立即与支持人员聊天
与支持团队交流

Migration Manager for Exchange 8.15 - Granular Account Permissions for Exchange 2010 to 2013 Migration

Overview

This document describes minimal set of permissions required for mailbox, calendar and public folder synchronization from a source Exchange 2010 organization to a target Exchange 2013 organization using Migration Manager for Exchange.

Note: Permissions required for native mailbox move are out of scope of this document.

For general information on account permissions required for Migration Manager for Exchange operation, refer to System Requirements and Access Rights document.

Source Exchange 2010 Permissions

Exchange Account

Mailbox and Calendar Synchronization

The following permissions are required for source Exchange account used by Migration Agent for Exchange during mailbox or calendar synchronization:

Permission How to Grant
Read access to the source domain (including all descendant objects) Link
Read permission for the Microsoft Exchange container in the Configuration partition of source Active Directory (including all descendant objects) Link

Permissions to process every mailbox involved in the migration by granting

  1. Full Control permission on a mailbox database
  2. Full Control permission on an associated public folder database

Link: Mailbox database

Link: Public folder database

The ApplicationImpersonation management role Link

TIP: The Read permission for the Microsoft Exchange container is required only if you plan to add the source Exchange organization in the Add Source Organization Wizard under this account.

Public Folder Synchronization

The following permissions are required for source Exchange account used by PFSA and PFTA during public folder synchronization:

Permission How to Grant
Membership in the local Administrators group on all source Exchange servers involved in the migration. If a server is a domain controller, the account should be added to the domain local Administrators group of the domain. Link
Membership in the Public Folder Management group Link
Permissions to process public folders involved in the migration by granting Full Control permission on public folder databases where those public folders reside. Link

Active Directory Account

Mailbox and Calendar Synchronization

The following permissions are required for source Active Directory account used by Migration Agent for Exchange during mailbox or calendar synchronization:

Permission How to Grant
Read access to the source domain (including all descendant objects) Link
Read permission for the Microsoft Exchange container in the Configuration partition of source Active Directory (including all descendant objects) Link

Important: If migration is performed in the child domain, ensure that Active Directory account has the Read access to the parent (root) domain as well.

Public Folder Synchronization

The following permissions are required for source Active Directory account used by PFSA and PFTA during public folder synchronization:

Permission How to Grant

The Write proxyAddresses permission on the Descendant publicFolder objects for the Microsoft Exchange System Objects organizational unit in all domains in which source Exchange servers involved in public folder synchronization reside.

NOTE: Alternatively, you can grant the Write permission on that organizational unit.

Link

Target Exchange 2013 Permissions

Exchange Account

Mailbox and Calendar Synchronization

The following permissions are required for target Exchange account used by Migration Agent for Exchange during mailbox or calendar synchronization:

Permission How to Grant
Read access to the target domain (including all descendant objects) Link
Read permission for the Microsoft Exchange container in the Configuration partition of target Active Directory (including all descendant objects) Link

Permissions to log on to every mailbox involved in the migration by granting Full Control permission on a mailbox database

Link
The Move Mailboxes management role Link
The Mail Recipients management role Link
The ApplicationImpersonation management role

Link

TIP: The Read permission for the Microsoft Exchange container is required only if you plan to add the target Exchange organization using the Add Target Organization Wizard under this account.

Public Folder Synchronization

The following permissions are required for target Exchange account used by PFSA and PFTA during public folder synchronization:

Permission How to Grant
Membership in the local Administrators group on all target Exchange servers involved in the migration. If a server is a domain controller, the account should be added to the domain local Administrators group of the domain. Link
The Mail Enabled Public Folders management role Link
Permissions to process public folders involved in the migration by granting Full Control permission on mailbox databases where those public folders reside. Link

Active Directory Account

Mailbox and Calendar Synchronization

The following permissions are required for target Active Directory account used by Migration Agent for Exchange during mailbox or calendar synchronization:

Permission How to Grant
Read access to the target domain (including all descendant objects) Link
Read permission for the Microsoft Exchange container in the Configuration partition of target Active Directory (including all descendant objects) Link
Public Folder Synchronization

The following permissions are required for target Active Directory account used by PFSA and PFTA during public folder synchronization:

Permission How to Grant

The Write proxyAddresses permission on the Descendant publicFolder objects for the Microsoft Exchange System Objects organizational unit in all domains in which target Exchange servers involved in public folder synchronization reside.

NOTE: Alternatively, you can grant the Write permission on that organizational unit.

Link

How to Grant Required Permissions

This section contains reference information how to grant an account the following permissions:

自助服务工具
知识库
通知和警报
产品支持
下载软件
技术说明文件
用户论坛
视频教程
RSS订阅源
联系我们
获得许可 帮助
技术支持
查看全部
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级