Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Preventing the creation of public folders
- Thread starter jimw32
- Start date
SpandexBobcat
Technical User
Hi Jim,
Have you tried going to Exchange system manager, drill down to admin groups/first admin group/folders/public folders right click on this, select security and deny folder creation....
"A picture is not worth a 1000 words on the Internet. The information is in the text."
Have you tried going to Exchange system manager, drill down to admin groups/first admin group/folders/public folders right click on this, select security and deny folder creation....
"A picture is not worth a 1000 words on the Internet. The information is in the text."
SpandexBobcat
Technical User
sorry, right click on public folders and select properties/security, select your user group and then deny folder creation...
"A picture is not worth a 1000 words on the Internet. The information is in the text."
"A picture is not worth a 1000 words on the Internet. The information is in the text."
- Thread starter
- #4
SpandexBobcat
Technical User
Is that after your users have closed and re-opened outlook? Any changes you make do not take place until after that has been done.
If you create individual user groups and add specific users, you should be able to assign different security settings to each group, thus giving you the control you desire...
"A picture is not worth a 1000 words on the Internet. The information is in the text."
If you create individual user groups and add specific users, you should be able to assign different security settings to each group, thus giving you the control you desire...
"A picture is not worth a 1000 words on the Internet. The information is in the text."
jimw32, there is one issue in the Exchange 2000 public folders. By default, you can't prevent anyone from creating the Top Level Public Folders.
By design, the Exchange 2000 has the Allow permission for Everyone set to the "Creat Top Level Public Folders" at the organization Level.
But you can change that!
Here is the explanation for how to do it:
Before you can change the permission, you must change your Exchange System Manager Console, so that you can view the security TAB from your console at the Top Level of your Exchange Organization.
To show the security TAB, you will need to change the Registry in your Exchange Server or any computer from where you will use the Exchange System Manager Console.
Do the following:
1 - Start Registry Editor: On the Start menu, click Run, type regedit, and then click OK.
2 - Locate the following key in the registry:
KEY_CURRENT_USER\Software\Microsoft\Exchange\ExAdmin
3 - To add the ShowSecurityPage DWORD value, click Edit, click New, and then click DWORD Value.
4 - For the new value name, type: ShowSecurityPage
5 - Double-click ShowSecurityPage, and then type 1 in Value data. Go to the next procedure.
The next step, is just removing the Create Top-Level Public Folder Permission from your Exchange Organization.
Do the following:
1 - Start System Manager: On the Start menu, point to Programs, point to Microsoft Exchange, and then click System Manager.
2 - Right-click the organization, and then click Properties.
3 - Click the Security tab.
4 - Under Name, click Everyone.
5 - Under Permissions, scroll to Create top level public folder.
6 - In the Allow column, click to clear the check box.
Note: Everytime you remove or add another exchange server in your organization, this permission is RESET and you need to repeat these steps to prevent the Creat Top Level Public Folders. By the way, there is no other way to do it.
Sorry, this is by design...
Luís Rato
MCP;MCSA;MCSA Messaging;MCSE;CIWA;CIWP;CIWSA;MCIWA
By design, the Exchange 2000 has the Allow permission for Everyone set to the "Creat Top Level Public Folders" at the organization Level.
But you can change that!
Here is the explanation for how to do it:
Before you can change the permission, you must change your Exchange System Manager Console, so that you can view the security TAB from your console at the Top Level of your Exchange Organization.
To show the security TAB, you will need to change the Registry in your Exchange Server or any computer from where you will use the Exchange System Manager Console.
Do the following:
1 - Start Registry Editor: On the Start menu, click Run, type regedit, and then click OK.
2 - Locate the following key in the registry:
KEY_CURRENT_USER\Software\Microsoft\Exchange\ExAdmin
3 - To add the ShowSecurityPage DWORD value, click Edit, click New, and then click DWORD Value.
4 - For the new value name, type: ShowSecurityPage
5 - Double-click ShowSecurityPage, and then type 1 in Value data. Go to the next procedure.
The next step, is just removing the Create Top-Level Public Folder Permission from your Exchange Organization.
Do the following:
1 - Start System Manager: On the Start menu, point to Programs, point to Microsoft Exchange, and then click System Manager.
2 - Right-click the organization, and then click Properties.
3 - Click the Security tab.
4 - Under Name, click Everyone.
5 - Under Permissions, scroll to Create top level public folder.
6 - In the Allow column, click to clear the check box.
Note: Everytime you remove or add another exchange server in your organization, this permission is RESET and you need to repeat these steps to prevent the Creat Top Level Public Folders. By the way, there is no other way to do it.
Sorry, this is by design...
Luís Rato
MCP;MCSA;MCSA Messaging;MCSE;CIWA;CIWP;CIWSA;MCIWA
As an update to these postings, I run Exch2k enterprise, sp3 on Wk2, sp4. I tried the steps in Luis' post, but that did not work for me. I had to go one step further and actually deny the Everyone group from Creating top level public folders & Creating public folders (we do not allow them at all). Just unchecking the Apply boxes did not do it.
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question