サポートと今すぐチャット
サポートとのチャット

Active Roles 8.1.3 - Built-in Access Templates Reference Guide

Configuration – Advanced ATs

To delegate more granular configuration object management permissions in your environment, use the Access Templates (ATs) in the Configuration > Access Templates > Configuration > Advanced container of the Active Roles Console.

These ATs contain more granular configuration object management tasks for local groups, local users, printers, services and shared resources.

Table 16: Configuration – Advanced Access Templates

Access Template

Description

Access Templates - Copy

Grants permission to copy ATs.

NOTE: This AT provides no additional permissions.

Access Templates - Create

Grants permission to create ATs.

NOTE: This AT provides no additional permissions.

Access Templates - Delete

Grants permission to delete ATs.

NOTE: This AT provides no additional permissions.

Access Templates - List

Grants permission to list ATs.

NOTE: This AT provides no additional permissions.

Access Templates - Read/Write Permissions

Grants permission to view or modify the permission entries of ATs.

NOTE: This AT provides no additional permissions.

Access Templates - Rename

Grants permission to rename ATs.

NOTE: This AT provides no additional permissions.

Policy Objects - Copy

Grants permission to copy Active Roles Policy Objects.

NOTE: This AT provides no additional permissions.

Policy Objects - Create

Grants permission to create Active Roles Policy Objects.

NOTE: This AT provides no additional permissions.

Policy Objects - Delete

Grants permission to delete Active Roles Policy Objects.

NOTE: This AT provides no additional permissions.

Policy Objects - List

Grants permission to list Active Roles Policy Objects.

NOTE: This AT provides no additional permissions.

Policy Objects - Read/Write Policy Entries

Grants permission to view or modify policy definitions, that is, Policy Object entries in Active Roles Policy Objects.

NOTE: This AT provides no additional permissions.

Policy Objects - Rename

Grants permission to rename Active Roles Policy Objects

NOTE: This AT provides no additional permissions.

Script Modules - Copy

Grants permission to copy Active Roles Script Modules.

NOTE: This AT provides no additional permissions.

Script Modules - Create

Grants permission to create Active Roles Script Modules.

NOTE: This AT provides no additional permissions.

Script Modules - Delete

Grants permission to delete Active Roles Script Modules.

NOTE: This AT provides no additional permissions.

Script Modules - List

Grants permission to list Active Roles Script Modules.

NOTE: This AT provides no additional permissions.

Script Modules - Read/Write Script Text

Grants permission to view or modify scripts stored in Active Roles Script Modules.

NOTE: This AT provides no additional permissions.

Script Modules - Rename

Grants permission to rename Active Roles Script Modules.

NOTE: This AT provides no additional permissions.

Exchange

The Configuration > Access Templates > Exchange container of the Active Roles Console contains Access Templates (ATs) that you can use to delegate Microsoft Exchange recipient management duties, such as:

  • Managing recipient settings.

  • Using the Exchange Tasks Wizard.

  • Managing email addresses.

  • Configuring general and advanced message settings.

This container has an Advanced sub-container, containing special ATs for Microsoft Exchange resource management with very granular permissions. For more information, see Computer Resources – Advanced ATs.

Exchange – General ATs

To delegate common Microsoft Exchange management permissions in your organization, use the Access Templates (ATs) in the root of the Configuration > Access Templates > Exchange container of the Active Roles Console.

NOTE: Active Roles 8.1.3 contains several outdated Exchange ATs. The name of these ATs contain the (deprecated) suffix, and are not listed in the following table.

Table 17: Exchange – General Access Templates

Access Template

Description

Exchange - Configure Calendar Settings

Grants the following permissions:

  • View or modify the Calendar Settings of Exchange recipients.

  • List all Exchange users.

  • View all Exchange properties of users.

Exchange - Configure E-mail Addresses

Grants the following permissions:

  • View or modify the E-Mail Addresses settings of Exchange recipients.

  • List all Exchange users, groups and contacts.

  • View all Exchange properties of users, groups and contacts.

Exchange - Configure Exchange Advanced Settings

Grants the following permissions:

  • View or modify the Advanced Exchangesettings of Exchange recipients.

  • List all Exchange users, groups and contacts.

  • View all Exchange properties of users, groups and contacts.

Exchange - Configure Exchange General Settings

Grants the following permissions:

  • View or modify the General Exchangesettings of Exchange recipients.

  • List all Exchange users, groups and contacts.

