We've worked through configuring AD constrained delegation for a service account in our domain, and we've gotten everything to work in principle. However, to do so we had to set up LDAP delegation to specific domain controllers. The downside of that approach for us is that if we introduce a new DC, we could possibly have a service outage if we fail to update our delegation to include the new DC. Is there a way to delegate to any/all DC's in the domain, or is it only possible to do one at a time?
We're using resource mailboxes in Exchange 2007 for scheduling conference rooms. We'd like to set the calendars in those mailboxes to provide everyone with read access to the full details of the room's schedule in the scheduling assistant. By default, the calendars only show whether the room is booked at a certain time. That makes it kind of hard for people to work out conflicts amongst themselves without bothering the heroes at the Help Desk.
I do realize that going ahead and sending a meeting request will result in a conflict email indicating who has the room booked already, but it would be far better (and less confusing) for the users if we could eliminate that back and forth.
I also realize that we can manually grant ourselves full access to each mailbox, then open the calendar in Outlook and change the permissions there, but we would like to be able to do it via the Exchange Management Management Shell to avoid that repetitive work. And we just can't seem to find the command to do it. Anyone out there know how?