Exchange Online 中的功能權限Feature permissions in Exchange Online

所需權限來執行工作以管理 Microsoft Exchange Online 而異正在執行的程序或您想要執行的指令程式。The permissions required to perform tasks to manage Microsoft Exchange Online vary depending on the procedure being performed or the cmdlet you want to run.

如需 Exchange Online Protection (EOP) 權限的相關資訊,請參閱 Feature Permissions in EOPFor information about Exchange Online Protection (EOP) permissions, see Feature Permissions in EOP.

您要管理的某些功能可能存在於 Edge Transport server 上。若要管理 Edge Transport server 上的功能,您必須在要管理的 Edge Transport server 上是本機系統管理員群組的成員。Edge Transport server 不會使用角色型存取控制 (RBAC)。在下表中,可以在 Edge Transport server 上管理的功能會於 [需要的權限] 欄中顯示「邊際傳輸本機系統管理員」。To find out what permissions you need to perform the procedure or run the cmdlet, do the following:

  1. 若要瞭解執行程序或執行 Cmdlet 所需的權限,請執行以下操作:In the table below, find the feature that is most related to the procedure you want to perform or the cmdlet you want to run.

  2. 接著查看功能所需的權限。您必須獲指派其中一個角色群組、相等的自訂角色群組,或相等的管理角色。您也可以按一下角色群組,查看其管理角色。如果功能列出多個角色群組,您只需要獲指派其中一個角色群組,就能使用功能。如需角色群組和管理角色的詳細資訊,請參閱了解角色型存取控制Next, look at the permissions required for the feature. You must be assigned one of those role groups, an equivalent custom role group, or an equivalent management role. You can also click on a role group to see its management roles. If a feature lists more than one role group, you only need to be assigned one of the role groups to use the feature. For more information about role groups and management roles, see Understanding Role Based Access Control.

  3. 現在,執行 Get-ManagementRoleAssignment Cmdlet,查看指派給您的角色群組或管理角色,以瞭解您是否有管理該功能所需的權限。Now, run the Get-ManagementRoleAssignment cmdlet to look at the role groups or management roles assigned to you to see if you have the permissions that are necessary to manage the feature.


    您必須獲指派「角色管理」管理角色,才能執行 Get-ManagementRoleAssignment Cmdlet。如果您沒有執行 Get-ManagementRoleAssignment Cmdlet 的權限,請詢問您的 Exchange 系統管理員,以取得角色群組或是獲指派管理角色。You must be assigned the Role Management management role to run the Get-ManagementRoleAssignment cmdlet. If you don't have permissions to run the Get-ManagementRoleAssignment cmdlet, ask your Exchange administrator to retrieve the role groups or management roles assigned to you.

如果您要將管理功能的能力委派給另一個使用者,請參閱委派角色指派If you want to delegate the ability to manage a feature to another user, see Delegate role assignments.

Exchange Online 權限Exchange Online permissions

您可以使用下表中的功能,管理 Exchange Online 組織及收件者。You can use the features in the following table to manage your Exchange Online organization and recipients. 獲指派僅檢視管理角色群組的使用者,可以檢視下表中功能的組態。Users who are assigned the View-Only Management role group can view the configuration of the features in the following table. 如需詳細資訊,請參閱僅限檢視組織管理For more information, see View-only Organization Management.

功能Feature 必要的權限Permissions required
反惡意程式碼Anti-malware 組織管理Organization Management
Hygiene ManagementHygiene Management
反垃圾郵件Anti-spam 組織管理Organization Management
Hygiene ManagementHygiene Management
資料外洩防護Data loss prevention 組織管理Organization Management
規範管理Compliance Management
Office 365 連接器Office 365 connectors 組織管理Organization Management
日誌封存Journal archiving 組織管理Organization Management
收件者管理Recipient Management
連結的使用者Linked user 組織管理Organization Management
收件者管理Recipient Management
郵件流程Mail flow 組織管理Organization Management
信箱設定Mailbox settings 組織管理Organization Management
收件者管理Recipient Management
Microsoft Office 365 郵件加密 (OME)Microsoft Office 365 Message Encryption (OME) 組織管理Organization Management
規範管理Compliance Management
記錄管理Records Management
訊息追蹤Message trace 組織管理Organization Management
規範管理Compliance Management
服務台Help Desk
組織組態Organization configuration 組織管理Organization Management
Thew web 信箱原則上的 outlookOutlook on thew web mailbox policies 組織管理Organization Management
[收件者管理[Recipient Management
POP3 及 IMAP4 權限POP3 and IMAP4 permissions 組織管理Organization Management
隔離Quarantine Organization ManagementOrganization Management
Hygiene ManagementHygiene Management
訂閱Subscriptions 組織管理Organization Management
收件者管理Recipient Management
附註: 使用者可以在他們自己的信箱中建立的訂閱。Note: A user can create subscriptions in their own mailbox. 系統管理員無法在其他使用者的信箱中建立訂閱,但可以在其他使用者的信箱中修改或刪除訂閱。An administrator can't create subscriptions in another user's mailbox, but they can modify or delete subscriptions in another user's mailbox.
監督Supervision 組織管理Organization Management
檢視報告View reports Organization Management -使用者可以存取信箱報告和郵件保護報告。Organization Management - users have access to mailbox reports and mail protection reports.
View-Only Organization Management -使用者可以存取信箱報告。View-Only Organization Management - users have access to mailbox reports.
View-Only Recipients - 使用者可以存取郵件保護報告。View-Only Recipients - users have access to mail protection reports.
Compliance Management - 使用者可以存取郵件保護報告及資料遺失防護 (DLP) 報告 (如果使用者的訂閱有 DLP 功能)。Compliance Management - users have access to mail protection reports and Data Loss Prevention (DLP) reports (if their subscription has DLP capabilities).