We want to let our Help desk staff move mailboxes on our Microsoft Exchange Server. I know that we can assign the required permissions on individual mailboxes, but I want to automate the process instead of having to set permissions on each object.
The Microsoft article "Minimum permissions necessary to perform Exchange-related tasks" (http://support.microsoft.com/?kbid=316792) describes the permissions you need to move mailboxes. The user account you're using must have the Exchange Administrator role, and it must have Write access to the mapisvc.inf file on the workstation from which you're running the Exchange Move Mailbox Wizard. The user account you use must also have Write permission on several individual attributes—homeMDB, homeMTA, msExchHomeServerName, and targetAddress—in the individual mailbox. (For Exchange 2003 mailboxes, you must also have Write permissions on msExchOmaAdminExtendedSettings and msExchOmaAdminWirelessEnable.) The fastest way to assign this permission to multiple users is to customize Exchange System Manager's (ESM's) Exchange Task Wizard to add a new task for permissions assignment. The Microsoft article "How to customize the task list in the Delegation Wizard" (http://support.microsoft.com/?kbid=308404) describes this process in detail; briefly, you'll need to edit the delegwiz.inf file and add a new template that specifies the permissions that need to be set. For Exchange 2000, the additional template would look something like the following (you need to add the additional Exchange 2003–only attributes for moving Exchange 2003 mailboxes):
AppliesToClasses=domainDns,
organizationalUnit,container
Description = "Move Mailboxes to another Exchange Server"
ObjectTypes = user
\[template14.user\]
homeMDB=RP,WP
homeMTA=RP,WP
msExchHomeServerName=RP,WP
targetAddress=RP,WP
