Creating and Managing Exchange Server 2003 Administrative Groups

Previous page
Table of content
Next page
 < Day Day Up > 

Exchange Server 2003 Administrative Groups are created to group and maintain Exchange objects for reasons of permissions management and administrative distribution. For example, if an organization is based in three locations worldwide with three groups of Exchange administrators in each location, three separate Administrative Groups can be created and managed by each location to maintain servers and policies in the separate Administrative Groups.

Exchange Server 2003 Administrative Groups are used to manage and maintain Routing Group containers, chat networks, public folder containers, and system policies. Each of these containers can house multiple objects and each can be managed individually.

Also, administrative Group functionality differs depending on the functional level of the Exchange Server 2003 organization, as well as the type of Administrative Group that is created.

Administrative Groups

By default, Administrative Groups are disabled in the Exchange Server 2003 System Manager. This is by design, to allow ease of viewing and management in the Exchange System Manager for smaller organizations. To enable Administrative Group functionality, select the properties page for the Exchange Server 2003 organization and select Display Administrative Groups.


Mixed Mode

When a new Exchange Server 2003 organization is installed, the Exchange organization is in Mixed Mode, by default. Mixed Mode facilitates interoperability between Exchange Server 2003 and Exchange 5.X servers. This also means that certain Administrative Group functionality is not available in a Mixed Mode environment.

When Exchange Server 2003 is in a Mixed Mode environment, the following is true:

  • Exchange mailboxes cannot be moved between Administrative Groups.

  • Routing Groups consist of only the server installed in the Administrative Group.

  • Exchange 5.5 sites are mapped to Administrative Groups.

Native Mode

After an Exchange organization function level is raised to Native Mode, Exchange Administrative Group functionality is enhanced and limitations of a Mixed Mode environment are no longer a consideration. Administrative Group functionality in Native Mode includes the following:

  • Exchange Mailboxes can be moved between Administrative Groups.

  • Servers can be moved between Routing Groups.

  • Routing Groups can contain servers from multiple Administrative Groups.

  • Simple Mail Transport Protocol is enabled as the default routing protocol.

Administrative Groups Models

As we begin to grasp Administrative Groups and the purpose in both Native and Mixed Mode environments, the main design consideration is what model best fits your organizational needs.

In this section, we review two very simple concepts of Exchange Server 2003 Administrative Group management. The first is a centralized management model, and the second is a decentralized one. Because Exchange Administrative Groups are basically collections of objects grouped together for purposes of management, the structure and administrative topology of your organization could dictate the best administrative model for your organization.

Centralized

A centralized administrative model best fits an organization with fewer locations and a smaller centralized administrative staff. Because there is no need to distribute administrative permission, a centralized model is ideal for smaller organizations.

This model can also be effective in larger organizations. When a larger organization requires individual Exchange functionality to be managed by different groups or user accounts, a centralized model can still be implemented.

For example, CompanyABC is a larger organization with multiple Exchange servers and locations. However, the administrative model requires permissions to be configured for one group to manage the Routing Groups within the Administrative Group and another group of administrators to manage recipient policies.

Decentralized

A decentralized administrative model is very effective when larger organizations have multiple offices and require administration based on each location.

For example, CompanyABC has 40 Exchange servers with administrative staff in 10 separate locations. In this scenario, 10 Administrative Groups can be configured, and Exchange servers and recipient policies can be assigned to the appropriate Administrative Group for management.

Creating Administrative Groups in Exchange Server 2003

To create an Administrative Group in Exchange Server 2003, administrators must first enable the option to view Administrative Groups in the Exchange Systems Manager.

To enable viewing Administrative Groups, open the properties page of the Exchange organization and complete the following steps:

  1. If the Administrative Groups are not visible in the Exchange System Manager, select the organization from the top of the Exchange tree. Select Action and Properties from the Exchange System Manager menu.

  2. Check the Display Administrative Groups check box and click OK. This adds the Administrative Groups to the Exchange Systems Manager.

To add additional Administrative Groups in Exchange Server 2003, select the Administrative Groups container in the Exchange Systems Manager. Begin by following these steps:

  1. From the Action menu, select New, Administrative Group.

  2. On the Properties page, enter the name of the Administrative Group to be added. Click OK to continue.

  3. After the Administrative Group is created, administrators can add system policy containers, Routing Group containers, and public folder containers.

Delegating Control over Administrative Groups

To manage and assign permission to Exchange Server 2003 Administrative Groups, administrators can leverage the Exchange Delegation Wizard.

Using the Delegation Wizard at the Administrative Group level assigns one of three roles to the account or group being assigned permissions over the Administrative Group. These three levels of permission are as follows :

  • Exchange View Only Administrator Allows administrators permissions to view objects of the Administrative Group but not change any properties of the Exchange object.

  • Exchange Full Administrator This role allows assign permissions to fully administer Exchange system objects and permissions.

  • Exchange Administrator The administrator role can fully administer Exchange system information only.

To assign roles and permissions over an Administrative Group using the Delegation Wizard, perform the following steps:

  1. Select the Administrative Group where the delegation of roles will be assigned using the Delegation Wizard.

  2. From the Action menu, select the Delegate Control options. On the Welcome to the Exchange Administration Delegation Wizard screen, select Next.

  3. Click the Add button and select the Active Directory account or group being delegated control over the Administrative Group.

  4. When the account or group has been selected, select the Exchange role to be assigned. Select OK to continue.

  5. Select Next and Finish to finish delegating control over the Administrative Group.

 < Day Day Up > 

Previous page
Table of content
Next page
Microsoft Exchange Server 2003 Unleashed
Microsoft Exchange Server 2003 Unleashed (2nd Edition)
ISBN: 0672328070
EAN: 2147483647
Year: 2003
Pages: 393
Authors: Rand Morimoto
BUY ON AMAZON
SQL Tips & Techniques (Miscellaneous)
Professional Java Native Interfaces with SWT/JFace (Programmer to Programmer)
101 Microsoft Visual Basic .NET Applications
Sap Bw: a Step By Step Guide for Bw 2.0
Oracle SQL*Plus: The Definitive Guide (Definitive Guides)
DNS & BIND Cookbook
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy