Exchange Online administration tools
Topic Last Modified: 2013-10-15
Summary: Describes Microsoft Cloud Services portal, Exchange admin center, Exchange Online Protection Administration Center, and other administrative tools for Exchange Online.
Here are the tools that Office 365 provides to help you manage your Exchange Online services.
The Microsoft Cloud Services portal allows administrators to add users and user domains, manage licenses, create groups, and perform other common administration tasks across the services in Office 365. From within the console, administrators can follow links to the Exchange Control Panel, where they can manage settings specific to Exchange Online.
The Exchange admin center (EAC) is the web-based management console you use to manage the items related to email that you can’t manage by using the Office 365 admin center. The EAC replaces the Exchange Control Panel (ECP), which was the interface used to manage your Exchange organization in the earlier releases of Exchange Online.
Administrators can give users access to selected features in the Exchange Control Panel, using the more detailed Role-Based Access Control User Editor. For more information, see Exchange Admin Center in Exchange Online.
The Microsoft Exchange Online Protection (EOP) Administration Center allows Exchange Online customers to manage advanced settings relating to email flow and hygiene. Within the EOP Administration Center, you can:
Access reports and statistics on email hygiene for your domains.
Set advanced policy filters that are not available via Exchange Online transport rules, such as rules that are triggered by the IP address of inbound or outbound servers.
Configure forced Transport Layer Security (TLS) connections for specific domains.
Perform advanced message tracing.
Configure organization-level safe and blocked senders.
|Some settings are read-only in the EOP Administration Center to help prevent administrators from inadvertently causing problems with their organization’s mail flow.|
Administrators can access the EOP Administration Center via the Microsoft Cloud Services portal.
For more information, see Exchange Online Protection.
With Windows PowerShell Remote—better known as Remote PowerShell—administrators can connect to Exchange Online to perform management tasks that are not available or practical in the web management interface. For example, they can use Remote PowerShell to automate repetitive tasks, extract data for custom reports, customize policies, and connect Exchange Online to existing infrastructure and processes.
To use Remote PowerShell, administrators’ computers must be running the Windows Management Framework, which contains Windows PowerShell v2 and WinRM 2.0. These components are already installed in computers running Windows 7 or Windows Server 2008 R2. Administrators can manually download these components for computers running other operating systems. Administrators do not need to install any Exchange Server management or migration tools in order to use Remote PowerShell.
Exchange Online uses the same PowerShell cmdlets as Exchange Server 2013, with certain commands and parameters disabled because these features do not apply in the data center environment.
For a list of the cmdlets available to Exchange Online administrators, see Exchange Online Cmdlets.
Exchange Online uses a role-based access control (RBAC) model that allows administrators to finely control access to Office 365 service offerings. Using RBAC, administrators can delegate tasks to employees in the IT department as well as to non-IT employees. For example, if a compliance officer is responsible for mailbox search requests, the administrator can delegate this administrative feature to the officer.
Exchange Online uses the same flexible RBAC framework as Exchange Server 2013. Administrators can use the Exchange Control Panel to assign users to built-in roles and role groups. Alternatively, they can use Remote PowerShell to create custom RBAC roles. For example, an administrator can create a custom role to let the help desk team manage mailboxes only for users in a certain subsidiary or geographic region.
For more information, see Permissions in Exchange Online.
|The Office 365 platform has an implementation of RBAC that is separate from Exchange Online RBAC. Users who are global administrators in Office 365 are assigned organization administrator permissions by default in Exchange Online. Otherwise, the two security models are managed separately.|