Your network contains an Active Directory domain named contoso.com.
The network contains a server named server1 that runs Exchange Server 2010 SP1.
The Exchange organization contains 500 mailboxes. All of the mailboxes are stored on a mailbox database named DB1.
You need to add an administrator named Admin1 to the Recipient Management role group. Admin1 must only be able to manage Exchange recipients in an organizational unit name OU1.
Which PowerShell cmdlet should you use first?
A.
Set-DestributionGroup
B.
New-ManagementScope
C.
New-ManagementRole
D.
Add-MailboxPermission
E.
New-RoleGroup
F.
New-EmailAddressPolicy
G.
New-RoleAssignmentPolicy
H.
New-MailboxAuditSearchLog
I.
Add-ADPermission
J.
Add-ManagementRoleEntry
K.
New-ManagementRoleEntry
L.
Set-Mailbox
M.
New-ManagementRoleAssignment
Explanation:
You will need a new management Role before a new management scope
If you need to assign multiple roles to admin1 but within a custom scope, it’s easier to create a new role group and add roles and a scope to the role group.
http://technet.microsoft.com/en-us/library/ff769964(v=exchg.141).aspx
If you create a new role group you can only add roleEntries that are in the parent of the ManagedRole. RoleEntries that are not member of the parent role can not be added.
http://technet.microsoft.com/en-us/library/dd351236(v=exchg.150).aspx
You can only add a role entry to a management role if the role entry exists in the role’s parent role. For example, if you try to add the Search-Mailbox role entry to a role that’s a child of the Mail Recipients role, you’ll receive an error. This error occurs because the Search-Mailbox role entry doesn’t exist in the Mail Recipients role. To add the Search-Mailbox role entry to a role, you need to create a role that’s a child of the Mailbox Import Export role, which contains the Search-Mailbox role entry. Then you can use the Add-ManagementRoleEntry cmdlet to add the Search-Mailbox role entry to the new child role.