Creation of new admin role in Exchange Online Protecion

Similar Messages

• Creating a new address list for Exchange Online (Office 365) by two parameters

  Good day!
  I need to create two new address list in Exchange Online 2013 (Office 365) that users will choose the two parameters.
  Address sheet1: No staff
  Address Sheet2: Staff
  Parameters address sheet not staff:
  Parameter 1: Company
  It must match the value - MyCompany
  Parameter 2: job title
  it must be different from the value - Staff
  Parameters address sheet Staff:
  Parameter 1: Company
  It must match the value - MyCompany
  Parameter 2: job title
  It must match the value - Staff
  Problems:
  1) Is it possible to filter user mailboxes on the parameter of discrepancy?
  2) Can not find the parameter values ​​for the script field job title
  https://technet.microsoft.com/ru-ru/library/aa996912%28v=exchg.150%29.aspx
  https://technet.microsoft.com/en-us/library/bb738157%28v=exchg.150%29.aspx
  While on the side of 365 in the user properties such parameter is:
  http://joxi.ru/MAj0Jj7hGyDbme
  Company option too.

  I got to build a team that I need (describes the necessary conditions)
  and successfully held in PS 4.0 after connecting to the office 365:
  1) Set-ExecutionPolicy unrestricted
  2) $ UserCredential = Get-Credential
  (Data Entry Administrator 365)
  3) $ Session = New-PSSession -ConfigurationName
  Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $ UserCredential -Authentication Basic -AllowRedirection
  Import-PSSession $ Session
  4)
  PS C:\Windows\system32> New-AddressList -Name 'TEST1234' -RecipientFilter {((RecipientType -eq 'UserMailbox') -and ((Com
  pany -eq 'Company1') -and (Title -ne 'Student')))}
  Name                      DisplayName               RecipientFilter
  TEST1234                  TEST1234                  ((RecipientType -eq 'UserMailbox')
  -and (((Company -eq 'Company1...
  As a result, the new address list TEST1234 immediately appears. (When creating a new letter in the menu "To"), but on the inside
  it is empty (although there is 1 user which is fully consistent with those described in the filter conditions.).
  = (
  Tried a simple version:
  Office365
  не отображается в адресном списке.">The same thing - the only user with such parameters in AD -> Office365 is not displayed in the address list.
  (After running for a list TEST123 more than two days)
  Tell me what could be the problem?

• Connecting to Exchange Online using module vs. manually : module wont work

  I'm nearly at my wits' end. 
  I have installed MSOnline, and Active Directory modules for PS 3.0.
  I've created a PS module which contains a function, "connect-exchange" which simply gets my credentials, creates a new session for Microsoft Exchange online, then connects to MSonline and imports the PSsession for exchange. I run PS as administrator
  (windows 7), set-executionpolicy unsigned, open $profile and add in the modules I'll use most (Active Directory, MS Online, and my custom module). I run PS as my normal user, and get-module reports all three modules are loaded, including my custom one. I run
  the function "connect-exchange" and it goes as expected. I am redirected to two URI's and a Module name is listed with exported commands pertinent to managing Exchange Online. Great. The problem is that
  none of the cmdlets work, and the Exchange Online tmp module does not show up in get-module.
  The kicker is that If I open my custom module with the connect-exchange function, highlight the actual commands in the function and run them manually, everything works properly. 
  Letting PS do the module makes it appear to work, except nothing related to my exchange session shows up in get-module, and none of the cmdlets are available. Manually running the exact same code that is in the module makes it work.
  This is my custom module, which loads when I start powershell:
  Function Connect-Exchange()
  $cred = Get-Credential
  $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $cred -Authentication Basic -AllowRedirection
  Connect-MsolService -Credential $cred
  Import-PSSession $Session
  Running "connect-exchange" does connect, and this is the output (it is identical to the output as when I run the commands in the function manually, as would normally be expected):
  PS H:\> Connect-Exchange
  cmdlet Get-Credential at command pipeline position 1
  Supply values for the following parameters:
  WARNING: Your connection has been redirected to the following URI: "https://pod51009psh.outlook.com/powershell-liveid?PSVersion=3.0 "
  WARNING: Your connection has been redirected to the following URI: "https://by2prd0412psh.outlook.com/powershell-liveid?PSVersion=3.0 "
  ModuleType Name ExportedCommands
  Script tmp_j1a0we4q.sad {Add-AvailabilityAddressSpace, Add-DistributionGroupMember, Add-MailboxFolderPermiss...
  Get-module doesn't give me this module, tmp_j1a0we4q.sad. No Script modules are listed that give me any exchange exported commands. Get-PSsession shows 1 session, opened with Microsoft.Exchange . No exchange online cmdlets are available to me at this point
  (including any of the ExportedCommands listed above).
  If I remove the session, open the custom module (listed at the top of this message), highlight the code in the connect-exchange function, then F8, I get the exact same output as the 2nd box listed above, but my exchange cmdlets are available and usable.
  Any ideas why the function which is part of a module which is imported at the start of each PS session does not seem to work the same as running the commands in the function independently?

  Hey Ben,
  http://msdn.microsoft.com/en-us/library/windows/desktop/dd878284%28v=vs.85%29.aspx will probably give you a hint.
  "When a module is imported, a new session state is created for the module, and a
  PSModuleInfo object is created in memory. A session-state is created for each module that is imported (this includes the root module and any nested modules). The members that are exported from the root module, including any members that were exported to
  the root module by any nested modules, are then imported into the caller’s session state."
  Perhaps, because that module has it's own session, it's modules are being missed or are precluded from being imported into subsequent sessions. I do something very similar to you, except I just include the Connect-Exchange function in my profile.ps1 directly
  instead of creating a custom module.
  Good luck!
  Shane

• Create Admin Role

  Hi,
  How can I create an admin role in portal? PortalSystemAdministrator role has many privilages. I would like to create a new admin role which should be just be able to create users.
  Thanks in advance.

  Hi Sandeep,
  There is the code that u can use for create Organization. In the same way u can create Admin Role I think...
  <Action id='1'>
                 <expression>
                 <block>
                 <set name='og'>
            <new class='com.waveset.object.GenericObject'>
            <map>
                           <s>orgDisplayName</s>
            <ref>newOrg</ref>
            <s>orgParentName</s>
            <ref>oldOrg</ref>
            </map>
            </new>
            </set>
            <invoke name='setId'>
            <ref>og</ref>
            <concat>
            <s>Org:</s>
            <invoke name='currentTimeMillis' class='java.lang.System'/>
            </concat>
            </invoke>               
                 </block>
                 </expression>               
                 </Action>
                 <Action id='2' application='com.waveset.session.WorkflowServices'>
            <Argument name='op' value='checkinView'/>
            <Argument name='view'>
            <ref>og</ref>
            </Argument>
            </Action>
  Thanx
  Shant

• How much access does an Exchange Admin have to their servers in Exchange Online?

  Hello, my company is looking at moving our Organization to Exchange Online, and I have only begun researching what this means for me as an Admin.  Does the on-premise Exchange Admin still have access to create/configure objects such as  DAGs
  and Databases and use tools like MFCMAPI and Logparser to troubleshoot IIS and other types of logs?   I've been looking around and so far haven't found any documentation that gives a great amount of detail on how much of my environment I will actually
  still be managing.  Thanks.

  Hiya,
  There shouldn't be anything to be afraid of, it's likely that the role of Exchange Administrator will change as more and more companies adopt Office 365, but I would see this as an ideal opportunity to embrace these changes, broaden your existing Exchange
  knowledge with that of the other services offered through Office 365 such as Lync Online and SharePoint Online and become the Office 365 Administrator within your company.
  The offerings in Office 365 are changing at a rapid pace, with more and more features being added every month, couple that with Mobile Device Management using Microsoft Intune - if you fully embrace it, you will be offering your end users more flexibility
  and making them more productive in no time.
  Steven Hodson | http://www.stevenhodson.com | @_hodders

• Exchange Online: Migrating User Data to New Employee

  I'm sorry if this has been discussed already but all my searches for migrating, moving, or transferring all pointed to discussions regarding entire systems rather than users on the same system.  Further, I'm not asking anyone to write a script for me,
  I'm just trying to figure out if I'm re-inventing the wheel and just haven't found an existing script or am just plain doing it wrong.
  We are using Exchange Online (Office 365) without any sort of AD sync.  When a user leaves the company their addresses and mailbox data all need to get moved to their replacement and/or supervisor.  Sometimes, we have to temporarily remove the
  destination user's quotas to be able to receive this influx of data. These individual steps can be done via the admin console but I'm wondering if anyone has put it all together in a script.
    Thanks,
     Bryan