  • View all Exchange properties of users, groups and contacts.

Exchange - Configure Mail Flow Settings

Grants the following permissions:

  • View or modify the Mail Flow Settings of Exchange recipients.

  • List all Exchange users, groups and contacts.

  • View all Exchange properties of users, groups and contacts.

Exchange - Configure Mailbox Features

Grants the following permissions:

  • View or modify the Mailbox Features settings of Exchange recipients.

  • List all Exchange users.

  • View all Exchange properties of users.

Exchange - Configure Mailbox Settings

Grants the following permissions:

  • View or modify the Mailbox Settings of Exchange recipients.

  • List all Exchange users.

  • View all Exchange properties of users.

Exchange - Configure Resource General Settings

Grants the following permissions:

  • View or modify the Resource > General settings of Exchange recipients.

  • List all Exchange users.

  • View all Exchange properties of users.

Exchange - Configure Resource Information Settings

Grants the following permissions:

  • View or modify the Resource > Information settings of Exchange recipients.

  • List all Exchange users.

  • View all Exchange properties of users.

Exchange - Configure Resource In-Policy Requests

Grants the following permissions:

  • View or modify the Resource > In-Policy Requests settings of Exchange recipients.

  • List all Exchange users.

  • View all Exchange properties of users.

Exchange - Configure Resource Out-of-Policy Requests

Grants the following permissions:

  • View or modify the Resource > Out-of-Policy Requests settings of Exchange recipients.

  • List all Exchange users.

  • View all Exchange properties of users.

Exchange - Configure Resource Policy

Grants the following permissions:

  • View or modify the Resource > Policy settings of Exchange recipients.

  • List all Exchange users.

  • View all Exchange properties of users.

Exchange - Manage Resource, Linked and Shared Mailboxes

Grants the following permissions:

  • Create, read, or update room mailboxes, equipment mailboxes, linked mailboxes and shared mailboxes.

  • List all Exchange users.

  • View all Exchange properties of users.

Exchange - Perform Exchange Tasks

Grants the following permissions:

  • Create any kind of mailbox.

  • Use the Exchange Task Wizard to manage Exchange recipients.

  • List all Exchange users, groups and contacts.

  • View all Exchange properties of users, groups and contacts.

Exchange - Recipients Full Control

Grants the following permissions:

  • Perform all Exchange recipient management tasks.

  • View or modify all properties of Exchange recipients.

  • List all Exchange users, groups and contacts.

  • View all Exchange properties of users, groups and contacts.

Exchange – Advanced ATs

To delegate more granular Microsoft Exchange resource management permissions in your environment, use the Access Templates (ATs) in the Configuration > Access Templates > Exchange > Advanced container of the Active Roles Console.

These ATs contain more granular Exchange resource management tasks for various mailbox resources.

Table 18: Exchange – Advanced Access Templates

Access Template

Description

Exchange - Convert Linked Mailbox to User Mailbox

Grants permission to convert linked mailboxes to user mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Convert User Mailbox to Linked Mailbox

Grants permission to convert user mailboxes to linked mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Create Equipment Mailboxes

Grants permission to create equipment mailboxes for new or existing equipment resources.

NOTE: This AT provides no additional permissions.

Exchange - Create Linked Mailboxes

Grants permission to create linked mailboxes for new or existing user accounts.

NOTE: This AT provides no additional permissions.

Exchange - Create Room Mailboxes

Grants permission to create room mailboxes for new or existing room resources.

NOTE: This AT provides no additional permissions.

Exchange - Create Shared Mailboxes

Grants permission to create shared mailboxes for new or existing user accounts.

NOTE: This AT provides no additional permissions.

Exchange - Create User Mailboxes

Grants permission to create user mailboxes for new or existing user accounts.

NOTE: This AT provides no additional permissions.

Exchange - Delete Recipient's E-mail Address

Grants permission to delete email addresses.

NOTE: This AT provides no additional permissions.

Exchange - Delete User Mailbox

Grants permission to delete user mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Designate Contact as Mail-Enabled

Grants permission to designate contacts as mail-enabled recipients.

NOTE: This AT provides no additional permissions.

Exchange - Designate Group as Mail-Enabled

Grants permission to designate groups as mail-enabled recipients.

NOTE: This AT provides no additional permissions.

Exchange - Designate User as Mail-Enabled

Grants permission to designate users as mail-enabled recipients.

NOTE: This AT provides no additional permissions.

