Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. PIN can be reset on a Unified Messaging (UM)-enabled mailbox for a user outside a scoped OU

PIN can be reset on a Unified Messaging (UM)-enabled mailbox for a user outside a scoped OU

View products that this article applies to.

Symptoms

In a Microsoft Exchange Server 2016 environment, consider the following scenario:

  • You create a Role Based Access Control (RBAC) management role by adding certain management role entries that are based on the Unified Messaging (UM) Mailboxes role, such as the Set-UMMailboxPIN cmdlet.

  • You create a management scope by using a recipient restriction filter and specify a particular organizational unit (OU) to the filter.

  • You create a management role group that has this management role and management scope assigned.

In this scenario, when admin members in the management role group run the Set-UMMailboxPIN cmdlet, they can reset the PINs on the UM-enabled mailboxes for users who are outside the scoped OU.

↑ Back to the top

Cause

This issue occurs because the recipient restriction filter isn't correctly handled during running the cmdlet.

↑ Back to the top

Resolution

To fix this issue, install Cumulative Update 9 for Exchange Server 2016 or a later cumulative update for Exchange Server 2016.

↑ Back to the top

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

↑ Back to the top

References

Learn about the terminology that Microsoft uses to describe software updates.

↑ Back to the top

Keywords: kbexpertiseadvanced, kbqfe, kbfix, kb, CI74024, RBAC ManagementRoleEntry 'Set-UMMailboxPIN' doesn't honor the ManagementScope with RecipientRestrictionFilter, PIN can be reset on a Unified Messaging (UM)-enabled mailbox for a user outside a scoped OU, kbsurveynew, kbContentAuto, Set-UMMailboxPIN can be used to reset the PINs on the UM-enabled mailboxes for users outside the scoped OU

↑ Back to the top

Article Info
Article ID : 4073104
Revision : 6
Created on : 3/5/2018
Published on : 3/20/2018
Exists online : False
Views : 214