The following prerequisites are required to configure Exchange Impersonation:

  • Administrative credentials for the computer that is running Exchange 2010, 2013, 2016 and 2019 that has the Client Access server role installed.

  • Domain Administrator credentials, or other credentials with the permission to create and assign roles and scopes.

  • Remote PowerShell installed on the computer from which you will run the commands.


  • The mailbox user (with Administrative credentials) must be mounted for a successful connection via EdbMails

  • "ManagementRoleAssignment" must be assigned to the mailbox user to which you assign the Impersonation rights

Know the steps to set Impersonation Rights using Exchange cmdlet

Steps to set Impersonation Rights for Live Exchange user account for Exchange 2010, 2013 and 2016

  1. On the machine where you have installed your Exchange Server, Open the browser (preferably Chrome) and type the URL: https://localhost/ecp.

  2. Ignore the unsafe error and click the "Proceed to localhost (unsafe)" link as shown below.
    Proceed to localhost (unsafe)

  3. Enter the login credentials of your Administrator account with the domain name in the "Exchange Admin Center" login screen as shown below.
    Exchange Admin Center

  4. Click on "Permissions" tab and then double click on the "Discovery Management" as shown below.
    Permissions Discovery Management

  5. On the screen that appears, add "ApplicationImpersonation" Role and then add "Administrator" (the user account for which you want to Impersonate) as Member. Click '+' if you want to add the members who are having the administrator rights as shown below.
    Application Impersonation

  6. Click the "Save" button to complete the Impersonation Rights setting.

See also: