I admin the root domain that holds the Exchange 2007 servers. We have a subdomain that has email addies from root (so, login account user@sub.domain.com has email user@domain.com). Would like to allow admins in the subdomain to add/remove/admin their own accounts. I've added sub\Domain Admins to the Exchange View-Only Admins and Exchange Recipient Admins groups in the root domain. They are able to enable email accounts now after some issues seeing the datastore that were solved by modifying the Win2k8r2 client's DCOM settings. I still have a strange issue however, while setting up a resource email account we get this error from a Domain Admin account in the sub... [PS] C:\scripts>Set-MailboxCalendarSettings smugglerscove -AutomateProcessing:Autoaccept Cannot save changes made to an item to store. At line:1 char:1 + <<<< Set-MailboxCalendarSettings smugglerscove -AutomateProcessing:Autoaccept + CategoryInfo : InvalidOperation: (:) [], AccessDeniedException + FullyQualifiedErrorId : 2AAD069B Seems to be some security access that's not provided by Exchange Recipient Admins but not sure where. I've tried enabling some debug on the mailstore server for some hint as to what I security access need to modify, but no luck so far. Any help is appreciated! Oh, as a side... Is it possible to change the scope of the admin groups? Something less the Organization Wide would be nice. Thanks!

If you have a designated exchange server for the sub domain you can try the Exchange Server Admins group.

Hi, There may be invalied records in your exchange environment. Run EXBPA and remove the invalid records to fix the issue Regards from www.windowsadmin.info