  Now, it doesn't surprise me that no one had written that _exact_ script.  I'm not asking anyone to and am capable to doing it myself provided it's possible via the various cmdlets.  However, I am surprised something along those lines hasn't been
  created.  All my searches yielded thousands of results dealing with the migration from one version of Exchange to another.  Yes, you can use Outlook but even for a medium sized company like the one I work at that is cumbersome and time consuming.
  You will not find the exact script but there are many scripts in the Gallery showing how to create and mange users. You will need to learn PowerShell to understand these as well as learn how to use the Exchange shell.
  Start small.  Try and create a script that connects to Exchange and retrives the user in question.  Liook at how PowerShell uses "Get" and "Set" commands to update objects.  In an afternoon of truying the examples you will have enough information
  to write your script and maybe ask a specific question when you get confused.
  Here are a whole list of articles on how to use PowerShell with Office 365.
  http://blogs.technet.com/b/heyscriptingguy/archive/tags/office+365/default.aspx
  ¯\_(ツ)_/¯

• DSN code 5.1.1 in Exchange Online delivery failed

  I've seen many questions about this error and can't seem to get a suitable solution for my situation, I attempted to install office 365 in a hybrid mode and abandoned the attempt after having various issues. I removed all connections and configurations with the
  on premise server and I have two domains, one is my on premise one is only office 365 now. when I log onto my office 365 account and try to email my other on premise domain I get this error, the email address I'm mailing is not on Office 365 but office
  365 online seems to think it is, I've tried all the clearing cache, same thing happens whether I use chrome or internet explorer, when I configure my office 365 in outlook 2013 I can send email to it, I can even email the account when sending from
  outlook lite using online 365 just not the un-lite version. I've deleted all mail from my office 365 account, deleted all contacts, reset the recent cache many times.
  My DNS for office 365 account is setup according to Microsoft recommendation, my dns for on premise has not been changed to reflect anything being in office 365.
  I can email my on premise accounts from anywhere except my office 365 online non-lite outlook web app. I can even email it form other office 365 accounts.
  I removed personal info from the following
  Delivery has failed to these recipients or groups:
  <email Address>
   The email address you entered couldn't be found. Check the recipient's email address then try to resend the message. For more tips to resolve this issue see
  DSN code 5.1.1 in Exchange Online. If the problem continues contact your help desk.
  Diagnostic information for administrators:
  Generating server: CO2PR0501MB1079.namprd05.prod.outlook.com
  IMCEAEX-_o=ExchangeLabs_ou=Exchange+20Administrative+20Group+20+28FYDIBOHF23SPDLT+29_cn=Recipients_cn=3a963b352729491c9140a11d3300c095-<name>[email protected]
  Remote Server returned '550 5.1.1 RESOLVER.ADR.ExRecipNotFound; not found'
  Original message headers:
  Received: from CO2PR0501MB1077.namprd05.prod.outlook.com (25.160.7.22) by
  CO2PR0501MB1079.namprd05.prod.outlook.com (25.160.7.24) with Microsoft SMTP
  Server (TLS) id 15.0.949.11; Thu, 12 Jun 2014 12:49:47 +0000
  Received: from CO2PR0501MB1077.namprd05.prod.outlook.com ([25.160.7.22]) by
  CO2PR0501MB1077.namprd05.prod.outlook.com ([25.160.7.22]) with mapi id
  15.00.0949.001; Thu, 12 Jun 2014 12:49:47 +0000
  Content-Type: application/ms-tnef; name="winmail.dat"
  Content-Transfer-Encoding: binary
  From: Darren Blanchard <[email protected]>
  To: Darren Blanchard <[email protected]>
  Subject: dfgddfgdfg
  Thread-Topic: dfgddfgdfg
  Thread-Index: AQHPhjzKzGKiXAQnXE+9tNdjn1VLUA==
  Date: Thu, 12 Jun 2014 12:49:46 +0000
  Message-ID: <[email protected]tlook.com>
  Accept-Language: en-US
  Content-Language: en-US
  X-MS-Has-Attach:
  X-MS-TNEF-Correlator: <[email protected]tlook.com>
  MIME-Version: 1.0
  X-Originating-IP: {xxx.xxx.xxx.xxx]
  Return-Path: [email protected]
  X-Microsoft-Antispam:
  BL:0;ACTION:Default;RISK:Low;SCL:0;SPMLVL:NotSpam;PCL:0;RULEID:

