Exchange Online 中的角色指派原則Role assignment policies in Exchange Online

角色指派原則是一或多個使用者角色可讓使用者管理其信箱設定與 Exchange Online 中的通訊群組的集合。A role assignment policy is a collection of one or more end-user roles that enable users to manage their mailbox settings and distribution groups in Exchange Online. 使用者角色是在 Exchange Online 中的角色型存取控制 (RBAC) 權限模型的一部分。End-users roles are part of the role based access control (RBAC) permissions model in Exchange Online. 您可以將不同的角色指派原則指派給不同的使用者,若要允許或防止 Exchange Online 中的特定自我管理功能。You can assign different role assignment policies to different users to allow or prevent specific self-management features in Exchange Online. 如需詳細資訊,請參閱 <角色指派原則。For more information, see Role assignment policies.

在 Exchange Online 中,名為 「 預設角色指派原則的預設角色指派原則會指定由授權其帳戶時,會指派給使用者的信箱計劃。In Exchange Online, a default role assignment policy named Default Role Assignment Policy is specified by the mailbox plan that's assigned to users when their account is licensed. 如需有關信箱計劃的詳細資訊,請參閱信箱方案在 Exchange OnlineFor more information about mailbox plans, see Mailbox plans in Exchange Online.

角色指派原則會如何 (而非管理角色) 的使用者角色會指派給 Exchange Online 中的使用者。Role assignment polices are how end-user roles (as opposed to management roles) are assigned to users in Exchange Online. 有數種方式,您可以使用角色指派原則指派給使用者的權限:There are several ways you can use role assignment policies to assign permissions to users:

  • 新的使用者New users:

    • 變更使用者角色指派給預設角色指派原則。Change the end-user roles that are assigned to the default role assignment policy.

    • 建立自訂角色指派原則,並將它設為預設值。Create a custom role assignment policy and set it as the default. 請注意此方法只會影響您建立沒有指定角色指派原則或指派的授權 (授權會指定信箱計劃,這會指定角色指派原則) 的信箱。Note that this method only affects mailboxes that you create without specifying a role assignment policy or assigning a license (the license specifies the mailbox plan, which specifies the role assignment policy).

    • 信箱計劃中指定的自訂角色指派原則。Specify a custom role assignment policy in the mailbox plan. 如需詳細資訊,請參閱 <使用 Exchange Online PowerShell 來修改信箱計劃。For more information, see Use Exchange Online PowerShell to modify mailbox plans.

  • 現有的使用者Existing users:

    • 不同的授權指派給使用者。Assign a different license to the user. 這會套用不同的信箱計劃,這會指定要套用的角色指派原則的設定。This will apply the settings of the different mailbox plan, which specifies the role assignment policy to apply.

    • 以手動方式將自訂的角色指派原則指派給信箱。Manually assign a custom role assignment policy to mailboxes.

下表說明可用的使用者角色,您可以將指派給信箱計劃:The available end-user roles that you can assign to mailbox plans are described in the following table:

RoleRole 根據預設,以指派給預設角色指派原則?Assigned to Default Role Assignment Policy by default? 描述Description
我的自訂應用程式My Custom Apps Yes 安裝自訂應用程式。Install custom apps.
My Marketplace AppsMy Marketplace Apps Yes 安裝市集應用程式。Install marketplace apps.
我的 ReadWriteMailbox 應用程式My ReadWriteMailbox Apps Yes ReadWriteMailbox 的權限安裝應用程式。Install apps with ReadWriteMailbox permissions.
MyBaseOptionsMyBaseOptions Yes 所需的使用者從自己的信箱存取網頁型 Outlook 中的選項。Required for users to access options in Outlook on the web from their own mailbox.
MyContactInformationMyContactInformation Yes 編輯他們的地址和電話號碼,在全域通訊清單 (GAL)。Edit their address and telephone number in the global address list (GAL).

此角色包含下列子系角色:This role contains the following child roles:
MyAddressInformation: 變更的所有項目及其郵寄地址,運作電話號碼及傳真號碼。MyAddressInformation: Change all elements of their mailing address, work telephone number, and fax number.
MyMobileInformation: 變更其行動電話和呼叫器號碼。MyMobileInformation: Change their mobile phone and pager numbers.
MyPersonalInformation: 變更他們的住家電話號碼及網頁。MyPersonalInformation: Change their home telephone number and web page.

