• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 181
  • Last Modified:

Exchange 2K3 Public Default Folder Access

I have an Exchange 2K3 Server (running on a Windows 2000 Server).  By default everyone has access to Public Folder.  In AD I have a Security Group which I would like to completely restrict from access to Public Folders.  Currenly ther are approximately 5 top level Public Folders.  I do not want to take the approach of restricting access to the 5 top level folders - because if someone creates a 6th then the users who are restricted from the first 5 will have access to the 6th.

So, I really want to deny Public Folder access entirely to this particular Group.

Another approach would be to remove Public Folder access from the Anonymous and Everyone Groups.  Then give access to groups I specify.  But, I'm worried that method might break something (e.g. free/busy...).

In Exchange System Manager I can do not se a way of specifying top level access to Public Folders.  well, that is not exactly true.  Within my Storage group I got properties on Public Folders>Security tab placed a Deny entry for the Group I wanted to deny.  But this had no effect.

You help is greatly appreciated.

Thank You.
0
Whitney_McBee
Asked:
Whitney_McBee
  • 3
  • 2
1 Solution
 
SembeeCommented:
Don't take away rights to anonymous. This will break any mail enabled folders that you may have.
 
The quickest way to restrict access is to change the default rights to none, and then specify who can have access. This would need to be done on the top level folders. If you only have 5 top level folders then you don't really have too much to worry about - simply mandate that any top level folder creation must come through you. You can then set the permissions as required.

You cannot set top level rights to restrict these users as it will break other things - which includes the free busy information as you have correctly said. Public folders are made up of two parts - the folders that can be seen and the folders that cannot - the system folders. All users must be able to see at least the very top folder "Public Folders". Whether they can see anything else below is down to the permissions on the folders themselves.

Simon.
0
 
Whitney_McBeeAuthor Commented:
Thanks for the quick response Sembee.  You wrote, "The quickest way to restrict access is to change the default rights to none."  Can this be done through the Exchnage System Manager or does it have to be done via Outlook?
0
 
SembeeCommented:
You can do it via either.
Personally I do it with Outlook.

Just to clarify further, when you look at the permissions through Outlook you will see a setting "Default". This should be left in place, with the permissions changed to "None".

Simon.
0
 
Whitney_McBeeAuthor Commented:
Seebee,

0
 
Whitney_McBeeAuthor Commented:
<Above> Opps

Seebee,

Thanks for the help.  Sorry for the delay in my response.  I have been getting pulled of on to other projects (not enough time in the day - I'm sure you know how it is).  I am going to accept you answer, because I can see that I SHOULD be able to restrict access as you specified.  I have been trying to do just that on the Exchange server in question, but this server having problems that won't allow you to expand the Public folders in System Manager or get to the permissions from with in Outlook.  Thus the reason I could not follow through on your suggestion.

Thanks for your help.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now