How to create a new Admin RBAC roles for a User in 365 to only manage Shared Mailboxes and Room Mailboxes in 365

Add Management Scopes to only allow access to those types of Mailboxes

New-ManagementScope -Name "Shared Mailbox Management" -RecipientRestrictionFilter {RecipientTypeDetails -eq "SharedMailbox"}
New-ManagementScope -Name "Room Mailbox Management" -RecipientRestrictionFilter {RecipientTypeDetails -eq "RoomMailbox"}

Add Role groups for those ManagementScopes

New-RoleGroup -Name "Shared Mailbox Admins" -Roles "Mail Recipients" -CustomRecipientWriteScope "Shared Mailbox Management"
New-RoleGroup -Name "Room Mailbox Admins" -Roles "Mail Recipients" -CustomRecipientWriteScope "Room Mailbox Management"

Add the Users to the Roles in 365 

Add-RoleGroupMember "Shared Mailbox Admins" -Member Test.User
Add-RoleGroupMember "Room Mailbox Admins" -Member Test.User

After this , the user can then go to Exchange admin center (microsoft.com) and login , they will see a list of users , but they will only be able to change delegation for SharedMailbox and Rooms

GD Star Rating
loading...
GD Star Rating
loading...

Tags: 365, RBAC, roles, room mailbox, shared mailbox

Trackback from your site.