Exchange - Enable Archive

Grants permission to enable archives for Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Enable Unified Messaging

Grants permission to enable Unified Messaging for Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Move Mailbox

Grants permission to move Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read ERFM Attributes

Grants permission to read the Exchange Resource Forest Management-specific (ERFM-specific) attributes of master accounts.

TIP: Assign this AT to the administrators delegated to manage the ERFM solution and its associated resources.

NOTE: Consider the following when planning to delegate permissions for reading ERFM-specific attributes:

  • This AT will work properly only if Exchange Resource Forest Management (ERFM) is configured in your organization. For more information, see Configuring linked mailboxes with Exchange Resource Forest Management in the Active Roles Administration Guide.

  • You do not have to apply this AT if your organization already uses any general-purpose ATs for delegating Exchange recipient management tasks. This is because those ATs already provide the required permissions for reading the ERFM-related attributes of master accounts too.

Exchange - Read/Write Address Book Policy

Grants permission to change the address book policy settings on the Mailbox Settings page of Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Advanced Properties for Mailbox-Enabled Users

Grants permission to view or modify the Advanced Exchange properties for mailbox-enabled users.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Advanced Properties for Mail-Enabled Groups

Grants permission to view or modify the Advanced Exchange properties for mail-enabled groups.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Advanced Properties for Mail-Enabled Users and Contacts

Grants permission to view or modify the Advanced Exchange properties for mail-enabled contacts and users.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Archive

Grants permission to view or modify the Mailbox Features > Archive settings of Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Archive Quota

Grants permission to view or modify the archive quota settings on the Mailbox Features page of Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Autoreply Settings

Grants permission to view or modify the automatic reply settings of Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Custom Attributes

Grants permission to view or change custom Exchange attributes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Deleted Item Retention Period

Grants permission to view or modify the retention period of deleted items in Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Delivery Options

Grants permission to change the delivery options of Mail Flow Settings for Exchange recipients.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Exchange ActiveSync

Grants permission to view or modify the Mailbox Features > Exchange ActiveSync settings of Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange- Read/Write Forwarding Address

Grants permission to view or modify the Forwarding Address setting of Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write ILS Settings

Grants permission to view or modify the ILS Settings of Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write IMAP4

Grants permission to view or modify the Mailbox Features > IMAP4 settings of Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Mailbox Rights

Grants permission to view or modify the security settings of Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Mailbox Storage Limits

Grants permission to view or modify the storage limit of Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write MAPI

Grants permission to view or modify the Mailbox Features > MAPI settings of Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Maximum Size of Incoming Messages

Grants permission to view or modify the Maximum Size of Incoming Messages setting of Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Maximum Size of Outgoing Messages

Grants permission to view or modify the Maximum Size of Outgoing Messages setting of Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Message Delivery Restrictions

Grants permission to view or modify the message delivery restrictions of the Mail Flow Settings for Exchange recipients.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Message Moderation

Grants permission to view or modify the message moderation options of the Mail Flow Settings for Exchange recipients.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Message Restrictions

Grants permission to view or modify the Message Restrictions for Exchange recipients.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Message Size Restrictions

Grants permission to view or modify the Message Size Restrictions for Exchange recipients.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Messaging Records Management

Grants permission to view or modify the Mailbox Settings > Messaging Records Management (MRM) settings for Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Outlook Mobile Access

Grants permission to view or modify the Mailbox Features > Outlook Mobile Access settings for Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Outlook Web App

Grants permission to view or modify the Mailbox Features > Outlook Web App settings for Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write POP3

Grants permission to view or modify the Mailbox Features > POP3 settings for Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Protocol Settings

Grants permission to view or modify the protocol settings for Exchange recipients.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Recipient Limits

Grants permission to view or modify the recipient limit settings for Exchange recipients.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Role Assignment Policy

Grants permission to view or modify the Mailbox Settings > Role Assignment Policy settings for Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Send on Behalf Permission

Grants permission to view or modify the Send on Behalf permissions of Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Sharing

Grants permission to view or modify the Mailbox Settings > Sharing settings of Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Storage Quotas

Grants permission to view or modify the Mailbox Settings > Storage Quotas settings of Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Unified Messaging

Grants permission to enable or disable Unified Messaging for Exchange mailboxes.

NOTE: This AT provides no additional permissions.

Exchange - Read/Write Up-to-date Notifications

Grants permission to view or modify the Mailbox Features > Up-to-date Notifications settings of Exchange mailboxes.

NOTE: This AT provides no additional permissions.

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択