What are the effective permissions of Exchange roles

The Exchange Administration Delegation Wizards allows you to define roles at the organization level, or at the administrative group level. Where you define a role, combined with the role that you grant may create “effective” permissions. Effective permissions are permissions granted as a side-effect of a granted permission. For example, when you assign a group view-only permissions at the Organization level, the group will also have view-only permissions at the Administrative Group level. Thus, the effective, or actual, permissions of the group are view-only at both the Organization and Administrative Group levels.
More specifically, at the administrative group level:

• Exchange Administrator includes Exchange View Only Administrator at the organization level.
• Exchange Full Administrator includes both Exchange Administrator at the administrative group level and Exchange View Only Administrator at the organization level.
• Exchange View Only Administrator at the organizational level.

Additionally, at the organization level:

• Exchange View Only Administrator includes Exchange View Only Administrator at the administrative group level.
• Exchange Administrator includes Exchange View Only Administrator at the organization level, which gives Exchange Administrator Exchange View Only Administrator at the administrative group level.
• Exchange Full Administrator includes all other permissions at both the organization and administrative group levels.

The following table provides a summary of the effective permissions versus the granted permissions.

Effective permissions versus granted permissions

* = Local administrative group only  AG = Administrative group level  ORG = Organization level