  According to the information you provided, since you can email to these recipients without issue when using the other clients, the issue may be related to the cache in OWA (Outlook Web App). To solve the issue, I suggest you try the following steps:
  Log into OWA, click “new mail” to compose a new message.
  In the “To:” tab, type the first letter of email address for the recipient, if it’s cached in OWA before, there will be a drop down list popping up. If so, please move the mouse on the mail address in the drop down list, then press the Delete key to delete
  the cache. If however you don’t see the drop down list when typing the user’s email address, please continue the following steps.
  Log into EAC (Exchange Admin Center), click “recipients”—“contacts”.
  Create a new contact using the external email address, this make sure the user is added as an external contact in the global address list.
  Back to OWA, in the new mail window, click the add icon in the right corner of the To tab.
  In the pop-up window, click the “>>” icon, under the Directory tab, click “Offline Global Address List”, then select the contact we just created. Send the message out, then check if the issue persists.

• Certificates for Office 365 Hybrid Exchange 2010 Exchange Online v15

  Certificates for Office 365 Hybrid Exchange 2010 Exchange Online v15
  We need to set up a hybrid server to allow us to begin moving mailboxes to Exchange Online. We created a new Server 2012 R2 server with Exchange 2013 SP1 to act as our Hybrid server. Reading the literature leaves me with questions about what
  certificates I need.  My understanding is that the certificates in play on the on-premise Exchange 2010 servers don't need to be changed.
  I've looked at the TechNet article "Certificate requirements for hybrid deployments" 
  http://technet.microsoft.com/en-us/library/hh563848(v=exchg.150).aspx
  Certificate requirements for the new Exchange 2013 SP1 server are still unclear to me, I think the new server needs a SAN certificate with:
  Hybridserver.domain.edu
  autodiscover.domain.edu
  EWS.domain.edu
  Can anyone clarify?

  Cert is required only if you want to deploy ADFS for SSO.
  Otherwise you can use your existing Cert for all the Services
  Cheers,
  Gulab Prasad
  Technology Consultant
  Blog:
  http://www.exchangeranger.com    Twitter:
    LinkedIn:
     Check out CodeTwo’s tools for Exchange admins
  Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

• Retrieval of all users in Exchange online

  Exchange Version: Exchange Online at Office 365
  API Name: EWS API 2.0
  IDE: Visual basic C# 2010
  Targeted features: Impersonation and retrieval of all users
  Hi there, I am currently developing a program that uses impersonation and queries the EWS API to retrieve emails and their attachments from users. I have used the C# codes from the MSDN Library to develop the program. The program is successful in retrieving
  the emails from specific users that are hard coded into the program.
  The code below shows the process of authenticating the admin user and the impersonation is done in the  RetrieveEmailFromUser() function.
  ServicePointManager.ServerCertificateValidationCallback = CertificateValidationCallBack;
  ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2013_SP1);
  service.Credentials = new NetworkCredential("adminemail@", "password", "domain.onmicrosoft.com");
  service.AutodiscoverUrl("adminemail", RedirectionUrlValidationCallback);
  List<string> emailaddrlist = new List<string>();
  emailaddrlist.Add("[email protected]");
  emailaddrlist.Add("[email protected]");
  foreach (string item in emailaddrlist)
  string content = RetrieveEmailFromUser(service, item);
  Console.WriteLine(content);
          static string RetrieveEmailFromUser(ExchangeService service, string emailAddr)
              service.ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.SmtpAddress, emailAddr);
              FindItemsResults<Item> findResults = service.FindItems(WellKnownFolderName.Inbox, new ItemView(50));
  As can be seen from the coding, the users that are to be impersonated have been hardcoded. I would like to know if there are any C# codes or a link to a page where it describes how I can retrieve ALL users with mailboxes from a Microsoft 365 admin account
  without needing to manually add users for retrieval.

