This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 23%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EI%3C/text%3E%3C/svg%3E)
I'm trying to create an RBAC role to allow my Security team to administer ActiveSync devices.
I'm following the steps here:
http://msexchangeguru.com/2013/09/09/rbac-eas/
When I log in as a test account, all I see is Compliance management.
Is there something different about Exchange 2016 I need to consider?
These are the role entries I added:
[PS] C:\WINDOWS\system32>get-managementrole Activesyncadmins| select -ExpandProperty roleentries
PSSnapinName Name Parameters
Microsoft.Exchange.Management.PowerShell.E2010 Write-AdminAuditLog {Comment, Confirm, Debug, DomainController, ErrorAction, ErrorVariable, OutBuffer, OutV...
Microsoft.Exchange.Management.PowerShell.E2010 Set-ActiveSyncDeviceAccessRule {AccessLevel, Confirm, Debug, DomainController, ErrorAction, ErrorVariable, Identity, O...
Microsoft.Exchange.Management.PowerShell.E2010 Remove-ActiveSyncDeviceAccessRule {Confirm, Debug, DomainController, ErrorAction, ErrorVariable, Identity, OutBuffer, Out...
Microsoft.Exchange.Management.PowerShell.E2010 Get-RpcClientAccess {Debug, DomainController, ErrorAction, ErrorVariable, OutBuffer, OutVariable, Server, V...
Microsoft.Exchange.Management.PowerShell.E2010 Get-OutlookProvider {Debug, DomainController, ErrorAction, ErrorVariable, Identity, OutBuffer, OutVariable,...
Microsoft.Exchange.Management.PowerShell.E2010 Get-ClientAccessArray {Debug, DomainController, ErrorAction, ErrorVariable, Identity, OutBuffer, OutVariable,...
Microsoft.Exchange.Management.PowerShell.E2010 Get-CASMailbox {Anr, Credential, Debug, DomainController, ErrorAction, ErrorVariable, Filter, Identity...
Microsoft.Exchange.Management.PowerShell.E2010 Get-AuthRedirect {Debug, DomainController, ErrorAction, ErrorVariable, Identity, OutBuffer, OutVariable,...
Microsoft.Exchange.Management.PowerShell.E2010 Get-ActiveSyncOrganizationSettings {Debug, DomainController, ErrorAction, ErrorVariable, Identity, OutBuffer, OutVariable,...
Microsoft.Exchange.Management.PowerShell.E2010 Get-ActiveSyncDeviceClass {Debug, DomainController, ErrorAction, ErrorVariable, Filter, Identity, OutBuffer, OutV...
Microsoft.Exchange.Management.PowerShell.E2010 Get-ActiveSyncDeviceAccessRule {Debug, DomainController, ErrorAction, ErrorVariable, Identity, OutBuffer, OutVariable,...
Microsoft.Exchange.Management.PowerShell.E2010 Set-CASMailbox {ActiveSyncAllowedDeviceIDs, ActiveSyncBlockedDeviceIDs, Confirm, Debug, DomainControll...
[PS] C:\WINDOWS\system32>get-managementrole ActivesyncWipe| select -ExpandProperty roleentries
PSSnapinName Name Parameters
Microsoft.Exchange.Management.PowerShell.E2010 Get-ActiveSyncDeviceStatistics {Debug, DomainController, ErrorAction, ErrorVariable, GetMailboxLog, Identity, Mailbox, Not...
Microsoft.Exchange.Management.PowerShell.E2010 Remove-ActiveSyncDevice {Confirm, Debug, DomainController, ErrorAction, ErrorVariable, Identity, OutBuffer, OutVari...
Microsoft.Exchange.Management.PowerShell.E2010 Clear-ActiveSyncDevice {Cancel, Confirm, Debug, DomainController, ErrorAction, ErrorVariable, Identity, Notificati...
Microsoft.Exchange.Management.PowerShell.E2010 Get-User {Anr, Credential, Debug, DomainController, ErrorAction, ErrorVariable, Filter, Identity, Ig...
Microsoft.Exchange.Management.PowerShell.E2010 Set-CASMailbox {ActiveSyncDebugLogging, ActiveSyncEnabled, ActiveSyncMailboxPolicy, ActiveSyncSuppressRead...
You can use the -CmdletParameters parameter with the Get-ManagementRole cmdlet to see the specific parameters available for the role entries. Ensure that the parameters you need for ActiveSync management are available and configured correctly.