EdbMails EDB Recovery and Migration software
  • Reseller
  • Free Trial
  • Video Tutorials
  • Support
  • FAQ
  • Free Tools
  • Knowledge Base
  • Products
    Exchange EDB / Email Recovery Tools
    • EDB Recovery and MigrationRecover EDB to PST, EDB to Office 365 and Exchange NO Duplicate Migration
    • OST Recovery and MigrationRecover OST to PST, OST to Office 365 and Exchange Migration
    • PST Recovery and MigrationRecover Outlook PST, PST to Office 365 and Exchange Migration
    • MBOX Export and MigrationExport MBOX to PST, MBOX to Office 365 and Exchange Migration
    • NSF Export and MigrationExport NSF to PST, NSF to Office 365 and Exchange Migration
    Exchange and Office 365 Migration
    • Exchange Server MigrationMigrate Exchange 2007, 2010, 2013, 2016, 2019 to Office 365 tenants. Also, migrate between Exchange servers and PST
    • Office 365 MigrationMigrate Source Office 365 tenants to Destination Office 365 tenants. Also, migrate to Exchange Server and PST
    • IMAP Email Backup & MigrationMigrate all IMAP email servers (Gmail, Zimbra, Zoho, Yahoo etc.), Office 365, Exchange and Backup to Outlook PST
    • SharePoint Online MigrationMigrate documents, files and folders from SharePoint sites
    • OneDrive for Business MigrationMigrate documents, files and folders from OneDrive
    • Microsoft Teams MigrationMigrate Teams, documents, files and folders etc.
    Exchange and Office 365 Backup
    • Office 365 BackupIncremental, Granular, Encrypted and Compressed Office 365 Mailboxes Backup
    • Exchange Server BackupIncremental, Granular, Encrypted and Compressed Exchange Mailboxes Backup
    • SharePoint, OneDrive & Teams BackupBackup Online site collections, Team sites, Office 365 groups, all documents etc.
    • Duplicate Remover - Office 365 & Exchange Remove duplicate emails, calendars, contacts, journal etc. from Office 365 and Exchange
    • GAL and All Address Lists migrationDirectly migrate Exchange and Office 365 Global address list and Address Lists items
    Go to products
  • Pricing
  • Features
  • Download
  • Account
    1. Home
    2. Product
    3. Steps to set Impersonation Rights for Live Exchange user account for Exchange 2007 and Lower version

    Impersonation rights for Exchange Server

    Steps to set impersonation rights for Exchange

User Manual

  • Exchange Migration Overview
  • Initial Setup
  • System Requirements
  • Installation
    • Installation process
    • Reinstall or Upgrade
    • How to uninstall
  • FAQ
    • General
    • Migration Free Trial / Demo
    • Migration License
    • Before Migration
    • Migration - Steps
    • After Migration
  • Videos
    • Exchange to Exchange
    • Exchange to Office 365
    • Exchange to PST
    • Public Folder to Office 365
    • Archive Mailbox to Office 365
    • Public Folder to Exchange
    • Archive Mailbox to Exchange
  • Screenshots
    • Exchange to Exchange
    • Exchange to Office 365
    • Exchange to PST
  • How it works?
    • Exchange to Exchange
    • Exchange to Office 365
    • Exchange to PST
    • Exchange Public Folder to Office 365
    • Exchange Public Folder to Exchange
    • Exchange 2010 to 2016 Public folder
    • Exchange 2013 Public folder to Office 365
    • Exchange 2016 Public folder to Office 365
    • Exchange Public Folder to Shared Mailbox
    • Archive Mailbox to Office 365
    • Archive Mailbox to Exchange
    • Hosted Exchange Migration
    • Hosted Exchange to Live Exchange Migration
    • Hosted Exchange to Office 365 Migration
    • Live Exchange to Hosted Exchange Migration
    • Hosted Exchange Public Folder to Office 365 Migration
    • Cross-forest migration from Exchange 2013 to Exchange 2019/2016
    • Hybrid Migration
    • Public folder Migration in Hybrid Environment
    • Migrate GAL and all address list
    • Disable msExchMailboxGuid
  • Connect to Exchange server for multiple mailboxes migration
    • Connect with Global Admin
    • Connect to Multiple users using CSV file
    • Connect using full access permission
    • Connect individual users for Single / Specific user Migration
  • Connect to Hosted Exchange for its Migration
    • Connect with Full Access permissions
    • Connect to multiple users using CSV file
    • Connect to Individual user for migration
  • Connect to Office 365
    • Modern Authentication Using OAuth 2.0
      • Microsoft 365 modern authentication
      • Automatic Registration
      • Manual Registration
    • Connect with Global Admin
    • Connect to Office 365 with full access permission
    • Connect to Office 365 with CSV file option
    • Connect to Office 365 as single user mailbox
  • Set Exchange Server Impersonation rights
    • Exchange 2007 and below
    • Exchange 2010, 2013, 2016 and 2019
    • Set using Exchange Server GUI
  • Understanding the Application
    • Program's Component
    • Migration
    • Incremental Migration
    • Exchange Throttling Policy
  • Set Office 365 Impersonation rights
    • Using PowerShell commands
    • Using Office 365 GUI
  • Migration Types
    • Cutover Migration
    • Staged Migration
    • Hybrid Migration
  • Map the Mailboxes
  • Migration Walkthrough
    • From Exchange 2003
    • From Exchange 2007
    • From Exchange 2010 to Exchange 2019
    • From Exchange 2010 to Exchange 2016
    • From Exchange 2010 to Office 365
    • From Exchange 2013 to Exchange 2019
    • From Exchange 2013 to Exchange 2016
    • From Exchange 2013 to Office 365
    • From Exchange 2016 to Exchange 2019
    • From Exchange 2016 to Office 365
    • From Exchange 2019 to Office 365
    • From Office 365
  • Multifactor Authentication
    • Enable MFA in Office 365
    • Create App password for MFA
    • Disable Security Defaults

