Managing Exchange Recipients

Previous page
Table of content
Next page
 < Day Day Up > 

Now that you have an introduction to the different types of Exchange recipient objects, you are ready to move into the hands-on task of creating, managing, and modifying these objects within your Exchange organization. The primary tools you will use to perform your tasks include

  • The Active Directory Users and Computers console

  • The Exchange System Manager console

  • The Exchange Task Wizard (available within the Active Directory Users and Computers console after Exchange has been installed)

Of course, there are many other tools and utilities available that you may use, but for now, the bulk of your work will be done with these three tools. Before we move on into the actual process of managing these Exchange recipient objects, let's take some time to review the many uses of the Exchange Task Wizard.

Using the Exchange Task Wizard

The Exchange Task Wizard is added into the Active Directory Users and Computers console when Exchange is installed and is used to configure and manage all Exchange recipients users, contacts, and groups. You can use the Exchange Task Wizard on a single object or on multiple objects simultaneously.

Table 4.1 summarizes the basic functions provided by the Exchange Task Wizard.

Table 4.1. Uses of the Exchange Task Wizard

Task

Users

Contacts

Groups

Creating or deleting mailboxes

Yes

N/A

N/A

Establishing or removing an email address

Yes

Yes

Yes

Moving mailboxes

Yes

N/A

N/A

Hiding or unhiding group membership

N/A

N/A

Yes

Removing Exchange attributes from an object

Yes

Yes

Yes

Configuring Exchange features on an object

Yes

N/A

N/A


The Exchange Task Wizard is accessed by selecting the object or objects that are to be modified in Active Directory Users and Computers, right-clicking on the selection(s), and selecting Exchange Tasks from the context menu, as shown in Figure 4.1.

Figure 4.1. Launching the Exchange Task Wizard from within Active Directory Users and Computers.

graphics/04fig01.jpg


Managing Users

As an Exchange Server 2003 administrator, you should have a good understanding of how to create, manage, and modify user objects. In this section, we examine some of the common Exchange Server 2003 user management tasks. These tasks include

  • Creating new users

  • Mailbox-enabling existing users

  • Mail-enabling existing users

  • Deleting mailboxes

  • Moving mailboxes

  • Creating and modifying email addresses and aliases

  • Hiding mailboxes

  • Reconnecting mailboxes to user accounts

  • Configuring mailbox storage limits

  • Configuring Send on Behalf and Send As permissions

  • Configuring a forwarding address

  • Configuring mailbox permissions

We examine each of these tasks in the following sections.

Creating New Users

In many organizations, the Exchange administrator is not responsible for the creation and routing management of new user accounts; a domain administrator is responsible for user account tasks. In other organizations, the Exchange administrator may be the same person as the domain administrator. In any case, you should understand how to create new user accounts and configure them properly.

graphics/caution_icon.gif

When creating new user accounts, be certain that you are in compliance with your organization's naming conventions. As an example, your organization may require that all usernames be in the format of last name, first initial, middle initial. In this case, my username would be schmiedwc.


To create a new user account, perform the following steps.

  1. Open the Active Directory Users and Computers console.

  2. Locate the organizational unit (OU; or other location) in which you want to create the new user account.

  3. Right-click and select New, User from the context menu, as shown in Figure 4.2.

    Figure 4.2. Launching the user creation process from a context menu

    graphics/04fig02.jpg


  4. The New Object - User dialog box opens, as shown in Figure 4.3. Enter the required information and click Next to continue.

    Figure 4.3. The New Object - User dialog box opens, allowing you to create the new user.

    graphics/04fig03.jpg


  5. Configure a password for the new user account, and select the password options that are appropriate for your network. Click Next to continue.

  6. You now have the option to create a mailbox for the new user account, as shown in Figure 4.4. You can select from all available Exchange servers and mailbox stores. If desired, you can opt to not mailbox-enable this user as well. Click Next to continue.

