Interview Question for active directory and exchange
EXCHANGE TIPS
The highest public folder in a hierarchy is called a top-level public folder. By default, all users in an Exchange organization can create top-level public folders. However, you can change this default setting with the Active Directory Service Interfaces (ADSI) editing tool, which is part of the Windows 2000/2003 support tools. Here's how:
<>1. <>Start the ADSI Edit utility (Start -> Programs -> Windows 2000 support tools -> Tools -> ADSI Edit).
<>2. <>Double click the Configuration container.
<>3. <>Expand CN=Configuration, CN=Services, CN=Microsoft Exchange.
<>4. <>Right click your organizational name's container and select Properties.
<>5. <>Select the Security tab.
<>6. <>Click Advanced.
<>7. <>On the Permissions tab, find the entry with the name "Everyone" and a permission of "Create top-level public folder."
<>8. <>Select the Deny checkbox.
<>9. <>Click OK to exit all the dialog boxes.
<>10. <>Close the ADSI Edit utility.
****************************************************************************************
We are running Exchange 2000 and using public folders for forms. I have created about 10 different folders -- each has a form that I created. We post equipment trouble tickets, human resource requests, etc.
We are working on upgrading to Office 2003, but we keep losing the forms on different workers throughout the day. I can correct this by going into Properties, managing the forms and then copying them back in. I have to do this periodically throughout the day. This problem did not start until we started upgrading to Office 2003. Do you have any suggestions?
Without knowing specifics about your environment, I'll make an educated guess. Do you by any chance have more than one replica of the public folders hosting the forms? If so, then have a look at (a) which public folder replica your Outlook clients are hitting (i.e., affected by affinity) and (b) public folder replication.
At first glance, it sounds like some of your Outlook clients are hitting replicas that contain the forms in the folder form library, while other clients are hitting replicas that for some reason don't contain the forms.
If that doesn't apply, have a good look through the application event logs on the Exchange server(s) hosting your problematic public folders and check for any suspicious errors (or warnings), specifically any from the MSExchangeIS Public source.
I have a user who is prompted for a password when attempting to view a replicated public folder, even though the permissions appear to be OK. Do you have any suggestions?
The version of Microsoft Exchange you are running, and the particular client the user is using to access public folders (Outlook 2000/2003, Outlook Web Access, IMAP4, etc.), have an impact on these problems. I'm going to assume you are running Exchange Server 2003 and Outlook 2003.
Public folder permissions are complex. Since you verified that the folder permissions are correct, I think it could be an information store permission problem, rather than a directory or client permissions (a.k.a. folder rights) problem.
Compare the permissions on the two servers where the public folder replicas are homed at the file system level. By default, authenticated users should have permissions to the actual database files. If the permission has been removed or changed, that could create an access problem for your user if he/she is not a member of a security group that has access.
The public folder store is in %systemroot%\program files\exchsrvr\mdbdata\pub1.edb and pub1.stm by default.
Speaking of defaults, also check the default public store setting on the user's mailbox store. This setting is actually what dictates which public folder server the Outlook client will connect to first.
In the event that the replica is not on that server, Outlook will receive a referral list of replicas from that server. Connector costs, blocked referrals and manual referral lists can all affect how a user gets to a replica and could be related to your user's problem.
******************************************************
We have purchased a company and are migrating all of their e-mail to our Exchange 2003 servers. ExMerge works well for this, but does not migrate public folders. How do we migrate public folder content from one Microsoft Exchange organization to another?
Microsoft Product Support Services provides a utility called pubmerge. I found a copy on the Internet here.
This should provide you with a mechanism to export and import your public folders from source to target. The last time I used this utility, it was data and hierarchy only. There is no way to preserve or map the permissions from source to target environment. So, any information that is permissions on the source side will need re-permissioning on the target
I have Exchange public folders working. I had contacts and calendar working on it. The only problem is the reminder on the calendar. How can I put the calendar to notify each user, or selected users, when any task or calendar is expired? Is there a way to set the public folder on the calendar as my default calendar in Outlook?
Change the startup folder under the general settings. Go to Tools -> Options -> Other -> Advanced, and browse for the calendar that you want to display. When you open Outlook, the calendar will open by default and remind users of their tasks. Only the default calendar will send automatic reminders
An Exchange server has gone down. Is it possible to re-make the public files and mail with just the MDBDATA folder with a fresh install? If so, how?
