Administrative permissions vary somewhat based on the version(s) of Exchange Server that you are running. In Exchange 2003, there are three levels of administrative rights that can be configured. In Exchange 2007, there are two options for assigned adminsitrative permissions. I recommend that you familiarize yourself with basic Exchange 2003 and Exchange 2007 administrative concepts by taking a look at the SearchExchange.com tip, <a href=”http://searchexchange.techtarget.com/tip/0,289483,sid43_gci1283791,00.html”>Exchange Admin 101: Exchange 2003 and Exchange 2007 admin privileges</a>.
What it is exactly that you are trying to accomplish though? Configuring Microsoft Exchange Server permissions can be tricky. I do not recommend modifying default permissions for built-in or default groups. Microsoft Exchange and Active Directory permissions are tightly integrated and, by default, administrators are denied access to all mailboxes.
Administrators can override this on a per-mailbox, store or server level at any time. Therefore, if this is truly a concern, consider: <ul>
<li>Hiring and maintaining only trustworthy administrators</li><li>Enabling auditing and alerting in your environment so that object access and changes, such as those required to override the default deny in this case, are recorded and the appropriate individuals (e.g., management, security, HR, etc.) are notified</li>
These resources may also be helpful to you:<ul>
<li><a href=”http://support.microsoft.com/kb/823018″>Overview of Exchange administrative role permissions in Exchange 2003</a></li><li><a href=”http://www.petri.co.il/grant_full_mailbox_rights_on_exchange_2000_2003.htm”>Grant Full Mailbox Rights to an Administrator on Exchange 2000/2003</a></li>