    Figure 4.4. Selecting the alias, server, and mailbox store to be used for the new user account.

    graphics/04fig04.jpg


  7. After reviewing the summary, click Finish to complete the new user creation process.
Mailbox-enabling Existing Users

When Exchange is installed in an existing Windows Active Directory network, users are not automatically mailbox-enabled with the exception of the default built-in Administrator account. One of the first tasks you will likely want to perform after installing Exchange is to mailbox-enable some or all of your users.

To mailbox-enable an existing user account, perform the following steps.

  1. Open the Active Directory Users and Computers console.

  2. Locate the user account you want to mailbox-enable and right-click on it. Select Exchange Tasks from the context menu.

  3. Click Next to dismiss the opening page of the Exchange Task Wizard.

  4. In the Available Tasks dialog box, select Create Mailbox, and click Next to continue.

  5. Enter the email alias, which is the username by default. Select the server and mailbox store to be used, and click Next to continue. Note that you should ensure that if the email alias is to be different than the username, you should make sure it is created in accordance with any naming conventions in place within your organization.

  6. Click Finish to complete the process of creating a mailbox and mailbox-enabling the user.
Mail-enabling Existing Users

As mentioned previously in the discussion on mail-enabled users, you might have the need to mail-enable a user. This allows the user to be located in the Exchange address lists, but does not provide the user with an Exchange mailbox. All mail is sent and received using an external email account, such as one provided by an Internet service provider (ISP).

To mail-enable an existing user account, perform the following steps:

  1. Open the Active Directory Users and Computers console.

  2. Locate the user account you want to mail-enable and right-click on it. Select Exchange Tasks from the context menu.

  3. Click Next to dismiss the opening page of the Exchange Task Wizard.

  4. On the Available Tasks dialog box, select Establish E-mail Address, and click Next to continue.

  5. Enter the alias to be used, and then click the Modify button to open the New E-mail Address dialog box.

  6. The New E-mail Address dialog box gives you the option to select from several different email types, such as SMTP, ccMail, or Lotus Notes, just to name a few. Select the desired email type, and click OK.

  7. Enter the required email properties for the type you have selected, and click OK.

  8. When you are finished, the Establish E-mail Address dialog box should look similar to the example shown in Figure 4.5.

    Figure 4.5. You can mail-enable users using a variety of different email systems.

    graphics/04fig05.jpg


  9. Click Next and then click Finish to complete the mail-enabling process.
Deleting Mailboxes

Although not as common a task as some of the others we are examining, there will be times when you need to delete a user's mailbox. Deleting a user's mailbox has no other effect on the user account the user will simply no longer be able to directly participate in the Exchange organization.

To delete a mailbox, perform the following steps:

  1. Open the Active Directory Users and Computers console.

  2. Locate the user account for which you want to delete the mailbox and right-click on it. Select Exchange Tasks from the context menu.

  3. Click Next to dismiss the opening page of the Exchange Task Wizard.

  4. On the Available Tasks dialog box, select Delete Mailbox, and click Next to continue.

  5. You are warned of the fact that deleting the mailbox deletes all messages stored in that mailbox. Click Next to continue.

  6. Click Finish to complete the mailbox deletion process.
Moving Mailboxes

One of the more common Exchange tasks that you may find yourself performing as your organization grows is moving mailboxes from one server and/or mailbox store to another. This is typically done to balance loading on servers to implement a uniform mailbox system, such as placing all mailboxes for the Engineering department in one store and all mailboxes for the Accounting department in another store.

To move a mailbox, perform the following steps:

  1. Open the Active Directory Users and Computers console.

  2. Locate the user account for which you want to move the mailbox and right-click on it. Select Exchange Tasks from the context menu.

  3. Click Next to dismiss the opening page of the Exchange Task Wizard.

  4. On the Available Tasks dialog box, select Move Mailbox, and click Next to continue.

  5. Select the new server and/or mailbox store to which you want to move the mailbox, as shown in Figure 4.6, and click Next to continue.

    Figure 4.6. Selecting a new server and/or mailbox store from all available servers and mailbox stores.

    graphics/04fig06.jpg


  6. Select how you want to handle corrupt messages that are found while attempting to move the mailbox, and click Next to continue.

  7. Select when you want this task to run (as it could potentially be server resource intensive), and click Next to continue.

