Exchange Impersonation enables a caller to impersonate a given account so that a caller can perform operations by using the permissions that are associated with the impersonated account instead of the permissions that are associated with the caller’s account. Microsoft Exchange Server 2007 provides two Active Directory directory service extended permissions that are used to determine which callers can perform Exchange Impersonation calls and which accounts can be impersonated by the caller.
This procedure grants fasapprov1 permission to impersonate fasaptest1
Add-ADPermission -Identity “username” -User “Username2” -extendedRight ms-Exch-EPI-May-Impersonate
See article link below to see step by step configuration instructions
Ex-Shell 