  Hi there sorry for asking again but I have successfully retrieved all the users but now I would need to filter them to lower the amount of addresses retrieved.
  For example
  owershell.Runspace = runspace;
  //Create the command and add the parameters to retrieve all users that have mailboxes
  powershell.AddCommand("Get-Mailbox");
  powershell.AddParameter("RecipientTypeDetails", "UserMailbox");
  //Invoke the command and store the results in a PSObject collection
  Collection<PSObject> EmailList = powershell.Invoke();
  //Iterate through the results and add the PrimarySMTP address for each mailbox to emailAddrlist
  foreach (PSObject emailAddr in EmailList)
  string time = emailAddr.Properties["WhenCreated"].Value.ToString();
  string addr = emailAddr.Properties["PrimarySmtpAddress"].Value.ToString();
  EmailAddrList.Add(addr + time);
  The property ("WhenChanged") will retrieve the date time when the mailbox had its options MODIFIED but not when an email is received. Is there a parameter I can input using powershell to retrieve users who have new emails in their mailboxes from
  a specific? Or can I change the value of the Property from  ("WhenChanged") to something else that will give me a date time of the most recent addition of an email to the mailbox. This will then allow me to compare the date time to filter out
  addresses which have not received any emails.
  Thank you.

• How do I restrict multiple device email access in exchange online ?

  Hi , 
  I have configured exchange online but i want that the users  should uses the email on the particular devices assigned by the organization or Admin, be it a laptop desktop or any particular mobile devices. I don't want that the users should configure
  their email on their personal devices. Do we have any option to white listed IPs or Macs addresses?

  The steps are pretty much the same as those in the article, just minor differences due to the new UI. You should decide where you want to set the default policy on Allow/block/quarantine and whether you will have a policy for allowing specific device
  models. The relevant options are under EAC -> Mobile -> Mobile device access. The global settings are configured by pressing the Edit button on top, and Device access rules are on the bottom.
  Note that all this applies to mobile devices only. If you aim to block PC/laptop access outside of the corporate env, you have to look at solutions such as AD FS/MFA.

• Exchange Online mailbox Deletion check

  Hi,
  I am facing a peculiar problem. When we delete a mailbox in Exchange Online and we find the mailbox is not visible in Exchange Admin center. This is fine. However (sometimes), a few minutes later, when we check whether the mailbox has been deleted using
  EWS api (GetSearchableMailboxes), the mailbox is still returned in the results.  Therefore, even though mailbox is not visible in Exchange Admin center we cannot determine with certainty (programmatically) whether mailbox exists or not.
  How do we ensure that the check for mailbox existence is consistent at all times. Is there any api or command available for this purpose. Does it take time for Exchange to reflect the deleted status of mailbox.
  Please suggest.
  Thanks & Regards,
  Gagan
  Gagan

  It's not clear to me what type of migration you're trying to do. A cutover migration would be an option as long as you understand the limitations of that process.  Otherwise are you looking to use a third-party migration tool or some other
  mechanism?
  The reason you would end up with two mailboxes is if when you assign an Exchange license to a user in the cloud without DirSync, a mailbox is provisioned for that user.  You can assign a license after the mailbox is moved assuming you have a mail-enabled
  user in the cloud and can do a remote move to it.
  Once you manage to get the mailbox to the cloud, now you have to deal with routing which means you'll need a mail-enabled user on-premises for every mailbox in the cloud and will need to have a target address with a coexistence domain such as "@tenant.mail.onmicrosoft.com". 
  Likewise, Exchange Online will need a mail-enabled user for every on-premises mailbox in order to have a populated GAL and route in that direction.
  For security reasons we don't to setup Dirsync and hybrid.
  I hear this occasionally and remind organizations that you're putting the actual data (the stuff the credentials protect) in Microsoft's datacenters.  If it's a question of trust, cloud services might not be the most appropriate solution for the
  organization.  The Office 365 Trust Center (http://trust.office365.com/) can provide some insight into the controls that Microsoft has in place to protect your data.
  DirSync or the new AADSync can be scoped such that they only sync limited objects.  From there, you have the options of Password (Hash) Sync with DirSync (not yet with AADSync) or using AD FS which leaves the authentication with your on-premises
  directory.
  Joseph Palarchio http://www.itworkedinthelab.com

• Site mailboxes with Exchange Online?

