Set everyone permisson to deny read access on Public Folders, how to change?

You can probably use PFDavAdmin to reset the permissions - http://hellomate.typepad.com/exchange/2003/10/the_pfdavadmin_.html

This utility lets you do several things:

• Modify folder permissions on folders in the MAPI tree using an interface similar to ESM
• Propagate the addition/replacement or removal of one or more ACEs down the public folder tree without overwriting the entire ACL
• Fix non-canonical and otherwise damaged DACLs on folders in bulk
• Report the DACL state of folders in bulk
• Export and Import folder permissions on both public folders and mailboxes
• Export and Import replica lists
• Propagate changes to the replica list down the tree without overwriting
• Check for and remove item-level permissions in bulk
• Check for event registrations
• Exceed limits imposed by the ESM GUI for values on the Limits tab


Download - ftp://ftp.microsoft.com/PSS/Tools/Exchange%20Support%20Tools/PFDavAdmin/

Make sure you read the help information ... it is important you understand how to use the utility properly.

Brian

That looks like just the tool, but it will not run on my XP pro workstation OR the Win2k Exchange Server.  

Installed locally on the Exchange server I get the error:  Could not be initialized.  Failed to bind to Exchange organizational objects Error: object reference not set to an instance object.  Stack trace: at pfdavadin.commonstuff.ctor() at pfdavadmin.Form1.ctor()

And when I try from my XP workstation (I do have full exchange administator privillages as myself) I get:  PFDavAdmin could not be initialized. Exception: security error.  Stack trace: at pfdavadmin.commonstuff..ctor() at pfdavadmin.Form1.ctor()

.netframework 1.1 service pack 1 has been installed on both machines fresh this morning, with the above results.   I added the e2kfdacl.dll to system32 on both machines to make sure that wasn't an issue, either.  No luck.  

Over the weekend the public folder store has updated, and is now gone.  I believe it is still there somewhere, but without that read access....

Any other ideas/tools?  Rebuilding it is going to cost me!  Thanks!

You should be able to run it from XP ... do you have System Manager, IIS installed? Seems like I had a few issues getting it working ... did you unzip the files to the /exchsrvr/bin directory? I wouldn't install this on the Exchange server ... I'm sure there is something going on with the client ...

I don't have system manager or IIS installed on the xp workstation.  Have a seperate IIS server, however.  I unzipped it to a network drive then installed it at the root of C: on both the XP machine, and then on the Exchange Server.  Not sure why it won't work on either one.  I'm going to see if I can run out and get a copy of pfadmin, although I'm not holding out much hope that it will work any better (or run any better I guess).   This tool you recommended would most certainly work for me, I believe, if I can figure out how to get it running.

I would install IIS and System Manager on your XP workstation ... unzip PFDavAdmin to the /bin directory and give it a shot ...

If you need Pfadmin you can download here - ftp://ftp.microsoft.com/PSS/Tools/Exchange%20Support%20Tools/  (fyi, you can download quite a few exchange support tools if you need)

Okay, I'm feeling stupid right about now, but Microsoft's site is giving me the run around about installing the Exchange 2000 System Management Tools on XP.  I have the patch they say I need, but then it says I need to have 2003 Server to install the management tool.  I have exchange 2000 off of BackOffice server 2000, but when I try to run the adminpak.msi off of that, it says that XP is not supported.  How do I install System Manager, please?

Probably should've have installed PFDavAdmin on the server and made the changes from there. Not sure if he was ever able to get it working but hopefully so. The utility would've allowed him to make the required changes.

Brian

I never did get PFDavAdmin installed on either the server or the workstation.  The fix ended up being a Microsoft technician remoting into the server for about 7 hours of experimenting with permissions to get it working again.  BNettles73 was incredibly helpful, and that tool DOES seem to be what one would need to fix most permission problems.  This was my first (and so far only) question, and I apologize for not handling it correctly in giving points to BNettles73.  I'm still not clear on how to give points as this was AN answer, just not THE answer for this particular case.  If anyone has any issues LIKE it, BNettles73 advice would prove invaluable I am sure.  I believe BNettles73 deserves some or all of the points, and should have an A grade.  

I'm not sure what the next step in closing this is.

I couldn't get PFDavAdmin to run - but I've finally done it. It didn't like running from a mapped drive. As soon as I copied the file onto the PC I was using it was fine.