Export (0) Print
Expand All

Add Members to a Role Group

Exchange 2010
 

Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2

Topic Last Modified: 2012-07-23

To give a user the permissions that are granted by a management role group, you need to add the user, or a universal security group (USG), or another role group that the user is a member of, as a member of the role group. For more information about role groups in Microsoft Exchange Server 2010, see Understanding Management Role Groups.

Looking for other management tasks related to administrators and specialist users? Check out Managing Administrator and Specialist Users.

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Role groups" entry in the Role Management Permissions topic.

  1. In the Exchange Management Console (EMC), navigate to Toolbox in the console tree.

  2. In the work pane, double-click Role Based Access Control (RBAC) User Editor to open the user editor in the Exchange Control Panel (ECP).

  3. Provide credentials in the Domain\user name and Password fields for an account that has the permissions needed to open the user editor in the ECP. Click Sign in.

  4. Click the Administrator Roles tab.

  5. Select the role group you want to add members to and, then click Details.

  6. In the Members section, click Add.

  7. Select the users, USGs, or other role groups you want to add to the role group, and then click OK.

  8. Click Save to save the changes to the role group.

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Role groups" entry in the Role Management Permissions topic.

To add a mailbox as a member of a role group, use the following syntax.

Add-RoleGroupMember <role group name> -Member <member>

This example adds the mailbox Robert to the Seattle Administrators role group.

Add-RoleGroupMember "Seattle Administrators" -Member Robert

For detailed syntax and parameter information, see Add-RoleGroupMember.

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Role groups" entry in the Role Management Permissions topic.

You can use the Get-User cmdlet to add members to a role group if the mailboxes match the criteria you specify in a filter. The Add-RoleGroupMembers cmdlet doesn't accept the object type provided by the Get-User cmdlet, so you need to pass the data through the ForEach statement first.

This procedure makes use of pipelining, variables, recipient filters, and the ForEach statement. For more information about these concepts, see the following topics:

To add mailboxes that meet the criteria you specify as members of a role group, do the following.

  1. Collect the mailboxes that match the criteria you specify using the Get-User command with the Filter parameter and store the mailboxes in a variable.

    $Mailboxes = Get-User -Filter { RecipientType -Eq "UserMailbox" -and <filter criteria> }
    
  2. This is an optional step. View the list of mailboxes stored in the $Mailboxes variable.

    $Mailboxes
    
  3. Pass the mailboxes stored in the $Mailbox variable to the Add-RoleGroupMember cmdlet that's running in a ForEach statement.

    $Mailboxes | ForEach { Add-RoleGroupMember <role group name> -Member $_.Name }
    

This example adds all the mailboxes that are in the Sales IT Staff department to the Sales Help Desk role group.

$Mailboxes = Get-User -Filter { RecipientType -Eq "UserMailbox" -and Department -Eq "Sales IT Staff" }
$Mailboxes | ForEach { Add-RoleGroupMember "Sales Help Desk" -Member $_.Name }

For detailed syntax and parameter information, see Add-RoleGroupMember.

 © 2010 Microsoft Corporation. All rights reserved.
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft