Hallo
ich habe ein Problem mit ManagementScopes, meine Config sieht wie folgt aus:
Code
[PS] C:\Windows\system32>Get-ManagementScope "User Accounts-Office" | fl
RunspaceId : 76bc75bf-154d-4ec8-b5bb-8f7e89105449
RecipientRoot : contonso.com/User Accounts/Office
RecipientFilter : ((((RecipientType -eq 'MailUser') -or (RecipientType -eq 'UserMailbox'))) -or (RecipientType
-eq 'MailContact'))
ServerFilter :
DatabaseFilter :
TenantOrganizationFilter :
ScopeRestrictionType : RecipientScope
Exclusive : False
AdminDisplayName :
ExchangeVersion : 1.10 (14.1.90.0)
Name : User Accounts-Office
DistinguishedName : CN=User Accounts-Office,CN=Scopes,CN=RBAC,CN=Contonso,CN=Microsoft Exchange,CN=Servi
ces,CN=Configuration,DC=Contonso,DC=com
Identity : User Accounts-Office
Guid : 05db99f5-d32e-4752-85ce-eebce0ac13d6
ObjectCategory : Contonso.com/Configuration/Schema/ms-Exch-Scope
ObjectClass : {top, msExchScope}
WhenChanged : 10/9/2012 9:21:41 PM
WhenCreated : 10/9/2012 10:36:19 AM
WhenChangedUTC : 10/9/2012 7:21:41 PM
WhenCreatedUTC : 10/9/2012 8:36:19 AM
OrganizationId :
OriginatingServer : DC01.Contonso.COM
IsValid : True
Alles anzeigen
Code
[PS] C:\Windows\system32>Get-ManagementRoleAssignment "Office_Administrators-User Accounts-Office" | fl
RunspaceId : 76bc75bf-154d-4ec8-b5bb-8f7e89105449
User : Contonso.com/Groups/MSX_Office_Administrators
AssignmentMethod : Direct
Identity : Office_Administrators-User Accounts-Office
EffectiveUserName : All Group Members
AssignmentChain :
RoleAssigneeType : SecurityGroup
RoleAssignee : Contonso.com/Groups/MSX_Office_Administrator
s_EMEA_CHBS
Role : Employee Recipient Creation - EMEA
RoleAssignmentDelegationType : Regular
CustomRecipientWriteScope : User Accounts-Office
CustomConfigWriteScope :
RecipientReadScope : Organization
ConfigReadScope : OrganizationConfig
RecipientWriteScope : CustomRecipientScope
ConfigWriteScope : OrganizationConfig
Enabled : True
RoleAssigneeName : MSX_Office_Administrators
IsValid : True
ExchangeVersion : 0.11 (14.0.550.0)
Name : Office_Administrators-User Accounts-Office
DistinguishedName : CN=Office_Administrators-User Accounts-Office,CN=Role Assignments,CN
=RBAC,CN=Contonso,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=Contonso,DC=com
Guid : 86a74b7f-5e37-4fe5-b889-c29138e26bc1
ObjectCategory : Contonso.com/Configuration/Schema/ms-Exch-Role-Assignment
ObjectClass : {top, msExchRoleAssignment}
WhenChanged : 10/9/2012 9:17:57 PM
WhenCreated : 10/9/2012 7:59:33 PM
WhenChangedUTC : 10/9/2012 7:17:57 PM
WhenCreatedUTC : 10/9/2012 5:59:33 PM
OrganizationId :
OriginatingServer : DC01.Contonso.COM
Alles anzeigen
Code
[PS] C:\Windows\system32>Get-ManagementRole "Employee Recipient Creation - EMEA"
Name RoleType
---- --------
Employee Recipient Creation - EMEA MailRecipients
Der User ist in der Gruppe MSX_Office_Administrators.
Trotzdem bekomme ich immer folgende Fehlermeldung:
Code
Summary: 1 item(s). 0 succeeded, 1 failed.
Elapsed time: 00:00:00
Test Account
Failed
Error:
'contonso.com/User Accounts/Office/Test Account' isn't within your current write scopes. Can't perform save operation.
Click here for help... http://technet.microsoft.com/en-US/library/ms.exch.err.default(EXCHG.141).aspx?v=14.1.379.0&t=exchgf1&e=ms.exch.err.ExE5C228
Exchange Management Shell command attempted:
Enable-Mailbox -Identity 'contonso.com/User Accounts/Office/Test Account' -Alias 'testaccount' -Database '2010_emea_small_001'
Elapsed Time: 00:00:00
Alles anzeigen
Ich habe keine RoleGroup angelegt sondern direkt eine Universal Security Group den ManagementRoleAssignment zugewiesen, aber das sollte ja kein PRoblem sein.
Hat jemand ne Idee was ich falsch mache?
vielen Dank
Basti