Home > Microsoft Exchange Tips > Exchange Server Administration Tips > Exchange Admin 101: Exchange 2003 and Exchange 2007 admin privileges
Exchange Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 

EXCHANGE SERVER ADMINISTRATION TIPS

Exchange Admin 101: Exchange 2003 and Exchange 2007 admin privileges


Brien M. Posey
11.28.2007
Rating: -3.75- (out of 5)


Exchange Server tips, tutorials and expert advice
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


Organizations rarely implement a single level of administrative rights anymore because of the potential security problems that this can introduce. In larger organizations, for example, it's common to have several different administrators, each with permissions to manage a specific, contained aspect of the network. In smaller organizations, there often is a primary administrator who oversees a group of junior administrators. This tip explains the available administrative privileges in Exchange Server 2003 and Exchange Server 2007, and the differing levels of control that each admin role allows.

Exchange Server 2003 administrative roles

Exchange Server 2003 has different levels of administrative responsibility, and supports three types of administrative roles: Exchange Full Administrator, Exchange Administrator and Exchange View Only Administrator.

While creating various administrative roles was a step in the right direction, those used in Exchange Server 2003 are somewhat broad in scope. For example, Exchange Server 2003 doesn't allow you to appoint a user as an Exchange Administrator over one server, and not another. If a user is an Exchange Administrator, he has administrative control over the entire Exchange organization.

Exchange Server 2007 administrative roles

Microsoft revised the administrative roles in Exchange Server 2007 to allow organizations to delegate specific management responsibilities to various administrators. There are four different administrative roles in Exchange 2007: Exchange Organization Administrators, Exchange Recipient Administrators, Exchange Server Administrators and Exchange View Only Administrators.



Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


RELATED CONTENT
Microsoft Exchange Server Permissions
Exchange users receiving email addressed to legacy users
Restrict access to Outlook Web Access via Exchange System Manager
Why you should secure Exchange 2007 using administrative policies
Editing Exchange Server public folder permissions
Can't delete old Microsoft Outlook public folders
Why can't I grant users permissions to an Exchange public folder?
Exchange public folder calendar can't be opened in Microsoft Outlook
Grant or deny permissions to access a user's Exchange 2007 mailbox
Set Outlook calendar permissions for group to view private meetings
Selectively set email permissions for Exchange groups

Microsoft Exchange Server 2007
Using Mobile Device Manager 2008 server roles in Exchange 2007
Relocating Outlook email messages on a hosted Exchange 2007 server
New high availability features in Exchange Server 2010
An introduction to the DSAccess service in Exchange Server 2007
Control Outlook 2007 in cached mode settings with group policies
Exchange Performance Monitor tracks domain controller communication
Meeting Workspaces in Microsoft Office SharePoint Server 2007
Exchange Server 2007 SP2 reinstates built-in backup capabilities
Three Performance Monitors counters to use in Exchange Server 2007
Understanding Exchange Server 2007 SP1 mobile security settings
Microsoft Exchange Server 2007 Research

Microsoft Exchange Server 2003
Should you remove .STM files from Exchange Server 2003?
Troubleshoot 'System Attendant' error messages in OWA
Configuring the default recipient policy in an Exchange 2003 environment
Removing old disclaimers from Exchange Server 2003
ExMerge gotchas to watch for when migrating Exchange 2003 mailboxes
Recovering deleted items after an Exchange 2003 migration
Linking two Exchange 2003 servers in different forests
Microsoft Exchange Server virtualization tutorial
Installing Exchange Server 2003 and a domain controller on the same hardware
Migrating new users onto Exchange Server 2003
Microsoft Exchange Server 2003 Research

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
privilege  (SearchExchange.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


When Exchange Server 2007 is installed onto a server, Setup creates a security group named Exchange Server Administrator <servername>. Administrators with the Exchange Server Administrator control are members of this group, and have full control over the server in question. The administrator will have full access to all of the server's configuration data, and can take on the role of a local Windows administrator (not a domain administrator). Exchange Server Administrators also appointed to the role of Exchange View-only Administrators.

While Exchange Server Administrators have total control over a specific server, they cannot manage recipients. This role is used most often to allow an administrator in a branch office to maintain an Exchange Server located within that office.

About the author: Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Exchange Server, and has previously received Microsoft's MVP award for Windows Server and Internet Information Server (IIS). Brien has served as CIO for a nationwide chain of hospitals and was once responsible for the Department of Information Management at Fort Knox. As a freelance technical writer, Brien has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at www.brienposey.com.

Do you have comments on this tip? Let us know.

Please let others know how useful this tip was via the rating scale below. Do you know a helpful Exchange Server, Microsoft Outlook or SharePoint tip, timesaver or workaround? Email the editors to talk about writing for SearchExchange.com.

Rate this Tip
To rate tips, you must be a member of SearchExchange.com.
Register now to start rating these tips. Log in if you are already a member.




DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.



Email Server Solutions: Exchange 2007, Exchange 2003, Exchange 2000, SharePoint
HomeNewsTopicsITKnowledge ExchangeTipsAsk the ExpertsMultimediaWhite PapersIT Downloads
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2004 - 2009, TechTarget | Read our Privacy Policy
  TechTarget - The IT Media ROI Experts