Archiving Emails from Microsoft Exchange 2007
Creating a Central User to Access Mailboxes
The following prerequisites are required to configure Exchange Impersonation:
- Administrative credentials for the computer that is running Exchange 2007 that has the Client Access server role installed
- Domain Administrator credentials
All following commands can be executed from the Microsoft Exchange Management Shell.
Add access rights
Get-ClientAccessServer | Add-AdPermission -User serviceAccount ' -ExtendedRights ms-Exch-EPI-Impersonation
Get-MailboxDatabase | Add-AdPermission -User serviceAccount ' -ExtendedRights ms-Exch-EPI-May-Impersonate
serviceAccount is the user account you want to use as in UPN notation. Please take care that this user is not a member of an Exchange or Windows administrative group. If you want to archive public folders using impersonation, use the following command:
Get-PublicFolderDatabase | Add-AdPermission -User serviceAccount ' -ExtendedRights ms-Exch-EPI-May-Impersonate
Check access rights
Get-ClientAccessServer | Get-Adpermission -User serviceAccount | Format-List *
Get-MailboxDatabase | Get-Adpermission -User serviceAccount | Format-List *
Get-PublicFolderDatabase | Get-Adpermission -User serviceAccount | Format-List *
Remove access rights
Get-ClientAccessServer | Remove-AdPermission -User serviceAccount ' -ExtendedRights ms-Exch-EPI-Impersonation
Get-MailboxDatabase | Remove-AdPermission -User serviceAccount ' -ExtendedRights ms-Exch-EPI-May-Impersonate
Get-PublicfolderDatabase | Remove-AdPermission -User serviceAccount ' -ExtendedRights ms-Exch-EPI-May-Impersonate
