Hello everyone.

First off, I have no problem to report, thus far my new BES 5.0 HA solution is working nicely. Still much testing to do but no serious issues yet.

However, I do have a "clarification" question regarding Send As rights.

Exchange 2007, Windows 2008 DC's, BES 5.0. I have set Send As access at the Exchange server level following RIM instructions, extended Recive As and Send As access. Just setting this allows my BES solution to work.

There are further instructions to configure Send As within AD, either for individual objects or per OU etc.

From what I have read the latter may well have been necessary post Exchange 2003 SP1 (for Domain Admin accounts) and perhaps for "other" MS updates\hotfixes which involve store.exe changing things.

But, it appears I do not need to explicitly assign Send As at the AD level. Can anyone say with confidence that this is indeed the case, and that my environment as it currently stands would not need explict AD "Send AS" assigned for the BES account? I don't want to assign permissions where I dont need to.

I tested quickly and indeed the BES service account cannot "Send As" for an ordinary account (i.e my Domain user test account.), but this does not stop BES from working fine for this user with the current Exchange organsiation permissions I have assigned it.