I'm assuming that you are referring to recovering data in Exchange 2000. There are two primary ways to recover mailbox data, and one for public folder data.
Mailbox data can be restored back to the recovery storage group (RSG). It can also be recovered on a hot spare server
To recover the public folder data, you would need to mount the database on a hot spare server that is isolated from production. Once you have the data back online, you can use EXMERGE or PUBMERGE to extract the data into .PST files -- then you can import that back into your production mail environment. You should also consider looking into this webcast I did with David Sengupta on this topic of recovery
Within the standard recovery context, you will lose the public folder data if you try to recover it through the
Until a couple of weeks ago, when a mail message came in for a public folder, it would come in as ipm.note. But now, for some reason, it is converting to ipm.post. How can I stop this?
Great question! While I can't answer what the root cause was behind the change in your environment (possibly a service pack?), I can provide a way to resolve this -- assuming you're running Exchange 2000 or Exchange 2003.
If you're on Exchange 2000, you'll need to get a copy of the April 2004 Exchange 2000 Server post-Service Pack 3 update rollup (Microsoft Knowledge Base Article: 836488, April 2004 Exchange 2000 Server post-Service Pack 3 update rollup) and install it on your Exchange server(s).
If you're on Exchange Server 2003, you'll need to call Microsoft Product Support Services (PSS) and ask for fix 817809
Once hotfixed, you'll want to a DWORD registry key named "incoming defaults to IPM.Note" under the following registry key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeIS\ \Public- and set it to "1" to retain the IPM.Note message class.We are running an Exchange 2003 server using Panda Antivirus. Panda needs to have access to the public folders for monitoring and scanning purposes. Both Exchange and Panda were installed by using the Administrator account and password. However, Panda is now telling us that Panda and Administrator have no rights to the public folders. This keeps Exchange from allowing e-mail into the mail server.
Here is what has likely happened to you: Recently the password for Administrator was changed. The Panda software uses a service account to run the Panda services. During the install, you probably specified the Administrator account as the service account. Now the service will not work until you update the password on the Panda service
To update the password, open the services.msc snap-in, locate the Panda service(s) and view the properties of the service by clicking on the Log On tab. Change the password and click OK
We are using an Exchange 2000 server and Outlook 2003. We have some public folders (Contacts, etc). When we were using Outlook XP, it worked fine. But now, we can't see public folders with Outlook 2003. What can we do to use and synchronize it again?
In Outlook 2003, public folders are not at the bottom of the tree where they used to be. Click on the folder button at the bottom of the navigation pane. The folder list will appear, and then click Public Folders. You may want to add public folder to your favorite folder list.
Unpredictable things can happen if a Microsoft Exchange public folder's objects are moved out of the Exchange System Objects organizational unit (OU). For one, you may get the following error when you try to view the properties of a mail-enabled folder affected by such a change:
The format of the specified domain name is invalidFacility: Win32ID no: c00704bc Exchange System Manager
You'd think that the solution would be to just move the affected objects back into the right OU using Exchange System Manager -- but it isn't that easy.
One of the odder bits of asymmetry in Exchange System Manager is that an object can be moved out of the Exchange System Objects OU, but cannot be moved into it. That's right -- not even if it originally belonged there in the first place. (From what I have been able to tell, this is to prevent the OU from getting "contaminated" by things that aren't supposed to be there, which makes sense, but doesn't help us fix the problem!)
The only way to move objects into the Microsoft Exchange System Objects OU is through the ADSI Edit tool, which is included with Windows 2000/2003 on the \Support\Tools folder on the installation CD.
To restore the public folders to their original OU:
<>1. <>Run the ADSI Edit tool.
<>2. <>Open the Domain NC container, inside which you'll see a tree structure similar to the Active Directory Users and Computers hierarchy.
<>3. <>Open the OU that the public folder directory objects were moved into.
<>4. <>Locate the directory object in that OU and right-click on it.
<>5. <>Select Move, and then the Microsoft Exchange System Objects OU.
Public folders vs. SharePoint -- which is better?
There are some major differences in the way that public folders and SharePoint manage and retain documents. In this article, I compare and contrast Exchange public folders with SharePoint Portal Server and explain when it is appropriate to use one over the other.
