In Microsoft Exchange Server, groups of Exchange rights that can be assigned to users and groups to control their level of access to objects in the Exchange directory hierarchy. Exchange has a number of predefined roles for assigning common sets of permissions to users and groups, as shown in the following table.
| Right | Role | ||||||
| Admin | Permissions Admin | Service Account Admin | View Only Admin | User | Send As | Search | |
| Add child | x | x | x | ||||
| Modify user attributes | x | x | x | x | x | ||
| Modify admin attributes | x | x | x | ||||
| Delete | x | x | x | ||||
| Logon | x | x | x | x | |||
| Modify permission | x | x | |||||
| Replication | x | ||||||
| Mailbox owner | x | x | |||||
| Send as | x | x | x | ||||
| Search | x | ||||||
Administrators can also create custom roles to grant special types of access to the directory.