Impersonating in Exchange 2007/2010

 

I have to start saying I haven’t got any hands-on experience with Exchange 2013

But to Impersonate in previous versions of MS Exchange following steps needs to be taken.

Create an user in your AD, that you will grant the Impersonation rights.

Once created follow the procedure bellow, finalize by restarting Information Store service (remember this has wide impact)

In this example I have created a user called impersonator in our

Fullname of example user is : Impersonator Service

Example AD : TEST

Example ExchangeServer : MAILxxxx

Example : Username is then test\impersonator

 Open powershell (elevated)

First we need to ensure ImpersonationRoleAssignmet is in place

The following example shows how to configure Exchange Impersonation to enable a service account to impersonate all other users in an organization.

>New-ManagementRoleAssignment –Name:impersonationAssignmentName –Role:ApplicationImpersonation –User:test\impersonator

>Get-ExchangeServer | Add-ADPermission -User test\impersonator -extendedRights ms-Exch-EPI-Impersonation -InheritanceType none

>Get-MailboxDatabase | Add-ADPermission -User test\impersonator -extendedRights ms-Exch-EPI-May-Impersonate -InheritanceType none
>Get-MailboxDatabase | ForEach-Object {Add-ADPermission -Identity “Impersonator Service” -User test\impersonator -ExtendedRights ms-Exch-EPI-May-Impersonate}

 Set EWS auth to basic default is $false

>Set-WebServicesVirtualDirectory -Server MAILxxxx -BasicAuthentication $true

Open services

Restart Microsoft Exchange Information Store (MSExchangeIS)

All syntax that’s supposed to be typed is in Italic and your own variables is highlighted in BOLD

External Refs:

http://msdn.microsoft.com/en-us/library/office/bb204095(v=exchg.140).aspx

Leave a Reply

© 2019: Noervig's notes | Easy Theme by: D5 Creation | Powered by: WordPress