I got an email from an Exchange admin asking me a way to find who has the rights to export & import mailbox data from/to PSTs. The answer is a quick one-liner in the Exchange Shell.
We know that the “Mailbox Import Export” role is not assigned to anyone by default, even to the Org Management group. We can assign a user/group the permission by running the following command in Exchange Shell.
New-ManagementRoleAssignment –Role “Mailbox Import Export” –User “username” or
New-ManagementRoleAssignment –Role “Mailbox Import Export” –SecurityGroup “group name”
But, how will we find who has the rights currently? Run the following in the Shell to find out.
Get-ManagamentRoleAssignment –Role “Mailbox Import Export” | fl RoleAssigneeName
The reason why Organization Management comes up, even though I haven’t explicitly given the rights (which I can), is because of the fact that members of the Organization Management group can delegate the “Mailbox Import Export” role to either themselves or others. It will become clear if you add the RoleAssignmentDelegationType parameter in the output.
Hi Rajith.. Back again ;)
A quick question – I thought the members of the “Organization Management” weren’t allowed to use the commands and that one (or a group one was a member of) explicitly had to be added (as Regular) in order to for example run new-mailboxexportrequest..
Can you clarify?
Has this maybe changed in Ex2010 SP2?
-Jonas
HI Jonas,
It could be that I gave Org management the rights for export/import much earlier.
I dont think it has changed in SP2.
Thanks.
typo: Get-ManagAmentRoleAssignment
Thanks Chw.
Good stuff. As always very clear instructions – well done Rajith
Thanks Jonas.