  8. If you selected to move the mailbox immediately, the task is carried out.

  9. Click Finish to complete the mailbox move process.

graphics/caution_icon.gif

Failure of the source Exchange server to connect to the destination Exchange server will cause a mailbox move procedure to fail.


Creating and Modifying Email Addresses and Aliases

You will find yourself needing, from time to time, to modify existing aliases and email addresses. A prime example of this might be if one of your users changes her marital status and requests to have her alias and email address changed appropriately.

Recipient objects can have multiple email addresses. The primary email address is always the one that appears in the From box of all messages that the user creates for the corresponding connector or protocol. As an example, suppose user Eric Smith has two SMTP email addresses, eric@mcseworld.com and ericsmith@mcseworld.com if the eric@mcseworld.com were his primary SMTP email address, it would appear in the From box on all outgoing SMTP messages he sent.

The secondary email address will still get messages to the user, however, just the same as sending email to the primary address. Suppose that user Barbara Smith has recently married. Because many of her clients still know her as Barbara Jones, she might have a need for two SMTP email addresses barbarasmith@mcseworld.com and barbarajones@mcseworld.com. By keeping her previous name as a secondary email address, she can continue to receive email messages from clients who do not know she has recently married and changed her name.

To modify an alias and/or email address for a user, perform the following steps:

  1. Open the Active Directory Users and Computers console.

  2. Locate the user account you want to modify and right-click on it. Select Properties from the context menu.

  3. The user Properties dialog box opens. Switch to the Exchange General tab, as shown in Figure 4.7.

    Figure 4.7. Barbara Jones, now Barbara Smith, needs a new alias and SMTP email address.

    graphics/04fig07.jpg


  4. Change the email alias and create an additional email account for the user. Alternatively, you can opt to just modify the existing email account if desired, but this is not always the best course of action.

  5. Click the Apply button and then switch to the Account tab.

  6. Make changes to the logon names as required to match the new alias if desired.

  7. Click the Apply button.

graphics/tip_icon.gif

Remember that the alias, the part of the email address before the "@" symbol, does not have to match the user logon name. In many cases, it is a security enhancement to have the email alias be different from the user logon name. By doing so, you can take away one more piece of information from intruders seeking to gain access to your system.

On the other hand, however, the advantage to having the username and email alias the same is that your users have one less item of information to remember when creating POP3 or IMAP4 connections to your Exchange organization.


Hiding Mailboxes

By default, when a mailbox is created, it is listed in the Exchange address lists. In certain situations, this may be an undesirable side effect for you. Suppose that you have created an email address for your customers to send feedback to the company or to apply for job openings. By hiding this mailbox, you can prevent internal company users from accidentally sending mail to it, or sometimes more importantly, from being aware of its existence.

Hiding a mailbox does not in any way disable it or affect its ability to receive email using any of the email addresses that have been configured for it; it simply prevents it from showing up in the Exchange address lists. In addition, if an internal Exchange user types in the alias for this mailbox in the To box of a message he is composing, the address will not be resolved as with mailboxes that are not hidden.

To hide a mailbox, perform the following steps:

  1. Open the Active Directory Users and Computers console.

  2. Locate the user account for which you want to hide the mailbox and right-click on it. Select Properties from the context menu.

  3. The user Properties dialog box opens. Switch to the Exchange Advanced tab.

  4. Select the Hide from Exchange Address Lists option and click Apply.

graphics/tip_icon.gif

If you cannot locate a user in the Exchange address lists who you know has an Exchange mailbox, check to ensure that their mailbox is not configured to be hidden. Hidden mailboxes also make configuring Outlook to connect to an Exchange server more difficult, so it's best to hide the mailbox after any Outlook configuration has been performed.


Reconnecting Mailboxes to User Accounts

As mentioned previously, you can delete a mailbox, if so desired. In the event you change your mind, Exchange and Windows give you a second chance within a configurable amount of time, of course. By default, deleted mailboxes are not permanently purged for 30 days. The value for this retention period can be changed if desired by directly configuring the mailbox store properties or by using a mailbox store policy.