  Hi All,
  We would like to use Site Mailboxes with our On-Prem 2013 Ent deployment. In addition to our On-prem deployement, we also have the full O365 suite including Exchange, SharePoint, Lync, etc.
  Question: Can we use Site Mailboxes in our On-prem environment, connected to Exchange online?
  The tables at the bottom of the following article indicates that SharePoint Online must be included in the O365 subscription, but the notes are not clear as to whether it is a requirement to use the SharePoint Online instance of SharePoint or if we could
  use our On-Prem instance.
  http://technet.microsoft.com/en-us/library/exchange-online-sharing-and-collaboration.aspx

  Hi,
  According to your post, my understanding is that you wanted to use SharePoint 2013 on-prem and Exchange online for Site mailbox feature.
  I’d like to briefly introduce the Site mailbox creation in SharePoint online at first. The Site mailbox is enabled by the site collection admin and the whole creation process is finished from the background. For the users who want to access the Site mailbox,
  it requires the SharePoint online users to also have the Exchange online licenses.
  In SharePoint on-premise, the Site Mailbox requires Exchange Server 2013 is mentioned in this SharePoint Server 2013 instruction:
  Configure site mailboxes in SharePoint Server 2013.
  Since Exchange on-premise includes more features and capabilities than Exchange online, I’ think it’s not feasible to integrate the SharePoint on-premise to the Exchange online service for setting up the Site Mailbox feature.
  Best Regards,
  Linda Li
  Linda Li
  TechNet Community Support

• Impersonation in Exchange online

  Hi everyone,
  I have many doubts about impersonation. Can someone help me in this? I want to know what is does, when it is required, is the impersonated account is a AD user or mailbox, the account which has impersonation rights is AD user or mailbox, how to check which
  user has impersonation rights, etc. Also, how is the impersonation different in online from on-premises Exchange?
  Thanks & regards,
  Talib Hussain

  Hi Talib,
  There is a separate Impersonation for only AD, however for exchange it's a role that can be used to give 'Exchange mailbox users' access on other users accounts.
  'Exchange Mailbox user' = AD user + Exchange mailbox
  The ApplicationImpersonation management role enables applications to impersonate users in an organization to perform tasks on behalf of the user.
  Like Blackberry Servers Sending emails etc.
  Impersonation enables a caller, such as a service application, to impersonate a user account. The caller can perform operations by using the permissions that are associated with the impersonated account instead of the permissions associated with the caller’s
  account.
  ApplicationImpersonation role
  http://technet.microsoft.com/en-IN/library/dd776119(v=exchg.150).aspx
  Exchange 2013 Configuring Impersonation For Applications
  http://www.techieshelp.com/exchange-2013-configuring-impersonation-applications/
  Configuring Impersonation For Applications Via Power Shell
  We can also do the above Via Power shell, the commands are seen below:
  New-ManagementRoleAssignment -Name:VeeamUserImpersonisation -Role:ApplicationImpersonation -User:Your_User_Account
  To remove the permissions we run the following command:
  Get-ManagementRoleAssignment | Where {$_.Role -eq “ApplicationImpersonation” -and $_.RoleAssigneeName -eq “Your_User_Account“} | Remove-ManagementRoleAssignment
  List all users with ApplicationImpersonation role assignment:
  Get-ManagementRoleAssignment | Where {$_.Role -eq 'ApplicationImpersonation'} | ft User
  How to: Configure impersonation:
  http://msdn.microsoft.com/en-us/library/office/dn722376(v=exchg.150).aspx
  I don't see any major difference in implementation On-Premises Vs. Exchange Online.
  Regards,
  Satyajit
  Please “Vote As Helpful”
  if you find my contribution useful or “Mark As Answer” if it does answer your question. That will encourage me - and others - to take time out to help you.

• Modification of People Admin Role

  We are using DS 5.2, IS 6.1 and PS 6.2.
  I am trying to modify the People Admin Role so that it can also add user entries to ou=People container.
  I tried to modify existing acis for the role and for the roles on the top level but I have not had not much luck. I always get insufficient privileges error when I try to create a user in either in amconsole, or on the command line.
  Thank you in advance.
  klara

  Hi,
  as far as I can see you can't create roles in EOP because there is access necessary to Exchange Online. EOP has only limited access to Exchange Online or no access. It seems to me that managing roles is not part of EOP.
  To be sure you should open a support case in the admin center.
  Greetings
  Christian
  Christian Groebner MVP Forefront

• Creation of new domains in weblogic

  Hi All,
  I need to create two new domain in weblogic.
  It should be start & stop from the admin console.
  How to do that. What is node manager?
  Just assigning the managed server with machine will do the start and stop from admin console. ?

  creation of new domain in weblogic