The Exchange Administration Delegation Wizards allows you to define roles at the organization level, or at the administrative group level. Where you define a role, combined with the role that you grant may create “effective” permissions. Effective permissions are permissions granted as a side-effect of a granted permission. For example, when you assign a group view-only permissions at the Organization level, the group will also have view-only permissions at the Administrative Group level. Thus, the effective, or actual, permissions of the group are view-only at both the Organization and Administrative Group levels.
More specifically, at the administrative group level:
Additionally, at the organization level:
The following table provides a summary of the effective permissions versus the granted permissions.
|Granted Permissions||AG: View||AG: Admin||AG: Full Admin||ORG: View||ORG: Admin||ORG: Full Admin|
|AG: Exchange View Only Administrator||Yes||None||None||Yes||None||None|
|AG: Exchange Administrator||Yes||Yes*||None||Yes||None||None|
|AG: Exchange Full Administrator||Yes||Yes*||Yes*||Yes||None||None|
|ORG: Exchange View Only Administrator||Yes||None||None||Yes||None||None|
|ORG: Exchange Administrator||Yes||Yes||None||Yes||Yes||None|
|ORG: Exchange Full Administrator||Yes||Yes||Yes||Yes||Yes||Yes|
* = Local administrative group only AG = Administrative group level ORG = Organization level