In a Microsoft Exchange Server 2016 environment, consider the following scenario:
- You create a Role Based Access Control (RBAC) management role by adding certain management role entries that are based on the Unified Messaging (UM) Mailboxes role, such as the Set-UMMailboxPIN cmdlet.
You create a management scope by using a recipient restriction filter and specify a particular organizational unit (OU) to the filter.
You create a management role group that has this management role and management scope assigned.
In this scenario, when admin members in the management role group run the Set-UMMailboxPIN cmdlet, they can reset the PINs on the UM-enabled mailboxes for users who are outside the scoped OU.