Sign in with Microsoft
Sign in or create an account.
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.


In a Microsoft Exchange Server 2016 environment, consider the following scenario:

  • You create a Role Based Access Control (RBAC) management role by adding certain management role entries that are based on the Unified Messaging (UM) Mailboxes role, such as the Set-UMMailboxPIN cmdlet.

  • You create a management scope by using a recipient restriction filter and specify a particular organizational unit (OU) to the filter.

  • You create a management role group that has this management role and management scope assigned.

In this scenario, when admin members in the management role group run the Set-UMMailboxPIN cmdlet, they can reset the PINs on the UM-enabled mailboxes for users who are outside the scoped OU.


This issue occurs because the recipient restriction filter isn't correctly handled during running the cmdlet.


To fix this issue, install Cumulative Update 9 for Exchange Server 2016 or a later cumulative update for Exchange Server 2016.


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.


Learn about the terminology that Microsoft uses to describe software updates.

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!