如果您認為此角色可讓使用者太多電源,您可以從角色指派原則移除角色,並指派一或多個子項角色。If you think this role gives users too much power, you can remove the role from the role assignment policy, and assign one or more of the child roles. 如需相關指示,請參閱本主題中的角色指派原則中的新增或移除角色For instructions, see the Add or remove roles from a role assignment policy section in this topic.
MyDistributionGroupMembershipMyDistributionGroupMembership Yes 加入或離開現有的通訊群組 (如果群組已設定,讓加入或離開群組的成員)。Join or leave existing distribution groups (if the group is configured to let members join or leave the group).
MyDistributionGroupsMyDistributionGroups Yes 建立新的通訊群組,請刪除的群組他們擁有、 修改其所擁有的群組和管理自己的群組的群組成員資格。Create new distribution groups, delete groups they own, modify groups they own, and manage group membership for groups they own.
MyMailboxDelegationMyMailboxDelegation No 可讓使用者授與傳送代表其他使用者在其信箱上的權限。Allows users to grant send on behalf of permissions to other users on their mailbox. 清楚地 From 欄位中顯示寄件者的郵件 (<寄件者>代理的<信箱>),但回覆會傳遞至信箱,不寄件者。Messages clearly show the sender in the From field (<Sender> on behalf of <Mailbox>), but replies are delivered to the mailbox, not the sender.
MyMailSubscriptionsMyMailSubscriptions Yes 已連線的帳戶已移除 2018 年 11 月,網頁型 Outlook。Connected accounts were removed from Outlook on the web in November, 2018. 如需詳細資訊,請參閱 <已連線的帳戶已不再支援網頁型 Outlook 中。For more information, see Connected accounts is no longer supported in Outlook on the web.
MyProfileInformationMyProfileInformation Yes 編輯其名字、 中間名縮寫、 姓氏、 和顯示名稱在 GAL 中。Edit their first name, middle initial, last name, and display name in the GAL.

此角色包含下列子系角色:This role contains the following child roles:
MyDisplayName: 變更其顯示名稱。MyDisplayName: Change their display name.
MyName: 變更其名字、 中間名縮寫、 姓氏與備忘稿屬性。MyName: Change their first name, middle initial, last name and Notes property.

如果您認為此角色可讓使用者太多電源,您可以從角色指派原則移除角色,並指派其中一個子項角色。If you think this role gives users too much power, you can remove the role from the role assignment policy, and assign one of the child roles. 如需相關指示,請參閱本主題中的角色指派原則中的新增或移除角色For instructions, see the Add or remove roles from a role assignment policy section in this topic.
MyRetentionPoliciesMyRetentionPolicies Yes 允許使用者新增不屬於他們指派的保留原則的個人標記。*Allows users to add personal tags that aren't part of their assigned retention policy.*
MyTeamMailboxesMyTeamMailboxes Yes 站台信箱已在 2017 年 9 月,終止因 Office 365 群組。Site mailboxes were discontinued in favor of Office 365 groups in September, 2017. 如需詳細資訊,請參閱 <使用 Office 365 群組,而不是站台信箱。For more information, see Use Office 365 Groups instead of Site Mailboxes.
MyTextMessagingMyTextMessaging Yes 啟用會議和新的電子郵件訊息的簡訊通知。*Enable text message notifications for meetings and new email messages.*
MyVoiceMailMyVoiceMail Yes 更新其語音信箱設定。*Update their voice mail settings.*

*在所有地區或組織無法使用此功能。*This feature isn't available in all regions or organizations.

開始之前有哪些須知?What do you need to know before you begin?

  • 完成每項程序預估時間: 少於 5 分鐘。Estimated time to complete each procedure: less than 5 minutes.

  • 本主題中的程序需要 「 角色管理 」 RBAC 角色在 Exchange Online。The procedures in this topic require the Role Management RBAC role in Exchange Online. 一般而言,您的組織管理角色群組 (Office 365 全域系統管理員角色) 中取得成員資格透過此權限。Typically, you get this permission via membership in the Organization Management role group (the Office 365 Global administrator role). 如需詳細資訊,請參閱管理角色群組在 Exchange OnlineFor more information, see Manage role groups in Exchange Online.

  • 若要開啟 Exchange 系統管理中心 (EAC),請參閱Exchange 系統管理中心在 Exchange OnlineTo open the Exchange admin center (EAC), see Exchange admin center in Exchange Online. 若要連線至 Exchange Online PowerShell,請參閱連線至 Exchange Online PowerShellTo connect to Exchange Online PowerShell, see Connect to Exchange Online PowerShell.

