CALL TO ACTION
A change in Exchange permissioning behavior may impact mobile communications and other add-on applications for Exchange. Shared and resource mailboxes may also be affe...
Updated Jul 01, 2019
Version 2.0
Blog Post
912918 is a long and informative article. I'd like to make sure I understand the bottom line. The article mentions that granting Send-As permissions for multiple accounts (either applied to a container or all AD objects) is not the preferred method. So if we use the Blackberry application as an example, would the preferred method be to ?:
* Grant Send-As permissions for the Blackberry service account to each existing individual Exchange/Blackberry user account. Likewise, when we add a new Exchange/Blackberry user, we grant Send-As permission in the same manner.
* For domain administrators that are also Blackberry users, we remove these users from the domain admin group. To perform tasks that require domain administrator security, these users would either log in with an account that has domain admin privileges, or use the RunAs command to accomplish same.
Does this sum it up ?
Sam Tudorov