Setting the rights for the CloudLink service account to create and remove web folders
The CloudLink service account must have rights on the Exchange server to create and remove web folders for users. To set the rights you must run the required command or commands from the Exchange Management Shell.
To set the rights for the CloudLink service account to create and remove web folders
-
On the Exchange server, run the Exchange Management Shell.
-
Execute the required command or commands from the shell window.
-
For Exchange Server 2007 you must configure the required user access rights for all the Client Access server and for every back-end mailbox.
-
For Exchange Server 2010, 2013, and 2016 you must configure a global role to provide the required application impersonation rights.
-
Table: Commands to set the rights for the CloudLink service account on the Exchange Server lists the required commands for the different versions of Exchange server.
Related information
Table: Commands to set the rights for the CloudLink service account on the Exchange Server
| Exchange server version | Commands to set the rights for the CloudLink service account |
|---|---|
| Exchange 2007 | Get-ExchangeServer \| where {$*.IsClientAccessServer -eq $TRUE} \| ForEach-Object {Add-ADPermission -Identity $*.distinguishedname -User (Get-User -Identity serviceAccountUser \| select-object).identity -extendedRight ms-Exch-EPI-Impersonation} |
Get-MailboxDatabase \| ForEach-Object {Add-ADPermission -Identity $_.DistinguishedName -User serviceAccountUser -ExtendedRights ms-Exch-EPI-May-Impersonate} |
|
| Exchange 2010, 2013, and 2016 | New-ManagementRoleAssignment -Name impersonationAssignmentName -Role applicationImpersonation -User domain\serviceAccountUser |
Where:
-
impersonationAssignmentNameis a suitable unique name for the impersonation assignment. -
domainis the Windows domain where the CloudLink service account resides. -
serviceAccountUseris the user name of the CloudLink service account.