Active Directory,  Microsoft Exchange Server

Enable Impersonation Rights In Exchange 2013

Exchange Impersonation Rights allow a user to impersonate the account of another user. To enable impersonation rights use the New-ManagementRoleAssignment command let. To enable Impersonation rights for an account called krypted (samAccountName), use the following commandlet:

New-ManagementRoleAssignment –Name:impersonationAssignmentName –Role:ApplicationImpersonation –User: krypted

To remove those rights, use the Remove-ManagementRoleAssignment commandlet. Below we’ll run a Get-ManagementRoleAssignment to finds the user krypted with the appropriate role and then pipe that to the Remove-ManagementRoleAssignment commandlet:

Get-ManagementRoleAssignment -RoleAssignee "krypted" -Role ApplicationImpersonation -RoleAssigneeType user | Remove-ManagementRoleAssignment