Exchange 2000 mailbox without being domain user
I want to create a mailbox for someone who is not and should not be a domain user. This person should be capable of sending and receiving mail, have access to the public folders, etc., but not have any additional rights normally associated with a domain user. Can I do this, and if yes, how?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You could create a separate OU for those users, create an AD account, but limit their permissions via Group Policy or other. You can even hide their email address from other domain users.
Not sure how you plan for them to access the system. Can you explain your thoughts and needs?
Steve
Not sure how you plan for them to access the system. Can you explain your thoughts and needs?
Steve
ASKER
We have company-external contractors and students (gasp!) who have a need to work with us on documents and discussions taking place in public folders, but I don't want to give (especially) students any more access to the administrative network than I absolutely have to.
ASKER
Sorry, I missed the last portion: Their access would be exclusively via OWA.
The same problem here... You can, through Exchange Advanced properties, only give mailbox access via OWA, but then, you still need to have the user account... I think you'd better work on the security of your domain. I have a rule to never give the Domain Users group any rights. Windows gives the following solution.
Give a domain local group you created rights to a folder e.g. Documents --> LG_Documents
Then create Global Groups and add users with same responsibilities e.g. Students (gasp!??? ;)) and put then in the domain local group LG_Documents (or not....). If you use this way of giving rights, you don't have to worry about students or external contacts.... You make the rules, you give the rights.....
Isn't it great to be a sysadmin ;0)
Give a domain local group you created rights to a folder e.g. Documents --> LG_Documents
Then create Global Groups and add users with same responsibilities e.g. Students (gasp!??? ;)) and put then in the domain local group LG_Documents (or not....). If you use this way of giving rights, you don't have to worry about students or external contacts.... You make the rules, you give the rights.....
Isn't it great to be a sysadmin ;0)
If you still confused and dont know what to do, here is what i would do:
Create a normal domain user with mailbox enabled
Double click this user to get the properties page
Go to Account - Click on Logon Hours - Click All and check the box with Logon Denied.
This tells the System that this user wont be able to login to all computers at all times and this applys only to the domain account.
And now you can use the E-mail through OWA from any computer
I hope this helps and good luck.
Create a normal domain user with mailbox enabled
Double click this user to get the properties page
Go to Account - Click on Logon Hours - Click All and check the box with Logon Denied.
This tells the System that this user wont be able to login to all computers at all times and this applys only to the domain account.
And now you can use the E-mail through OWA from any computer
I hope this helps and good luck.
user(after the domain user is created).U can disable the user and let mailbox
stand to recieve emails but the user will not be able to log in to ur domain.