Assuming you are still within the retention policy that has been configured for your Exchange organization, you can reconnect an Exchange mailbox with any existing Active Directory user account by performing the following steps:

  1. Open the Exchange System Manager, and locate the mailbox store that contains the mailbox you want to reconnect.

  2. If you do not see the mailbox you want to reconnect, and you are still within the configured retention period, right-click on the mailbox store and select Run Cleanup Agent. It may take several minutes for the mailbox to appear in the mailbox store. Disconnected mailboxes appear with a red X, as shown in Figure 4.8.

    Figure 4.8. You can reconnect the mailbox to any existing Active Directory user account.

    graphics/04fig08.jpg


  3. Right-click on the disconnected mailbox, and select Reconnect from the context menu. Note that you cannot connect the mailbox to a user account that currently has another mailbox attached to it.

  4. Select the user account to which you want to reconnect the mailbox using the Select New User for Mailbox dialog box, and click OK.

  5. Click OK when the mailbox has been reconnected.

graphics/alert_icon.gif

You can only reconnect a mailbox that actually has mail in it. If the mailbox has never been used, it will not show up in the mailbox store list.


Configuring Mailbox Storage Limits

In most cases, you will want to configure uniform mailbox storage limits that are to be applied to all users with mailboxes located in that mailbox store. The primary reason for configuring blanket mailbox storage limits is to prevent disk space from being rapidly consumed by mailbox users. Mailbox storage limits can be applied in three different ways:

  • Directly on individual mailboxes

  • Directly on specific mailbox stores

  • Indirectly by using a mailbox store policy

It is recommended practice to create mailbox store policies and apply them to one or more mailbox stores as applicable. Mailbox store policies override any mailbox storage limits that have been directly configured on the mailbox stores, preventing you from manually configuring limits on mailbox stores for which a mailbox store policy is in place. You can, however, still manually configure mailbox store limits directly on an individual mailbox, if desired.

Suppose that you have configured a mailbox store policy and have applied it uniformly across all of your mailbox stores. After some period of time, it becomes apparent that several of your users have a legitimate need for a larger mailbox or have a need to send larger email messages than other users do. In this case, you need to directly configure mailbox storage properties for these users. We discuss mailbox store policies in Chapter 5, "Managing Address Lists and Exchange Policies."

Table 4.2 outlines the various mailbox storage options you have available for configuration.

Table 4.2. Mailbox Storage Limit Options

Option

Description

Issue warning at (KB)

Specifies how large the mailbox is allowed to be before a warning is issued to the user

Prohibit send at (KB)

Specifies the maximum size a mailbox is allowed to be before it can no longer be used to send messages

Prohibit send and receive at (KB)

Specifies the maximum size a mailbox is allowed to be before it can no longer be used to send or receive messages

Keep deleted items for (days)

Specifies the number of days that deleted items are to be retained before they are permanently deleted

Do not permanently delete items until the store has

Specifies that deleted items are not to be permanently deleted until the mailbox store containing this mailbox has been backed up been backed up


To directly configure mailbox storage limits on a mailbox, perform the following steps:

  1. Open the Active Directory Users and Computers console.

  2. Locate the user account for which you want to configure mailbox storage limits and right-click on it. Select Properties from the context menu.

  3. The user Properties dialog box opens. Switch to the Exchange General tab.

  4. Click the Storage Limits button to open the Storage Limits dialog box, as shown in Figure 4.9.

    Figure 4.9. You can configure mailbox storage limits for a mailbox, thus overriding any other limits configured for it.

    graphics/04fig09.jpg


  5. Deselect the Use Mailbox Store Defaults options for the areas in which you want to configure custom mailbox store limits.

  6. Click OK to close the Storage Limits dialog box.

  7. Click Apply on the Exchange General tab of the user Properties dialog box.
Configuring Send on Behalf and Send As Permissions

If a user will be out of the office for a period of time, such as at a conference or on vacation, you may need to allow another user to send mail on their behalf. By configuring the Send on Behalf permission, messages will have the following format in the From box: DelegatedUser on behalf of MailboxOwner. By configuring the Send As permission, messages will appear to have come from the mailbox owner, even though another delegated user has actually sent the email message.

