We help IT Professionals succeed at work.

Exchange 2000 permissions on public folders

Medium Priority
Last Modified: 2010-04-13
How do I set permissions on public folders so that certain OU's or Users don't have access to them?
I am using Exchange 2000.
Watch Question

OUs aren't used for security,, you will need to set up a security group for this,,,,but you set up security for public folders from within exchange system manager on the server. From there go to folders, public folders,,, rightclick on the public folder you want to restrict and click properties.. then go to the permissions tab,,, then click on client permissions,, this will open up the page where you set permissions for public folders.. it is pretty self explainetory from there..  hope this helps..


How would I set up a security group if OU's aren't used for this?
on a domain controller,, go to active directory users and computers,,,, from there go to users,, rightclick and choose new,, then security group and add it there

add all members of this OU to a group and then change the security options for that group.

In a little more detail, you create a local group for a particular resoure(s), give it permissions to the resource. Then create  a global group and add it to the membership of the local groups of the resources that you want members of the global  group to have access to.......then add individual users to the security group.

a little more background........the different types of security groups are used to set access permissions for resources.
OUs are used to organize users and/or computers so that you can regulate that particular unit (not group) through group policy.  As usual MS's terminology seems designed to confuse.


Let me see if I got this...

I have an OU for a location in California that I do NOT want to have access to any public folders.
I have many other locations throughou tthe country with corresponding OU's that CAN have access to the public folders.

All I have to do is:

1) Create a security group for public folders
2) Assign all of the members of that California OU to the securty group
3) Add the new public folders security group to the client permissions of the corresponding public folders and specify the rights for that group.

Is that correct?
Unlock this solution and get a sample of our free trial.
(No credit card required)


Well I created a global security group called "Public Folders Deny".
I added one user for testing purposes and went to exchange system manager > the public folders store and under security I added the new deny group and set to deny all.  That did not prevent the user from opening that public folders.  

However, when I added the deny group to an individual public fiolder's client permissions and denied there, the user was unabel to access that particular public folder.  

How can I make it so that group can't access anypublic folders?

I am not worried about the points becase JConchie answered my question, but a little more detail on this would be great.

Don't think you can do this on the Store itself......drop down one more level to the "Public Folders" object and try setting it there.........but it may be that you have to do it folder by folder........if you have folders that were created by users rather than by an admin, they own the folder and may have set permissions to deny inheritance from above.


I was not able to set permissions on the sub folder

 - Public Folder Store (server name)
      - Public Folders

I will have to do it to individual folders.
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.