  • 使用者會登出後再次登入權限的變更才會生效。Changes to permissions take effect after the user logs out and logs in again.

提示

有問題嗎?Having problems? 在 Exchange 論壇中尋求協助。Ask for help in the Exchange forums. 此論壇的網址為: Exchange OnlineExchange Online ProtectionVisit the forums at Exchange Online or Exchange Online Protection.

檢視角色指派給角色指派原則View roles assigned to a role assignment policy

使用 EAC 來檢視指派到角色指派原則角色Use the EAC to view roles assigned to a role assignment policy

  1. 在 EAC 中,前往 [權限 > 使用者角色],然後選取的角色指派原則。In the EAC, go to Permissions > User roles, and select the role assignment policy.

  2. 在詳細資料窗格中會顯示指派給原則的角色。The roles that are assigned to the policy are displayed in the details pane. 您也可以按一下編輯![編輯] 按鈕](../media/ITPro_EAC_EditIcon.png)若要查看的角色,包括可用的角色不指派給原則。You can also click Edit Edit button to see the roles, including the available roles that aren't assigned to the policy.

使用 Exchange Online PowerShell 來檢視指派到角色指派原則角色Use Exchange Online PowerShell to view roles assigned to a role assignment policy

若要檢視指派到角色指派原則的角色,請使用下列語法:To view the roles assigned to a role assignment policy, use the following syntax:

Get-ManagementRoleAssignment -RoleAssignee "<RoleAssignmentPolicyName>" | Format-Table Name,Role -Auto

此範例會傳回指派給名為預設角色指派原則的原則的角色。This example returns the roles that are assigned to the policy named Default Role Assignment Policy.

Get-ManagementRoleAssignment -RoleAssignee "Default Role Assignment Policy" | Format-Table Name,Role -Auto

如需詳細的語法及參數資訊,請參閱 Get-ManagementRoleAssignmentFor detailed syntax and parameter information, see Get-ManagementRoleAssignment.

附註: 若要傳回所有可用的一般使用者角色的清單,請執行下列命令:Note: To return a list of all available end-user roles, run the following command:

Get-ManagementRole | Where {$_.IsEndUserRole -eq $true} | Format-Table Name,Parent

新增或移除角色指派原則的角色Add or remove roles from a role assignment policy

使用 EAC 來新增或移除角色指派原則的角色Use the EAC to add or remove roles from a role assignment policy

  1. 在 EAC 中,前往 [權限 > 使用者角色],選取 [角色指派原則,然後按一下 編輯![編輯] 按鈕In the EAC, go to Permissions > User roles, select the role assignment policy, and then click Edit Edit button.

  2. 原則屬性] 視窗中開啟,執行下列步驟:In the policy properties window that opens, do one of the following steps:

    • 若要新增角色,請選取 [角色旁的核取方塊。To add a role, select the check box next to the role.

    • 若要移除已被指派的角色,請清除此核取方塊。To remove a role that's already assigned, clear the check box.

    如果選取含有子角色之角色的核取方塊,也會選取子角色的核取方塊。If you select a check box for a role that has child roles, the check boxes for the child roles are also selected. 如果您清除上層角色的核取方塊,也會取消選取子角色的核取方塊。If you clear the check box of the parent role, the check boxes for the child roles are also cleared. 您可以選取子角色清除上層角色的核取方塊,然後選取 [個別子項角色。You can select a child role by clearing the check box of the parent role and then selecting the individual child role.

  3. 完成後,請按一下 [儲存]When you're finished, click Save.

使用 Exchange Online PowerShell 將角色新增至角色指派原則Use Exchange Online PowerShell to add roles to a role assignment policy

將角色新增至角色指派原則會建立新的角色指派的角色和角色指派原則名稱的組合的唯一名稱。Adding a role to a role assignment policy creates a new role assignment with a unique name that's a combination of the names of the role and the role assignment policy.

若要新增角色至角色指派原則,請使用下列語法:To add roles to a role assignment policy, use the following syntax:

New-ManagementRoleAssignment -Role <RoleName> -Policy "<RoleAssignmentPolicyName>"

此範例會新增名為 「 預設角色指派原則的角色指派原則角色 MyMailboxDelegation。This example adds the role MyMailboxDelegation to the role assignment policy named Default Role Assignment Policy.

