Re: public folder permissions: 5.5 vs. 2003

In Exchange 2000/2003, you cannot assign PF permissions to Distribution
Groups because these are not Security Principals.

- If you want, you can convert the Distribution Groups to Security Groups
and assign permissions to those.
- Or you can create separate Security Groups and make users members, then
assign permissions to the new security groups.
- One reason it's good to have native mode AD domain - during migration DLs
can be converted to Universal Security Groups, which can't be done in mixed
mode.
--
Bharat Suneja
MCSE, MCT
--------------------------------

"grlgeek" <no@xxxxxxxxx> wrote in message
news:dLGdnYwXOuEuK63eRVn-iw@xxxxxxxxxxxxxx
> In Exchange 5.5 you can grant client access permissions to a public folder
> by distribution lists.
>
> Example:
> In Exchange 5.5: Secretaries is a position that has a high turnover rate.
> A distribution list called "secretaries" is created and the employees are
> added and removed to the DL as they come and go in their employment. A
> public folder is created to store the forms and templates the secretaries
> use, and the client access permissions on that folder is set to the
> distribution list "Secretaries" as reviewers so they can have access to
> the
> folder and its contents. This format is more administratively friendly,
> as
> the exchange admin only has to add the user account to the secretaries DL
> and the permissions take effect.
>
> In Exchange 2003: We migrate the public folders from 5.5 to 2003. But
> because this is a 10 site organization and only 2 of the sites have
> migrated. Under 2003 it seems that the client access permissions that
> are
> set based on DL no longer apply and we have to set it on the individual.
>
> This means when a new secretary is added the account gets created, user is
> added to the Secretaries DL list for the email group, and then added to
> every Public Folder they need access to. (and whatever security groups
> for
> AD they get as well, which usually there is a corresponding security
> group.)
>
> There has to be an easier way! But we have to work in the mixed mode
> environment for quite a while as there are still 8 other sites in the
> organization/domain that still need to migrate.
>
> Any advice would be appreciated.
>
>


.

Relevant Pages

  • Best practices for groups?!
    ... Some distribution groups have been turned into security groups by using them ... for permissions as public folders ... We have used the DL for file permissions, with GG as member, and then ...
    (microsoft.public.windows.server.active_directory)
  • RE: What server hardening are you doing these days?
    ... permissions on their data, and Microsoft encourages ISVs to minimize ... I've been able to discuss ACLs and other security issues in Windows with ... Control or DAC (which is what you're referring to by the "stupid ...
    (Focus-Microsoft)
  • Re: get rid of security center?
    ... I have come up with a solution that does not disable Security Center, ... By changing the Permissions of that key, ... settings from being changed again. ... the firewall alert settings in Security Center get ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: Password Protect IExplore
    ... You can protect the files and folders you store on your computer to make ... To set, view, change, or remove special permissions for files and folders ... clear the Inherit from parent the permission entries that apply ... To configure security so that the subfolders and files will not ...
    (microsoft.public.internet.explorer.ieak)
  • Re: Removing the Internet Security in SP2
    ... I have come up with a solution that does not disable Security Center, ... By changing the Permissions of that key, ... settings from being changed again. ... the firewall alert settings in Security Center get ...
    (microsoft.public.windowsxp.security_admin)
Loading