To configure the Send on Behalf permission for a mailbox, perform the following steps:

  1. Open the Active Directory Users and Computers console.

  2. Locate the user account for which you want to configure these permissions and right-click on it. Select Properties from the context menu.

  3. The user Properties dialog box opens. Switch to the Exchange General tab.

  4. Click the Delivery Options button to open the Delivery Options dialog box, as shown in Figure 4.10.

    Figure 4.10. You can select multiple users to have the Send on Behalf permission.

    graphics/04fig10.jpg


  5. Click the Add button to open the Select Recipient dialog box.

  6. Select the user or users who are to be granted this permission, and click OK.

  7. Click OK to close the Delivery Options dialog box.

  8. Click Apply on the Exchange General tab of the user Properties dialog box.

graphics/alert_icon.gif

You can configure the Send on Behalf permission by using the method described here or directly through the Outlook messaging client by clicking Tools, Options and selecting the Delegates tab.


To configure the Send As permission for a mailbox, perform the following steps:

  1. Open the Active Directory Users and Computers console.

  2. To view the Security tab in step 5, you need to first ensure that Active Directory Users and Computers is configured to show Advanced Features by clicking View, Advanced Features.

  3. Locate the user account for which you want to configure these permissions and right-click on it. Select Properties from the context menu.

  4. The user Properties dialog box opens. Switch to the Security tab.

  5. Click the Advanced button to create a custom security entry.

  6. Click Add to open the Select User, Computer, or Group dialog box. Select the user to whom you are granting the Send As permission, and click OK.

  7. On the Permission Entry dialog box, as shown in Figure 4.11, scroll down and select the Send As permission by placing a check in the Allow box.

    Figure 4.11. You need to grant the Allow permission to the user you previously selected in order to grant them the Send As permission.

    graphics/04fig11.jpg


  8. Click OK three times to accept the new Send As permission.

graphics/alert_icon.gif

The Send As permission can only be granted using the Security tab of the user account Properties dialog box.


Configuring a Forwarding Address

Exchange can automatically forward email from one mailbox to another, if desired. Alternatively, Exchange can forward email from a mailbox to an external email address, if desired. Although security cannot be guaranteed when forwarding messages outside of your organization, there may be times when it is desirable to do so, such as when an employee will be on vacation and no one is available to manage his mailbox for him in organizations that do not use Outlook Web Access (OWA).

Mail can be forwarded to another mailbox-enabled user, to a mail-enabled user, or to a mail-enabled contact. If the email address to which you want to forward email does not already exist within Active Directory, you need to create a new contact object or user object for it. The creation and management of contacts is discussed in the "Managing Contacts" section of this chapter.

To configure email forwarding, perform the following steps:

  1. Open the Active Directory Users and Computers console.

  2. Locate the user account for which you want to configure these permissions and right-click on it. Select Properties from the context menu.

  3. The user Properties dialog box opens. Switch to the Exchange General tab.

  4. Click the Delivery Options button to open the Delivery Options dialog box (shown previously in Figure 4.10).

  5. Select the Forward to option and then click the Modify button to select the user or contact to which email is to be forwarded. If desired, click the Deliver Messages to Both Forwarding Address and Mailbox option to keep a copy of all messages in the Exchange mailbox.

  6. Click OK to close the Delivery Options dialog box.

  7. Click Apply on the Exchange General tab of the user Properties dialog box.
Configuring Mailbox Permissions

There might be instances when using the Send on Behalf or Send As permissions might not be the best option, such as when several members of your organization all need full access to a specific mailbox. Consider the situation in which a mailbox has been created to allow external users to apply to job openings within the company. All members of the Human Resources department should have full control, or mailbox owner, permissions on the mailbox.

To configure mailbox permissions, perform the following steps:

  1. Open the Active Directory Users and Computers console.

  2. Locate the user account for which you want to configure these permissions and right-click on it. Select Properties from the context menu.

