder Management - Members of this management role group can manage public folders. Members can create and delete public folders and manage public folder settings such as replicas

Recipient Management - Members of this management role group have rights to create

Records Management - Members of this management role group can configure compliance features such as retention policy tags

Server Management - Members of this management role group have permissions to manage all Exchange servers within the Exchange organization

UM Management - Members of this management role group can manage Unified Messaging organization

View-Only Organization Management - Members of this management role group can view recipient and configuration objects and their properties in the Exchange organization.

No comments:

Post a Comment