Link to home
Start Free TrialLog in
Avatar of The_Master_Chief
The_Master_Chief

asked on

Exchange 2000 permissions on public folders

How do I set permissions on public folders so that certain OU's or Users don't have access to them?
I am using Exchange 2000.
Avatar of mikeleebrla
mikeleebrla
Flag of United States of America image

OUs aren't used for security,, you will need to set up a security group for this,,,,but you set up security for public folders from within exchange system manager on the server. From there go to folders, public folders,,, rightclick on the public folder you want to restrict and click properties.. then go to the permissions tab,,, then click on client permissions,, this will open up the page where you set permissions for public folders.. it is pretty self explainetory from there..  hope this helps..
Avatar of The_Master_Chief
The_Master_Chief

ASKER

How would I set up a security group if OU's aren't used for this?
on a domain controller,, go to active directory users and computers,,,, from there go to users,, rightclick and choose new,, then security group and add it there
add all members of this OU to a group and then change the security options for that group.
Huji
In a little more detail, you create a local group for a particular resoure(s), give it permissions to the resource. Then create  a global group and add it to the membership of the local groups of the resources that you want members of the global  group to have access to.......then add individual users to the security group.

a little more background........the different types of security groups are used to set access permissions for resources.
OUs are used to organize users and/or computers so that you can regulate that particular unit (not group) through group policy.  As usual MS's terminology seems designed to confuse.
Let me see if I got this...

Example:
I have an OU for a location in California that I do NOT want to have access to any public folders.
I have many other locations throughou tthe country with corresponding OU's that CAN have access to the public folders.

All I have to do is:

1) Create a security group for public folders
2) Assign all of the members of that California OU to the securty group
3) Add the new public folders security group to the client permissions of the corresponding public folders and specify the rights for that group.

Is that correct?
ASKER CERTIFIED SOLUTION
Avatar of JConchie
JConchie

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Well I created a global security group called "Public Folders Deny".
I added one user for testing purposes and went to exchange system manager > the public folders store and under security I added the new deny group and set to deny all.  That did not prevent the user from opening that public folders.  

However, when I added the deny group to an individual public fiolder's client permissions and denied there, the user was unabel to access that particular public folder.  

How can I make it so that group can't access anypublic folders?

I am not worried about the points becase JConchie answered my question, but a little more detail on this would be great.
Don't think you can do this on the Store itself......drop down one more level to the "Public Folders" object and try setting it there.........but it may be that you have to do it folder by folder........if you have folders that were created by users rather than by an admin, they own the folder and may have set permissions to deny inheritance from above.
I was not able to set permissions on the sub folder

 - Public Folder Store (server name)
     |
      - Public Folders

I will have to do it to individual folders.
Thanks