New-ManagementRoleAssignment -Role MyMailboxDelegation -Policy "Default Role Assignment Policy"

如需詳細的語法及參數資訊,請參閱 New-ManagementRoleAssignmentFor detailed syntax and parameter information, see New-ManagementRoleAssignment.

使用 Exchange Online PowerShell 來從角色指派原則移除角色Use Exchange Online PowerShell to remove roles from a role assignment policy

  1. 使用從使用 Exchange Online PowerShell 來檢視角色指派給角色指派原則] 區段中,本主題稍早的程序,以尋找您想要移除的角色的角色指派的名稱 (它是組合的名稱角色和角色指派原則)。Use the procedure from the Use Exchange Online PowerShell to view roles assigned to a role assignment policy section earlier in this topic to find the name of the role assignment for the role that you want to remove (it's a combination of the names of the role and the role assignment policy).

  2. 若要從角色指派原則移除角色,請使用下列語法:To remove the role from the role assignment policy, use this syntax:

    Remove-ManagementRoleAssignment -Identity "<RoleAssignmentName>"
    

    此範例會從名為 「 預設角色指派原則的角色指派原則移除 MyDistributionGroups 角色。This example removes the MyDistributionGroups role from the role assignment policy named Default Role Assignment Policy.

    Remove-ManagementRoleAssignment -Identity "MyDistributionGroups-Default Role Assignment Policy"
    

如需詳細的語法及參數資訊,請參閱 Remove-ManagementRoleAssignmentFor detailed syntax and parameter information, see Remove-ManagementRoleAssignment.

如何知道這是否正常運作?How do you know this worked?

若要確認您是否已成功新增或移除角色指派原則的角色,請使用下列步驟:To verify that you've successfully added or removed roles from a role assignment policy, use either of the following steps:

  • 在 EAC 中,前往 [權限 > 使用者角色],選取的角色指派原則,並確認在詳細資料窗格中,或按一下 編輯的角色![編輯] 按鈕In the EAC, go to Permissions > User roles, select the role assignment policy, and verify the roles in the details pane or by clicking Edit Edit button.

  • 在 Exchange Online PowerShell 中取代<RoleAssignmentPolicyName>的角色指派原則,並執行下列命令名稱:In Exchange Online PowerShell, replace <RoleAssignmentPolicyName> with the name of the role assignment policy, and run the following command:

    Get-ManagementRoleAssignment -RoleAssignee "<RoleAssignmentPolicyName>" | Format-Table Name,Role -Auto
    

建立角色指派原則Create role assignment policies

使用 EAC 來建立角色指派原則Use the EAC to create role assignment policies

  1. 在 EAC 中,前往 [權限 > 使用者角色並按一下 [新增新按鈕In the EAC, go to Permissions > User roles and click New New button.

  2. 在新角色指派原則視窗中開啟,設定下列設定:In the new role assignment policy window that opens, configure the following settings:

    • 名稱: 輸入的描述性名稱。Name: Enter a descriptive name.

    • 描述: 輸入的選用描述。Description: Enter an optional description.

    • 選取您想要指派給該原則的角色。Select the roles that you want to assign to the policy.

  3. 完成作業後,按一下 [儲存When you're finished, click Save

使用 Exchange Online PowerShell 來建立角色指派原則Use Exchange Online PowerShell to create role assignment policies

若要建立角色指派原則,請使用下列語法:To create a role assignment policy, use the following syntax:

New-RoleAssignmentPolicy -Name <UniqueName> [-Description "<Descriptive Text>"] [-Roles "<EndUserRole1>","<EndUserRole2>"...] [-IsDefault]

此範例會建立新的角色指派原則,名為 Contoso 承包商,其中包含指定的使用者角色。This example creates a new role assignment policy named Contoso Contractors that includes the specified end-user roles.

New-RoleAssignmentPolicy -Name "Contoso Contractors" -Description "Limited self-management capabilities for contingent staff."] -Roles "MyBaseOptions","MyContactInformation","MyProfileInformation"

如需詳細的語法及參數資訊,請參閱 New-RoleAssignmentPolicyFor detailed syntax and parameter information, see New-RoleAssignmentPolicy.

如何知道這是否正常運作?How do you know this worked?

