Delivered each Monday,
TechRepublic’s free E-mail Administration NetNote provides tips, articles, and
other resources to help you manage your Exchange server and other e-mail
sign up today!
One of the security enhancements in Exchange Server
2000/2003 is the absence of an all-powerful service account. This makes it
easier to audit for unauthorized access, as well as making user data more
However, there are times when you need to assign a single
account the right to access all mailboxes. For example, a brick-level backup
program’s service account typically requires access to the mailboxes it
protects. Exmerge, often used in recovery scenarios, also requires mailbox
While you can open each mailbox individually and add the
appropriate account permissions, that task is very time-consuming. In cases
where an account must access all mailboxes to perform a legitimate task, simply
add the account to the organization’s security properties with the appropriate
permissions. Here’s how:
the Exchange System Manager.
on the Organization object in the left pane, and then select Properties.
the Security tab.
Group Or User Names, click the Add button.
the account that needs access to the mailboxes.
OK to close the Select Users, Computers, Or Groups dialog box.
the appropriate permissions check boxes in the Permissions For pane. (Remember,
it is a best practice to assign the minimum permissions needed to do the
OK to close the dialog box.
Mailboxes in all of the organization’s stores will inherit
the account permissions you just added.