Mailbox-Enabling User Objects
To mailbox-enable a user or inetOrgPerson object, the Exchange administrator must apply the Exchange delegated role, Exchange View-Only Administrator (or higher), on the target administrative group.
In addition, the Exchange administrator must have Read and Write access to the following user or inetOrgPerson object attributes:
adminDisplayName
autoReplyMessage (ILS Settings)
displayName (Display Name)
dLMemDefault
homeMDB (Exchange Mailbox Store)
homeMTA
legacyExchangeDN
mail (E-Mail Address)
mailNickname (Alias)
mAPIRecipient
mDBUseDefaults
msExchADCGlobalNames
msExchControllingZone
msExchFBURL
msExchHideFromAddressLists
msExchHomeServerName (Exchange Home Server)
msExchMailboxGuid
msExchMailboxSecurityDescriptor
msExchPoliciesExcluded
msExchPoliciesIncluded
msExchResourceGUID
msExchUserAccountControl
proxyAddresses (Proxy Addresses)
showInAddressBook
targetAddress
textEncodedORAddress