若要確認您是否已成功建立角色指派原則,請使用下列步驟:To verify that you've successfully created a role assignment policy, use either of the following steps:

  • 在 EAC 中,前往 [權限 > 使用者角色],選取的角色指派原則,然後確認屬性值詳細資料窗格中,或按一下 編輯![編輯] 按鈕In the EAC, go to Permissions > User roles, select the role assignment policy, and verify the property values in the details pane or by clicking Edit Edit button.

  • 在 Exchange Online PowerShell 中取代<RoleAssignmentPolicyName>角色指派原則,並執行下列命令來確認屬性值的名稱:In Exchange Online PowerShell, replace <RoleAssignmentPolicyName> with the name of the role assignment policy, and run the following command to verify the property values:

    Get-RoleAssignmentPolicy -Identity "<RoleAssignmentPolicyName>" | Format-List Description,AssignedRoles,IsDefault
    

修改角色指派原則Modify role assignment policies

您可以使用 EAC 或 Exchange PowerShell 來從角色指派原則新增或移除角色You can use the EAC or Exchange PowerShell to Add or remove roles from a role assignment policy.

您只可以使用 Exchange Online PowerShell 來指定預設角色指派原則套用至新的信箱,不會被指派授權或角色指派原則在建立時。You can only use Exchange Online PowerShell to specify the default role assignment policy that's applied to new mailboxes that aren't assigned a license or a role assignment policy when they're created.

否則,您可以在 EAC 或 Exchange Online PowerShell 中執行所有是修改的名稱與角色指派原則的描述。Otherwise, all you can do in the EAC or Exchange Online PowerShell is modify the name and description of the role assignment policy.

使用 Exchange Online PowerShell 來指定預設角色指派原則Use Exchange Online PowerShell to specify the default role assignment policy

若要指定預設角色指派原則,請使用下列語法:To specify the default role assignment policy, use the following syntax:

Set-RoleAssignmentPolicy -Identity "<RoleAssignmentPolicyName>" -IsDefault

本範例會將 Contoso 使用者設定為預設角色指派原則。This example configures Contoso Users as the default role assignment policy.

Set-RoleAssignmentPolicy -Identity "Contoso Users" -IsDefault

附註: _IsDefault_參數也是New-roleassignmentpolicy指令程式提供。Note: The IsDefault switch is also available on the New-RoleAssignmentPolicy cmdlets.

如需詳細的語法及參數資訊,請參閱 Set-RoleAssignmentPolicyFor detailed syntax and parameter information, see Set-RoleAssignmentPolicy.

如何知道這是否正常運作?How do you know this worked?

若要確認您是否已成功修改角色指派原則,請使用下列步驟:To verify that you've successfully modified a role assignment policy, use either of the following steps:

  • 在 EAC 中,前往 [權限 > 使用者角色],選取的角色指派原則,然後確認屬性值詳細資料窗格中,或按一下 編輯![編輯] 按鈕In the EAC, go to Permissions > User roles, select the role assignment policy, and verify the property values in the details pane or by clicking Edit Edit button.

  • 在 Exchange Online PowerShell 中取代<RoleAssignmentPolicyName>角色指派原則,並執行下列命令來確認屬性值的名稱:In Exchange Online PowerShell, replace <RoleAssignmentPolicyName> with the name of the role assignment policy, and run the following command to verify the property values:

    Get-RoleAssignmentPolicy -Identity "<RoleAssignmentPolicyName>" | Format-List Description,AssignedRoles,IsDefault
    

移除角色指派原則Remove role assignment policies

您無法移除目前指定為預設的角色指派原則。You can't remove the role assignment policy that's currently specified as the default. 您必須先指定為預設的另一個角色指派原則後,才能刪除該原則。You first need to specify another role assignment policy as the default before you can delete the policy.

您無法移除指派給信箱的角色指派原則。You can't remove a role assignment policy that's assigned to mailboxes. 使用 [使用 Exchange Online PowerShell 來修改信箱上的角色指派原則指派] 區段中所述的程序來取代指派給信箱的角色指派原則。Use the procedures described in the Use Exchange Online PowerShell to modify role assignment policy assignments on mailboxes section to replace the role assignment policy that's assigned to mailboxes.

使用 EAC 來移除角色指派原則Use the EAC to remove role assignment policies

  1. 在 EAC 中,前往 [權限 > 使用者角色],選取您要刪除之原則,然後按一下 [刪除刪除按鈕In the EAC, go to Permissions > User roles, select the policy that you want to delete, and then click Delete Delete button.

