Your network contains an Active Directory domain named contoso.com.
The network contains a server named Server1 that runs Exchange Server 2010 SP1.
The Exchange organization contains 500 mailboxes. All of the mailboxes are stored on a mailbox database named DB1.
You need to add an administrator named Admin1 to the Recipient Management role group. Admin1 must only be able to manage Exchange recipients in an organizational unit name OU1.
Which PowerShell cmdlet should you use first?
A.
Set-DestributionGroup.
B.
New-ManagementScope.
C.
New-ManagementRole.
D.
Add-MailboxPermission.
E.
New-RoleGroup.
F.
New-EmailAddressPolicy.
G.
New-RoleAssignmentPolicy.
H.
New-MailboxAuditSearchLog.
I.
Add-ADPermission.
J.
Add-ManagementRoleEntry.
K.
New-ManagementRoleEntry.
L.
Set-Mailbox.
M.
New-ManagementRoleAssignment.
Explanation:
To add a mailbox to the Recipient Management role group, you actually have to start off with:Add-RoleGroupMember “Recipient Management” -Member Admin1
However, as mentioned in the question, this needs to be scoped to a single OU, and you wouldn’t want to scope the default Receipient Management role group to one OU as it would affect all other mailboxes in that group.
So, you would have to create a new role group that is scoped to a single OU and has all the same roles that are assigned to the Recipient Management role group, then put in Admin1 as the only Role Group Member.
You can accomplish this as follows:
New-RoleGroup -Name “Admin Recipient Management” -Roles “Distribution Groups”, “Mail Enabled Public Folders”, “Mail Recipient Creation”, “Mail Recipients”, “Message Tracking”, “Migration”, “Move Mailboxes”, “Recipient Policies” -Members Admin1 -RecipientOrganizationalUnitScope OU1
Reference:
http://technet.microsoft.com/en-us/library/dd638209.aspx (Use the Shell to create a role group with an OU scope)
http://technet.microsoft.com/en-us/library/dd638181.aspx (EXAMPLE 2)