  3. The user Properties dialog box opens. Switch to the Exchange Advanced tab.

  4. Click the Mailbox Rights button to open the Permissions dialog box, as shown in Figure 4.12.

    Figure 4.12. You can configure multiple users and groups to have full mailbox access.

    graphics/04fig12.jpg


  5. Click the Add button to select the user(s) or group(s) that are to be granted the mailbox owner permission.

  6. Click OK to close the Select Users, Computers, or Groups dialog box.

  7. Configure the Allow Setting for the Full Mailbox Access option, and click OK.

  8. Click Apply on the Exchange Advanced tab of the user Properties dialog box.

Managing Contacts

Contacts, as discussed previously, are typically used to represent users who are external to your network to whom internal users have a need to regularly send email. Contacts, by their very nature, are much simpler to create and manage. In this section, we examine some of the common contact management tasks that are related to administering Exchange. These tasks include

  • Creating new contacts

  • Mail-enabling existing contacts

  • Removing an email address from a contact

We examine each of these tasks in the following sections.

Creating New Contacts

To create a new contact, perform the following steps:

  1. Open the Active Directory Users and Computers console.

  2. Locate the OU (or other location) in which you want to create the new user account.

  3. Right-click and select New, Contact from the context menu, shown previously in Figure 4.2.

  4. The New Object - Contact dialog box appears. Enter the required information, as shown in Figure 4.13, and click Next to continue.

    Figure 4.13. The contact object has very few configurable attributes.

    graphics/04fig13.jpg


  5. Next, you configure the email alias and email account as you did when you created a new user account previously.

  6. Click Next to continue.

  7. Click Finish to complete the creation of the new contact.
Mail-enabling Existing Contacts

For contacts that are preexisting before the Exchange organization has been installed, or were not previously mail-enabled, you can easily mail-enable them using the Exchange Task Wizard.

To mail-enable a contact, perform the following steps:

  1. Open the Active Directory Users and Computers console.

  2. Locate the user account for which you want to move the mailbox and right-click on it. Select Exchange Tasks from the context menu.

  3. Click Next to dismiss the opening page of the Exchange Task Wizard.

  4. On the Available Tasks dialog box, select Establish E-mail Address, and click Next to continue.

  5. Configure the email alias and email address as required. Click Next to continue.

  6. Click Finish to complete the mail-enabling process.
Removing an Email Address from a Contact

If you no longer want a mail-enabled contact to be able to receive mail or be listed in the Exchange address lists, you may remove the email address from it.

To delete the email address of a mail-enabled contact, perform the following steps:

  1. Open the Active Directory Users and Computers console.

  2. Locate the user account for which you want to move the mailbox and right-click on it. Select Exchange Tasks from the context menu.

  3. Click Next to dismiss the opening page of the Exchange Task Wizard.

  4. On the Available Tasks dialog box, select Delete E-mail Addresses, and click Next to continue.

  5. You are warned that continuing will cause all of the contact's email addresses to be removed. Click Next to continue.

  6. Click Finish to complete the email address deletion process.

Managing Groups

The final type of Exchange recipient object is the group. As discussed previously, there are two group types (query-based distribution groups are simply a special way of creating a distribution group) and three group scopes.

You will commonly use distribution groups or query-based universal distribution groups to allow you to quickly send email messages to a large number of Exchange users. In this section, we examine some of the common group management tasks that are related to administering Exchange. These tasks include

  • Creating new groups

  • Mail-enabling existing groups

  • Hiding mail-enabled groups

  • Creating query-based distribution groups

In the context of the Exchange organization, you will typically create security groups only for the purpose of controlling permissions to public folders. Public folders are discussed at length in Chapter 6.

Creating New Groups

Before creating new groups, be sure to refer back to the discussion of group scopes and group types in the "Group Recipient Objects" section of this chapter.

To create a new group, perform the following steps:

  1. Open the Active Directory Users and Computers console.

  2. Locate the OU (or other location) in which you want to create the new group.

  3. Right-click and select New, Group from the context menu, shown previously in Figure 4.2.

  4. The New Object - Group dialog box appears. Enter the group name and select the group scope and group type, as shown in Figure 4.14. Click Next to continue.