  2. 在出現的警告] 對話方塊中按一下 []。In the warning dialog box that appears, click Yes.

使用 Exchange Online PowerShell 來移除角色指派原則Use Exchange Online PowerShell to remove role assignment policies

若要移除的角色指派原則,請使用下列語法:To remove a role assignment policy, use the following syntax:

Remove-RoleAssignmentPolicy -Identity "<RoleAssignmentPolicyName>"

此範例會移除名為 Contoso 經理的角色指派原則。This example removes the role assignment policy named Contoso Managers.

Remove-RoleAssignmentPolicy -Identity "Contoso Managers"

如需詳細的語法及參數資訊,請參閱 Remove-RoleAssignmentPolicyFor detailed syntax and parameter information, see Remove-RoleAssignmentPolicy.

如何知道這是否正常運作?How do you know this worked?

若要確認您是否已成功移除角色指派原則,請使用下列步驟:To verify that you've successfully removed a role assignment policy, use either of the following steps:

  • 在 EAC 中,前往 [權限 > 使用者角色並確認未列出之角色指派原則。In the EAC, go to Permissions > User roles and verify the role assignment policy isn't listed.

  • 在 Exchange Online PowerShell 中執行下列命令,確認未列出之角色指派原則:In Exchange Online PowerShell, run the following command to verify the role assignment policy isn't listed:

    Get-RoleAssignmentPolicy | Format-Table Name
    

在信箱上檢視角色指派原則指派View role assignment policy assignments on mailboxes

使用 EAC 來檢視信箱上的角色指派原則指派Use the EAC to view role assignment policy assignments on mailboxes

  1. 在 EAC 中,前往 [收件者 > 信箱],選取信箱],然後按一下 編輯![編輯] 按鈕In the EAC, go to Recipients > Mailboxes, select the mailbox, and click Edit Edit button.

  2. 在信箱屬性開啟的視窗中,按一下 [信箱功能]。In the mailbox properties window that opens, click Mailbox features. 角色指派原則會顯示在 [角色指派原則] 欄位。The role assignment policy is shown in the Role assignment policy field.

  3. 完成後,請按一下 [儲存]When you're finished, click Save.

使用 Exchange Online PowerShell 來檢視信箱上的角色指派原則指派Use Exchange Online PowerShell to view role assignment policy assignments on mailboxes

若要查看特定信箱的角色指派原則指派,請使用下列語法:To see the role assignment policy assignment on a specific mailbox, use the following syntax:

Get-Mailbox -Identity <MailboxIdentity> | Format-List RoleAssignmentPolicy

此範例會傳回名為 Pedro Pizarro 的信箱的角色指派原則。This example returns the role assignment policy for the mailbox named Pedro Pizarro.

Get-Mailbox -Identity "Pedro Pizarro" | Format-List RoleAssignmentPolicy

若要傳回所有的信箱已指派特定角色指派原則,請使用下列語法:To return all mailboxes that have a specific role assignment policy assigned, use the following syntax:

$<VariableName> = Get-Mailbox -ResultSize unlimited
$<VariableName> | where {$_.RoleAssignmentPolicy -eq '<RoleAssignmentPolicyName>'}

此範例會傳回名為 Contoso 經理指派的角色指派原則的所有信箱。This example returns all mailboxes that have the role assignment policy named Contoso Managers assigned.

$Mgrs = Get-Mailbox -ResultSize unlimited
$Mgrs | where {$_.RoleAssignmentPolicy -eq 'Contoso Managers'}

修改信箱上的角色指派原則指派Modify role assignment policy assignments on mailboxes

信箱可以有指派只能有一個角色指派原則。A mailbox can have only one role assignment policy assigned. 您將指派給信箱的角色指派原則將會取代現有的角色指派原則指派。The role assignment policy that you assign to the mailbox will replace the existing role assignment policy that's assigned.

使用 EAC 來修改信箱上的角色指派原則指派Use the EAC to modify role assignment policy assignments on mailboxes

在 EAC 中,前往 [收件者 > 信箱,並執行下列其中一個下列步驟:In the EAC, go to Recipients > Mailboxes, and do one of the following steps:

  • 個別的信箱: 選取的信箱>按一下 編輯![編輯] 按鈕>按一下 [信箱功能] 中開啟的視窗>按一下 [角色指派原則 >選取新的角色指派原則>按一下 [儲存]。Individual mailboxes: Select the mailbox > click Edit Edit button > click Mailbox features in the window that opens > click the dropdown next to Role assignment policy > select a new role assignment policy > click Save.

