RBAC Role – Trying to restrict available parameters Try to get head around…

The goal is to create a custom role for Exchange administrators with permissions to manage existing users, while restricting access to certain parameters when using commands such as set-mailbox.

I created a role,  add assign to role assignment “Public Folders – clone“ and „"Transport Rules-clone“

I added the test admin to the role and connected to Exchange Online.

When the administrator enters the Set-Mailbox command, a list of parameters appears that are not included in the assigned role. 

Public folder Management role has command Set-Mailbox with only following parameters : DefaultPublicFolderMailbox,Identity, IsExcludedFromServingHierarchy, PublicFolder

But from picture we can see paramaterst hat are not present in Publicv folder menegament role,

I run command

Get-Command set-mailbox | Select-Object -ExpandProperty Parameters

AcceptMessagesOnlyFrom

AcceptMessagesOnlyFromDLMembers

AcceptMessagesOnlyFromSendersOrMembers

DefaultPublicFolderMailbox

DeliverToMailboxAndForward

DisplayName

ExternalOofOptions

ForwardingAddress

ForwardingSmtpAddress

GrantSendOnBehalfTo

Identity

IsExcludedFromServingHierarchy

Languages

MailTip

MailTipTranslations

MessageCopyForSendOnBehalfEnabled

MessageCopyForSentAsEnabled

MessageCopyForSMTPClientSubmissionEnabled

Password

PublicFolder

RejectMessagesFrom

RejectMessagesFromDLMembers

RejectMessagesFromSendersOrMembers

RequireSenderAuthenticationEnabled

SimpleDisplayName

UniqueRecipientsCountLimitLevel

UniqueUnrestrictedGroupsLimitEnabled

UserCertificate

UserSMimeCertificate

Verbose

Debug

ErrorAction

WarningAction

InformationAction

ProgressAction

ErrorVariable

WarningVariable

InformationVariable

OutVariable

OutBuffer

PipelineVariable

WhatIf

Confirm