Impersonation rights for Exchange Server

Note: EdbMails application will automatically set Impersonation rights. If the automatic configuration is not successful then the appropriate message will be displayed to set the rights manually.

Exchange Management Shell (EMS) commands to set Impersonation rights for Exchange 2010, 2013, 2016, 2019

Note:
1. If the login through administrator user fails then try to impersonate any other User.
2. Make sure the impersonated user account has impersonation permissions to each associated Mailbox (Users). That's, impersonated user should have impersonation permissions to all associated Mailboxes.

 

Execute the below commands on your Exchange Management Shell (Run as Administrator)

Step 1:

a. If you are getting error in Exchange Management shell as shown below, You need to enter the FQDN.

fqdn-request

b. Follow the below steps to get the FQDN

On the Windows Taskbar, click Start > Programs > Administrative Tools > Active Directory Domains and Trusts.

In the left pane of the Active Directory Domains and Trusts dialog box, look under Active Directory Domains and Trusts. The FQDN for the computer or computers is listed.

fqdn-number

c. Connection to the Exchange Server is established

fqdn-success

Step 2:

Command: Copy & Paste it on EMS

Set-ExecutionPolicy Unrestricted

Result:
live-admin-account

Step 3:

Command: Copy & Paste it on EMS

Enable-OrganizationCustomization

Ignore this results, if the error is "This operation is not required. Organization is already enabled for customization."

Result:
live-enable-organization

Step 4:

Command: Copy & Paste it on EMS & change User

New-ManagementRoleAssignment -Role "ApplicationImpersonation" -User administrator@domain.com

Result:
live-management-roles


Note: Click here to know the steps to set Impersonation rights using GUI

Steps to set Impersonation Rights for Live Exchange user account for Exchange 2007 and Lower version

a) Configure Exchange Impersonation for a user on a server

Open the Shell (Powershell/Exchange Management Shell). Run Add-ADPermission cmdlet to add the impersonation permissions on the server for the identified user.

For example, to grant User1 permission to impersonate all accounts on an Exchange Server named CAS-01, use the following command:

Command: Copy & Paste it on EMS

Get-ExchangeServer | where {$_.IsClientAccessServer -eq $TRUE} | ForEach-Object {Add-ADPermission -Identity $_.distinguishedname -User (Get-User -Identity User1 | select-object).identity -extendedRight ms-Exch-EPI-Impersonation}

b) Configure Exchange Impersonation for a user on a specific user

Open the Shell. Run the Add-ADPermission Windows PowerShell command to add permission to impersonate an identified user.

For example, to grant User1 permission to impersonate User2, use the following command:

Command: Copy & Paste it on EMS

Add-ADPermission -Identity "User2" -User User1 -extendedRight ms-Exch-EPI-May-Impersonate

hidden msg

EdbMails Demo / Trial Version

Step 1. Download and install EdbMails

Step 2. Click the 'Start Your Free Trial' button

Demo login EdbMails

  • Home
  • Features
  • Pricing
  • Support
  • Download
  • Sitemap
  • FAQ
  • Video Tutorials
  • Technical Support
  • Live Chat
  • Contact Us
Shifttocloud Inc.
Rehoboth Beach, DE
United States
+1 (302) 416-3056

Privacy Policy | Terms of Use | GDPR | Security | Press Releases

© 2023 Shifttocloud Inc.

Live Chat

Hi, May I help you?

Hide Chat Now