Objective 2.2 Exchange 2010 Flashcards
Objective 2.2: Configure RBAC.
Administrators with limited permissions are often termed ______ users.
specialist
Delegates of a specific management role who also hold the ______ role can assign the role to other users.
Role Management
The following command assigns the transport rules management role to the Glasgow Recipient Admins role group, naming it “Transport_Rules_Glasgow_Recipient_Admins” and scopes the assignment to the Marketing OU in the Adatum.com domain: ______.
New-ManagementRoleAssignment -Name “Transport_Rules_Glasgow_Recipient_Admins” -SecurityGroup “Glasgow Recipient Admins” -Role “Transport Rules” -RecipientOrganizationalUnitScope Adatum.com/Marketing
You can use the ______ to create and configure a management scope.
EMS
The following command creates a management scope named “Hub Servers” that contains the Hub Transport servers HUB01, HUB02, and HUB03: ______.
New-ManagementScope -Name “Hub Servers” -ServerList HUB01, HUB02, HUB03
The following command adds Hub Transport server HUB04 to the management scope named “Hub Servers”, along with HUB01, HUB02, and HUB03: ______.
Set-ManagementScope -Identity “Hub Servers” -ServerList HUB01, HUB02, HUB03, HUB04
You can define role members by specifying an OU. For example, the following command creates a new management role assignment named “Transport_Rules_Brisbane” that assigns the Transport Rules role to the Brisbane Recipient Admins group but limits its use to accounts in the Marketing OU in the Brisbane.Adatum.com domain: ______.
New-ManagementRoleAssignment –Name “Transport_Rules_Brisbane” -SecurityGroup “Brisbane Recipient Admins” –Role “Transport Rules” –DomainOrganizationUnitRestriction Brisbane.Adatum.com/Marketing
All the built-in management role groups are located in the Microsoft ______ OU in Active Directory Domain Services (AD DS).
Exchange Security Groups
The exam objectives specifically identify the Help Desk management role group. By default, membership of this role group enables users to view and modify the ______ options of any user in the organization.
Outlook Web Access
Role holders in the ______ management role group can perform limited recipient management, such as managing a user’s display name and address.
Help Desk
If you want members of the Help Desk role group to manage mailboxes, mail contacts, and mail-enabled users, you can assign the ______ management role to this role group.
Mail Recipients
You can use the EMS ______ cmdlet to create a role group.
New-RoleGroup
The command that follows creates a role group called “Transport Role Group” that is assigned to the Transport Rules management role. The role group is assigned to Kim Akers and Don Hall and can be managed by Kim Akers. The role group is created in the Exchange Security Groups AD DS container: ______.
New-RoleGroup -Name “Transport Role Group” -Roles “Transport Rules” -Members “Kim Akers”, “Don Hall” -ManagedBy “Kim Akers”
An ______ role enables its members to create, modify, view, and remove address lists, global address lists, and offline address books.
Address Lists Management
There is no built-in management role group for address list management, but it is a good idea to create a custom role group (named “Address Lists Management”) whose members (“Kim Akers”, “Don Hall”, “Charlie Herb”, “Mor Hezi”, “Patrick Hines”) can perform this function. This group will be managed by “Kim Akers”. To do this, you would issue an EMS command similar to the following: ______.
New-RoleGroup -Name “Address Lists Management” -Roles “Address Lists” -Members “Kim Akers”, “Don Hall”, “Charlie Herb”, “Mor Hezi”, “Patrick Hines” -ManagedBy “Kim Akers”