NOTE: This article has also been published in the official Exchange 2007 documentation - http://technet.microsoft.com/en-us/library/bb310768.aspx. We recommend that you check the documentation ...
Updated Jul 01, 2019
Version 2.0
Blog Post
....continued from last comment:
Note that there is also an Exchange Server Administrators role that you can delegate management of a particular server to an admin, but this is not controlled by group management, instead we add the access control entries directly on the server object within the configuration partition).
As far a discrete permission model...I will be posting a blog in the next few weeks that begins to go into that. For now, the implementation of the property sets allows us to better control mail-related attributes and reduces the number of access control entries that have to be granted. Unfortunately there is still not a mailbox administrator role, and elevated permissions are still required for certain operations (e.g. move mailbox).
Hope this helps,
Ross
Note that there is also an Exchange Server Administrators role that you can delegate management of a particular server to an admin, but this is not controlled by group management, instead we add the access control entries directly on the server object within the configuration partition).
As far a discrete permission model...I will be posting a blog in the next few weeks that begins to go into that. For now, the implementation of the property sets allows us to better control mail-related attributes and reduces the number of access control entries that have to be granted. Unfortunately there is still not a mailbox administrator role, and elevated permissions are still required for certain operations (e.g. move mailbox).
Hope this helps,
Ross