  • 多個信箱: 選取相同類型 (例如,使用者) 的多個信箱選取的信箱、 按住 Shift 鍵,並在清單中,或按住 CTRL 鍵,當您選取 [每個信箱得更遠向下選取另一個信箱。Multiple mailboxes: Select multiple mailboxes of the same type (for example, User) by selecting a mailbox, holding down the Shift key, and select another mailbox farther down in the list or by holding down the CTRL key as you select each mailbox. 在詳細資料窗格中 (,具有現在標題為 [大量編輯): 按一下 [更多選項] > 角色指派原則] 底下按一下 [更新>在出現的視窗中選取的角色指派原則> [儲存.In the details pane (that's now titled Bulk Edit): click More options > click Update under Role Assignment Policy > select the role assignment policy in the window that appears > click Save.

使用 Exchange Online PowerShell 來修改信箱上的角色指派原則指派Use Exchange Online PowerShell to modify role assignment policy assignments on mailboxes

若要變更特定信箱上的角色指派原則指派,請使用下列語法:To change the role assignment policy assignment on a specific mailbox, use this syntax:

Set-Mailbox -Identity <MailboxIdentity> -RoleAssignmentPolicy "<RoleAssignmentPolicyName>"

此範例會將套用至名為 Pedro Pizarro 信箱命名為 「 Contoso 管理角色指派原則。This example applies the role assignment policy named Contoso Managers to the mailbox named Pedro Pizarro.

Get-Mailbox -Identity "Pedro Pizarro" -RoleAssignmentPolicy "<RoleAssignmentPolicyName>"

若要變更已指派特定角色指派原則的所有信箱的指派,請使用下列語法:To change the assignment for all mailboxes that have a specific role assignment policy assigned, use the following syntax:

$<VariableName> = Get-Mailbox -ResultSize unlimited
$<VariableName> | where {$_.RoleAssignmentPolicy -eq '<CurrentRoleAssignmentPolicyName>'} | Set-Mailbox -RoleAssignmentPolicy '<NewRoleAssignmentPolicyName>'

本範例從預設角色指派原則,為 Contoso 員工的所有信箱的目前預設角色指派原則指派給,變更角色指派原則。This example changes the role assignment policy from Default Role Assignment Policy to Contoso Staff for all mailboxes that currently have Default Role Assignment Policy assigned.

$Users = Get-Mailbox -ResultSize unlimited
$Users | where {$_.RoleAssignmentPolicy -eq 'Default Role Assignment Policy'} | Set-Mailbox -RoleAssignmentPolicy 'Contoso Staff'

如何知道這是否正常運作?How do you know this worked?

若要確認您是否已成功修改信箱上的角色指派原則指派,使用下列步驟:To verify that you've successfully modified the role assignment policy assignment on a mailbox, use any of the following steps:

  • 在 EAC 中,前往 [收件者 > 信箱>選取的信箱>按一下 編輯![編輯] 按鈕>按一下 [信箱功能] 中的視窗中開啟,並確認的值角色指派原則] 欄位。In the EAC, go to Recipients > Mailboxes > select the mailbox > click Edit Edit button > click Mailbox features in the window that opens and verify the value in the Role assignment policy field.

  • 在 Exchange Online PowerShell 中取代<MailboxIdentity>使用的名稱、 別名、 電子郵件地址或信箱的帳戶名稱,並執行下列命令,以確認RoleAssignmentPolicy屬性值:In Exchange Online PowerShell, replace <MailboxIdentity> with the name, alias, email address, or account name of the mailbox, and run the following command to verify the RoleAssignmentPolicy property value:

    Get-Mailbox -Identity <MailboxIdentity> | Format-List RoleAssignmentPolicy
    
  • 在 Exchange Online PowerShell 中取代<RoleAssignmentPolicyName>的角色指派原則,並執行下列命令來確認信箱已指派的原則名稱:In Exchange Online PowerShell, replace <RoleAssignmentPolicyName> with the name of the role assignment policy, and run the following commands to verify the mailboxes that have the policy assigned:

    $X = Get-Mailbox -ResultSize unlimited
    
    $X | where {$_.RoleAssignmentPolicy -eq '<RoleAssignmentPolicyName>'}