    Figure 4.14. Be certain to select the correct group scope and group type.

    graphics/04fig14.jpg


  5. You have the option to create an Exchange email address for the group and to configure the email alias. Click Next after making your configurations.

  6. Click Finish to complete the new group creation process.
Mail-enabling Existing Groups

Groups that existed before the Exchange organization was created are not automatically mail-enabled. You can easily mail-enable these groups using the Exchange Task Wizard. In addition, you can use the Exchange Task Wizard to mail-enable groups that were not mail-enabled during their creation.

To mail-enable a group, perform the following steps:

  1. Open the Active Directory Users and Computers console.

  2. Locate the group that you want to mail-enable and right-click on it. Select Exchange Tasks from the context menu.

  3. Click Next to dismiss the opening page of the Exchange Task Wizard.

  4. On the Available Tasks dialog box, select Establish E-mail Address on Groups, and click Next to continue.

  5. Enter the desired alias for the group and click Next to continue.

  6. Click Finish to complete the group mail-enabling process.
Hiding Mail-enabled Groups

Much the same as hiding Exchange mailboxes, you can also hide groups to prevent them from being displayed in the Exchange address lists. In this way, users cannot look up the group to send it email. However, if a user knows the email address of the group, they can still send email to it. Hiding a group is a simple way to prevent users from seeing a group and to prevent users from accidentally sending email to a group.

To hide a group, perform the following steps:

  1. Open the Active Directory Users and Computers console.

  2. Locate the group for which you want to hide the mailbox and right-click on it. Select Properties from the context menu.

  3. The group Properties dialog box opens. Switch to the Exchange Advanced tab.

  4. Select the Hide from Exchange Address Lists option, and click Apply.
Creating Query-based Distribution Groups

As discussed previously, query-based distribution groups are a new feature of Exchange Server 2003. Recall that query-based distribution groups function properly in pure Exchange Server 2003 implementations or in Exchange Server 2003 and Exchange 2000 Server implementations, in which all Exchange 2000 servers are at Service Pack 3 and Windows Server 2003 global catalog servers are in place. If you are using Windows 2000 Server global catalog servers, you may still use query-based distribution groups; however, you need to manually edit the Registry on your Exchange 2000 Server SP3 servers to ensure reliable performance.

Should you have Exchange 2000 Server Service Pack 3 servers, you need to modify a Registry setting to be able to use query-based distribution groups, as outlined in the following steps:

  1. On the Exchange 2000 Server SP3 server, start the Registry Editor by clicking Start, Run and entering regedit.

  2. In the Registry Editor, locate the following Registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SMTPSVC\Paramaters.

  3. In the right pane of the Registry Editor, right-click and select New, DWORD Value from the context menu.

  4. Enter DynamicDLPageSize for the DWORD name.

  5. Right-click on DynamicDLPageSize, and select Modify from the context menu.

  6. Select Decimal and enter the value 31 in the Value Data area.

  7. Click OK.

  8. Exit the Registry Editor.

The actual process of creating new query-based distribution groups must be done from the Exchange Server 2003 version of the Exchange System Manager. To create a new query-based distribution group, perform the following steps:

  1. Open the Active Directory Users and Computers console.

  2. Locate the OU (or other location) in which you want to create the new query-based distribution group.

  3. Right-click and select New, Query-based Distribution Group from the context menu, shown previously in Figure 4.2.

  4. The New Object Query-based Distribution Group dialog box appears, as shown in Figure 4.15. Enter the name and the alias for the new query-based distribution group, and click Next to continue.

    Figure 4.15. Query-based group creation starts out very simple.

    graphics/04fig15.jpg


  5. In the next dialog box, shown in Figure 4.16, you can select the container against which the query will be run. You can change the default value by clicking the Change button.

    Figure 4.16. You will need to build your LDAP query for the new query-based distribution group.

    graphics/04fig16.jpg


  6. Next, you must create your filter. You can choose from several different preconfigured options or create a custom filter. Be aware that the list of attributes following this procedure is not replicated to global catalog servers and, thus, will not be useful in your filter.

