Scopes

All RBAC roles have scopes to tell Exchange which objects can be accessed and updated by holders of the role. The implicit (preset) scopes Exchange supports are:

Recipient read scope. Determines the Active Directory recipient objects (users, groups, contacts) the holder can read. When Organization is shown in the recipient read or write scope, the holder has access to every object in the organization. The default role assignment policy for users has Self as its scope, meaning that the holder can update properties of his mailbox.
Recipient write scope. Determines the Active Directory recipient objects the holder can update, create, or delete.
Configuration read scope. Determines the Active Directory configuration objects (servers, databases, ...

Get Microsoft Exchange Server 2013: Mailbox and High Availability now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Microsoft Exchange Server 2013: Mailbox and High Availability by Tony Redmond

Scopes

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly