Recipients Permissions

Applies to: Exchange Server 2013

The permissions required to perform tasks to manage recipients vary depending on the procedure being performed or the cmdlet you want to run.

To find out what permissions you need to perform the procedure or run the cmdlet, do the following:

  1. In the table below, find the feature that is most related to the procedure you want to perform or the cmdlet you want to run.

  2. Next, look at the permissions required for the feature. You must be assigned one of those role groups, an equivalent custom role group, or an equivalent management role. You can also click on a role group to see its management roles. If a feature lists more than one role group, you only need to be assigned one of the role groups to use the feature. For more information about role groups and management roles, see Understanding Role Based Access Control.

  3. Now, run the Get-ManagementRoleAssignment cmdlet to look at the role groups or management roles assigned to you to see if you have the permissions that are necessary to manage the feature.

    Note

    You must be assigned the Role Management management role to run the Get-ManagementRoleAssignment cmdlet. If you don't have permissions to run the Get-ManagementRoleAssignment cmdlet, ask your Exchange administrator to retrieve the role groups or management roles assigned to you.

If you want to delegate the ability to manage a feature to another user, see Delegate role assignments.

Mailbox server permissions

Users who are assigned the View-Only Management role group can view the configuration of the features in the following table. For more information, see View-only Organization Management.

Feature Permissions required
Calendar repair, server configuration Organization Management

Server Management
Delegating Mailbox servers Organization Management
Email address policies Organization Management

Server Management
Exchange Search Organization Management

View-only Organization Management

Server Management
Exchange Search - diagnostics Organization Management

View-only Organization Management

Support Diagnostics role

Note: The Support Diagnostics role isn't assigned to a role group. For more information, see Add a role to a user or USG.
Group metrics Organization Management

Server Management
Import Export Mailbox Import Export role

Note: The Mailbox Import Export role isn't assigned to a role group. For more information, see Mailbox Import Export role.
Mailbox Assistants Organization Management

Server Management
Mailbox moves Organization Management

Recipient Management
Mailbox recovery Organization Management
Mailbox repair request Organization Management

Server Management

Recipient Management
Mailbox restore request Organization Management
Mailbox server configuration Organization Management

Server Management
Manage Exchange Search Indexer service on a Mailbox server Local Administrator on the Mailbox server
MAPI connectivity Organization Management

Server Management
OAB virtual directories Organization Management

Server Management
Remove store mailbox Organization Management

Server Management

Calendar and sharing permissions

Users who are assigned the View-Only Management role group can view the configuration of the features in the following table. For more information, see View-only Organization Management.

Feature Permissions required
Calendar configuration Organization Management

Recipient Management

Help Desk
Calendar diagnostics Organization Management

Records Management

Hygiene Management

Compliance Management

Help Desk
Calendar processing Organization Management

Recipient Management

Help Desk
Notifications Organization Management

Recipient Management
Organization relationships Organization Management
Sharing policies Organization Management

Resource mailbox configuration permissions

Users who are assigned the View-Only Management role group can view the configuration of the features in the following table. For more information, see View-only Organization Management.

Feature Permissions required
Booking policies Organization Management

Recipient Management

Help Desk
Delegation Organization Management

Recipient Management
Resource mailbox schema configuration Organization Management

Mailbox database permissions

Users who are assigned the View-Only Management role group can view the configuration of the features in the following table. For more information, see View-only Organization Management.

Feature Permissions required
Mailbox databases Organization Management

Server Management

Recipient provisioning permissions

This table contains the various permissions that are required to manage recipients.

Users who are assigned the View-Only Management role group can view the configuration of the features in the following table. For more information, see View-only Organization Management.

Feature Permissions required
Address list, GAL Organization Management
Anti-spam Organization Management

Recipient Management
Apps for Outlook Organization Management

View-only Organization Management

Help Desk
Applying sharing policies Organization Management

Recipient Management
Arbitration Organization Management
Archive connectivity Organization Management

View-only Organization Management

Server Management
Assigning offline address books Organization Management

Recipient Management
Automatic replies Organization Management

Recipient Management

Help Desk
Calendar configuration Organization Management

Recipient Management
Calendar repair Organization Management

Recipient Management
Contact aggregation settings Organization Management

Recipient Management

View-only Organization Management
Disconnected mailboxes Organization Management

Recipient Management

Help Desk
Distribution groups Organization Management

Recipient Management
Dynamic distribution groups Organization Management

Recipient Management
Email addresses Organization Management

Recipient Management

UM Management
Inbox rules Organization Management

Recipient Management

Help Desk
Mail contacts Organization Management

Recipient Management
Mail tips Organization Management

Recipient Management
Mail user Organization Management

Recipient Management
Mailbox folder permissions Organization Management

Recipient Management

Help Desk
Mailbox folders Organization Management

Recipient Management
MAPI connectivity Organization Management

Message configuration Organization Management

Recipient Management

Help Desk
Message quotas Organization Management

Recipient Management
Moderation Organization Management

Recipient Management
Permissions and delegation Organization Management
Archive mailboxes Organization Management

Recipient Management
Recipient data properties Organization Management

Recipient Management
Remote mailboxes Organization Management

Recipient Management
Retention and legal holds Organization Management

Recipient Management

Records Management
Send As Organization Management

Recipient Management
Spelling configuration Organization Management

Recipient Management

Help Desk
Unified Messaging Organization Management

UM Management
User mailboxes Organization Management

Recipient Management
User photos Organization Management

Recipient Management

Help Desk

Mailbox move and migration permissions

The table contains the permissions that are required to move on-premises mailboxes to different domains or forests and to migrate on-premises mailboxes to and from your cloud-based organization.

Feature Permissions required
Mailbox moves (local or cross-forest) Organization Management

Recipient Management
Mailbox moves (hybrid deployment) Organization Management

Recipient Management
Migration (on-boarding and off-boarding from the cloud) Organization Management

Recipient Management