  7. After you have created the filter, click Next. You can view the summary from this dialog box.

  8. Click Finish to complete the creation of the new query-based distribution group.

  9. It is always recommended that you preview the results of the query-based distribution group immediately after creating it. Right-click on the query-based distribution group you just created, and select Properties from the context menu.

  10. Switch to the Preview tab, as shown in Figure 4.17, to verify that the query has produced the results that you intended.

    Figure 4.17. You should always view the results of the LDAP query to ensure it returns what you are expecting.

    graphics/04fig17.jpg

When creating or modifying query-based distribution groups, keep in mind that the following list of attributes are not replicated to the global catalog and, thus, cannot be used as part of a filter:

  • Assistant

  • Comment

  • Direct reports

  • Division

  • E-mail address (other)

  • Employee ID

  • Generational suffix

  • Home address

  • Home drive

  • Home folder

  • ILS settings

  • International ISDN number

  • International ISDN number (others)

  • Logon workstations

  • Member of

  • Middle name

  • Teletex number

  • Teletex number (others)

  • Title

It is always recommended that you create the LDAP query using the Active Directory Users and Computers console to avoid errors. If the LDAP query contains bad formatting or an incorrect LDAP syntax, users sending email to query-based distribution groups receive a nondelivery report (NDR) with error code 5.2.4. If the LDAP query is properly formatted, but returns no results (thus creating an empty distribution group), no NDR is sent to users who send email to the group.

Finally, Microsoft recommends that you consider indexing attributes that you frequently use in queries for query-based distribution groups. By indexing these attributes, you improve the performance of the query and reduce the time required to expand the query-based distribution group, thus resulting in fewer resources used and quicker delivery times for messages.

Using Expansion Servers

Mail that is sent to a mail-enabled group cannot be directly delivered to the members of that group the message must be expanded. Expansion of mail sent to mail-enabled groups occurs by default on the first Exchange server that handles the message; however, this might not be a desirable situation if the server is already taxed or is otherwise low on resources.

You might want to give consideration to designating a specific Exchange server that contains no mailboxes, such as a public folder server or a bridgehead server, to be the expansion server for a routing group. By doing so, you alleviate the loading on the other Exchange servers and your users do not experience a slowdown in mailbox access due to the expansion of a large mail-enabled group.

Of course, there is a rather prominent drawback with configuring a group to use a specific expansion server that expansion server then becomes a single point of failure (SPOF) for sending email messages to that group. If the designated expansion server is unavailable, the message is not expanded and no members of the group receive the message. Conversely, not configuring a specific expansion server ensures that should an Exchange server fail, most of the members of the group should still get the email message sent to the group.

To configure an expansion server for a mail-enabled group, perform the following steps:

  1. Open the Active Directory Users and Computers console.

  2. Locate the group for which you want to configure a specific expansion server and right-click on it. Select Properties from the context menu.

  3. The group Properties dialog box opens. Switch to the Exchange Advanced tab.

  4. In the Expansion server drop-down list, select the Exchange server that you want to configure as the expansion server for the group, as shown in Figure 4.18.

    Figure 4.18. Expansion servers can be very useful if large distribution groups are in use.

    graphics/04fig18.jpg


  5. Click Apply.
     < Day Day Up > 

    Previous page
    Table of content
    Next page
    Implementing and Managing Exchange Server 2003 Exam Cram 2 Exam 70-284
    MCSA/MCSE Implementing and Managing Exchange Server 2003 Exam Cram 2 (Exam Cram 70-284)
    ISBN: 0789730987
    EAN: 2147483647
    Year: 2004
    Pages: 171
    Authors: Orin Thomas, Will Schmied, Ed Tittel
    BUY ON AMAZON
    Introducing Microsoft Office InfoPath 2003 (Bpg-Other)
    Professional Java Native Interfaces with SWT/JFace (Programmer to Programmer)
    Introduction to 80x86 Assembly Language and Computer Architecture
    Data Structures and Algorithms in Java
    Junos Cookbook (Cookbooks (OReilly))
    Extending and Embedding PHP
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy