Impersonation for the Exchange Connector 3.0RC (Exchange 2007)

February 14, 2013 Posted by Alexander Axberg

In the documentation for the Exchange 3.0 RC connector, it describes how to configure Exchange to allow the workflow-account to use impersonation with two PowerShell commands.

However, due to a type-o in the documentation, the same command is written twice:

Add-ADPermission -Identity “<identity>” -User <domain>\<username> -extendedRight ms-Exch-EPI-May-Impersonate
Add-ADPermission -Identity “<identity>” -User <domain>\<username> -extendedRight ms-Exch-EPI-May-Impersonate


The command that is missing is the one that enables the impersonation function on the Exchange CAS-server(s). So you first need to enable it on the serverobject, and then on the specific mailbox.

The two correct command that needs to be run are these:

User1= Workflow-account userid in SCSM

User2=Mailbox account

  • Get-ExchangeServer | where {$_.IsClientAccessServer -eq $TRUE} | ForEach-Object {Add-ADPermission -Identity $_.distinguishedname -User (Get-User -Identity User1 | select-object).identity -extendedRight ms-Exch-EPI-Impersonation}
  • Add-ADPermission -Identity “User2 Fullname” -UserĀ User1 -extendedRight ms-Exch-EPI-May-Impersonate

Leave a Reply

Your email address will not be published. Required fields are marked *