You should actively manage public folders. If you don't, you won't get optimal performance, and users might encounter problems when reading from or posting to the folders. Each folder in a public folder tree has its own settings, and each time a folder is created, you should review and modify the following settings:
Replication, messaging limits, deleted item retention, and quotas
Client permissions
You might also want to designate folder administrators and propagate the changes you've made. This section of the chapter explains these and other public folder administration tasks.
Public folders inherit the replication, messaging limit, quota, and deleted item retention settings of the public folder database. The best way to control these settings for public folders is to set the appropriate options for the entire public folder database rather than for individual public folders, as discussed in the "Using Public Folder Data-bases" section of Chapter 12, "Mailbox and Public Folder Database Administration." That said, Exchange Management Shell includes the Set-PublicFolder cmdlet for configuring these options for individual public folders.
Sample 14-8 provides the syntax and usage for this cmdlet. To override database settings for replication, messaging limit, quota, deleted item retention settings, or any combination thereof, you must first set the related "Use" parameter to $false, as shown in the example, and then set any desired default values, as shown in the second example.
Sample 14-8: Using set-PublicFolder to set limits
Syntax set-PublicFolder -Identity 'PublicFolderIdentity' [-AgeLimit LimitKB] [-LocalReplicaAgeLimit NumberDays] [-MaxItemSize LimitKB] [-PostStorageQuota LimitKB] [-ReplicationSchedule 'Schedule'] [-RetainDeletedItemsFor NumberDays] [-StorageQuota NumberDays] [-UseDatabaseAgeDefaults Switch] [-UseDatabaseQuotaDefaults Switch] [-UseDatabaseReplicationSchedule Switch] [-UseDatabaseRetentionDefaults Switch] Usage set-PublicFolder -Identity '\Projects' -UseDatabaseRetentionDefaults $false set-PublicFolder -Identity '\Projects' -RetainDeletedItemsFor 120
You use client permissions to specify which users can access a particular public folder. By default, all users (except those accessing the folder anonymously over the Web) have permission to access the folder, read items in the folder, create items in the folder, and edit and delete items they've created. Anyone accessing the folder anonymously can create items but has no other permissions for viewing or editing items.
To change permissions for anonymous and authenticated users, you need to set a new permission level for the special users Anonymous and Default, respectively. Initially, anonymous users have the role of Contributor, and authenticated users have the role of Author. These and other client-permission levels are defined as follows:
Owner Grants all permissions in the folder. Users with this role can create, read, modify, and delete all items in the folder. They can create subfolders and change permissions on folders as well.
Publishing Editor Grants permission to create, read, modify, and delete all items in the folder. Users with this role can create subfolders as well.
Editor Grants permission to create, read, modify, and delete all items in the folder.
Publishing Author Grants permission to create and read items in the folder, to modify and delete items the user created, and to create subfolders.
Author Grants permission to create and read items in the folder, as well as to modify and delete items that the user created.
Nonediting Author Grants permission to create and read items in the folder.
Reviewer Grants read-only permission.
Contributor Grants permission to create items but not to view the contents of the folder.
None Grants no permission in the folder.
To set new roles for users or to modify existing client permissions, complete the following steps:
Start Outlook 2007. If the Folder list isn't displayed, click Go, and then select Folder List.
Expand Public Folders in the Folder list, and then expand All Public Folders.
Right-click the folder with which you want to work, and then select Properties.
On the Permissions tab (shown in Figure 14-2), the Name and Permission Level lists display account names and their permissions on the folder. If you want to grant users permissions that are different from the default permission, click Add.
Figure 14-2: Use the Permissions tab to set permissions and assign roles for users. The role controls the actions the user can perform.
In the Add Users dialog box, select the name of a user who needs access to the mailbox. Then click Add to put the name in the Add Users list. Repeat this step as necessary for other users. Click OK when you're finished.
In the Name and Permission Level lists, select one or more users whose permissions you want to modify. Then use the Permission Level list to assign a role or select individual permission items. When you're finished granting permissions, click OK.
In Exchange Management Shell, you can work with permissions using the Get-Public-FolderPermission, Add-PublicFolderPermission, and Remove-PublicFolderPermission cmdlets. Samples 14-9–14-11 provide the syntax and usage for these cmdlets. Values for the –AccessRights parameter can be set to the name of the permission level desired. Specify the exact name, as listed previously, without spaces. If you want to create modified permission levels, you can add or remove individual access rights. Use the names exactly as shown on the Permissions tab, without spaces.
Sample 14-9: Get-PublicFolderPermission syntax and usage
Syntax Get-PublicFolderPermission -Identity 'PublicFolderIdentity' [-Server 'Server'] [-User 'UserIdentity'] Usage Get-PublicFolderPermission -Identity '\Projects' -User 'William Stanek'
Sample 14-10: Add-PublicFolderPermission syntax and usage
Syntax Add-PublicFolderPermission -Identity 'PublicFolderIdentity' -AccessRights 'PermLevelOrAccessRight' -User 'UserIdentity' [-Server 'Server'] Usage Add-PublicFolderPermission -Identity '\Projects' -AccessRights 'PublishingEditor' -User 'William Stanek' Add-PublicFolderPermission -Identity '\Projects' -AccessRights 'CreateItems' -User 'JimWilson'
Sample 14-11: Remove-PublicFolderPermission syntax and usage
Syntax Remove-PublicFolderPermission -Identity 'PublicFolderIdentity' -AccessRights 'PermLevelOrAccessRight' -User 'UserIdentity' [-Server 'Server'] Usage Remove-PublicFolderPermission -Identity '\Projects' -AccessRights 'PublishingEditor' -User 'William Stanek' Remove-PublicFolderPermission -Identity '\Projects' -AccessRights 'CreateItems' -User 'JimWilson'
Any property changes you make to public folders aren't automatically applied to sub-folders or replicated to other Mailbox servers hosting public folder replicas. You must either wait for the maintenance/replication interval to begin or manually propagate setting changes using the Update-PublicFolderHierarchy cmdlet.
Similarly, changes that users make to public folders aren't automatically replicated to other Mailbox servers hosting replicas. You must either wait for replication to begin or manually replicate data changes using the Update-PublicFolder cmdlet.
Samples 14-12 and 14-13 provide the syntax and usage for the Update-PublicFolder-Hierarchy and Update-PublicFolder cmdlets.
Sample 14-12: Update-PublicFolderHierarchy syntax and usage
Syntax Update-PublicFolderHierarchy -Server 'Server' Usage Update-PublicFolderHierarchy -Server 'CorpSvr257'
Sample 14-13: Update-PublicFolder syntax and usage
Syntax Update-PublicFolder -Identity 'PublicFolderIdentity' -Server 'Server' Usage Update-PublicFolder -Identity '\Projects' -Server 'CorpSvr257'
Public folders are stored as objects in Active Directory. You can manipulate public folders using standard techniques, such as cut, copy, and paste. Follow the procedures outlined in this section to manipulate, rename, and recover public folders.
To rename a public folder, follow these steps:
In Outlook, right-click the public folder you want to rename.
Select Rename, type a new name, and then press Enter.
You can copy and move public folders only within the same public folder tree. You can't copy or move a public folder to a different tree.
To create a copy of a public folder, follow these steps:
In Outlook, right-click the public folder with which you want to work, and then select Copy.
Right-click the folder into which you want to copy the folder, and then select Paste.
To move a public folder to a new location in the same tree, follow these steps:
In Outlook, right-click the public folder with which you want to work, and then select Cut.
Right-click the folder into which you want to move the folder, and then select Paste.
When you delete a public folder, you remove its contents, any subfolders it contains, and the contents of its subfolders. Before you delete a folder, however, you should ensure that any existing data that the folder contains is no longer needed and that you make a backup of the folder contents just in case.
You delete public folders and their subfolders by completing the following steps:
In Outlook, right-click the public folder you want to remove, and then select Delete.
You'll be asked to confirm the action. Click Yes.
You can recover deleted folders from public folder databases, provided you've set a deleted item retention period for the public folder database from which the folders were deleted and the retention period hasn't expired. If both of these conditions are met, you can recover deleted folders by completing the following steps:
Log on to the domain using an account with administrative privileges in the domain or using an account with full control over the public folders you need to recover.
After starting Outlook, access the Public Folders node, and then select the All Public Folders node or the node that contained the public folders.
On the Tools menu, select Recover Deleted Items. The Recover Deleted Items From dialog box appears.
Select the folders you want to recover, and then click Recover Selected Items.
Each top-level folder restored by the recovery operation has "(Recovered)" appended to the folder name. After you verify the contents of the folder, you can complete the recovery operation by doing the following:
q Restoring the original folder name Right-click the folder, select Rename, type a new name, and then press Enter.
q Restoring the folder's e-mail addresses Right-click the folder, and then select Properties. In the Properties dialog box, click the E-mail Addresses tab. Edit each e-mail address so that it's restored to its original value.