Public folders
Public folders are generally better suited for documents that are static in nature -- typically a document or collection of documents commonly used throughout the organization.
For example, one of the companies I used to work for used an Exchange public folder to store all of the various forms used by the Human Resources department -- e.g., forms for requesting time off or for hiring additional staff. The public folders were set up so that only authorized personnel within the Human Resources department could post to them, but anyone in the company could access those folders to view or print forms.
SharePoint
SharePoint Portal Server is better suited to environments where documents frequently change.
Rather than using a hierarchical collection of folders, SharePoint relies on a document library that's accompanied by a rather elaborate search engine. Users access the document library through a Web interface.
Once users locate a document, they must decide whether they want to just view it, or if they want to modify it. If they want to modify the document, they must check it out of the library, and then check it back in when they're done. Nobody else can modify a document while it is checked out.
Another unique SharePoint feature is versioning. When a user modifies a document, the previous version is retained within the library. If someone happens to make an undesirable change to a document, other users can backtrack through the document's history to retrieve a version that existed prior to the change
User interfaces
Public folders exist on an Exchange server and can be replicated across multiple servers for optimal performance. Users access the folder contents directly through Outlook.
Using Outlook to access public folders has its good and bad points. A good point is that public folders can be mail enabled. This means that an e-mail address can be assigned directly to a public folder and users can make posts to the folder by simply sending an e-mail message to the folder's address.
On the flip side, you must be careful to apply the appropriate permissions to the folders and train employees to use your public folders properly. I have seen users do some pretty bizarre things because they didn't completely understand how public folders work.
For example, once I saw a user send an e-mail to everyone in the company. The problem was that he had a couple of public folder addresses in his address book, so his message was also posted to those public folders. I once saw another person treat public folder content in the same manner he treated his personal Inbox. Once he read a post, he deleted it, not realizing that doing so would impact other users.
SharePoint's document versioning helps to prevent users from accidentally deleting documents from the library. Unfortunately, it doesn't offer the convenience of being able to access the document library through Outlook.
SharePoint is also unable to replicate data across multiple servers, and the document library is not mail enabled (although you can configure SharePoint to notify you through e-mail when a document has changed).
Conclusion
Public folders and SharePoint document libraries both have their places. I have heard of large organizations effectively using public folders to host static files and ongoing discussions, while using a SharePoint document library to host files that are more dynamic in nature.
If you want, you can even configure SharePoint so the search engine indexes the contents of your Exchange public folders in addition to its own document library. That way, users can use a single interface to locate data regardless of where it exists within the organization.
About the author: Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. Brien has served as the CIO for a nationwide chain of hospitals and was once in charge of IT security for
need a simple way to copy about 13,000 contacts to a public folder. I'm a network administrator for an insurance company. We have contact information for about 11,000 independent agents and 2,000 various other contacts.
We just implemented a 'fax from desktop' solution. The cool thing about it is that, if you have a contact and a number in the 'Business Fax' field, all you have to do is find that contact, send a message and it goes out as a fax.
The problem is that I have to update this list about once a week because information changes that often. Basically, I import an Excel spreadsheet into a contact list in a personal folder on my computer and then copy to the Exchange Server 2003 public folder. This takes forever and a day even when breaking it up into 2,000 piece increments. It also eats about 60-70% of CPU during the copying procedure.
Is there any easier/simpler way of doing this?
First of all, check whether the public folder that you're importing to is replicated to (or located on) a server that is close to you. Secondly, you'll want to check the raw processing power on the Exchange server hosting that public folder. It's quite likely that boosting server performance will speed up your imports, if that's an option. Finally, you may want to consider creating an address list in Active Directory containing the contacts, instead of placing the contacts in a public folder.
You'll need to learn how to use a tool called LDIFDE for export and import to Active Directory. This is described in Microsoft's Step-by-Step guide to bulk import and export to Active Directory.
If this meets all your requirements, then this will speed up the process dramatically. Since LDIFDE import files are a bit unwieldy to manipulate, you will want to search your favorite Internet search engine for "convert ldif to csv free" to locate some of the free tools available to facilitate making your weekly changes using Excel. Obviously, test this in a lab first to ensure this meets your performance needs.
*************************************************************************************
How do I configure public folders in Exchange 2003, and what are the advantages of public folders?
Good question. Public folders provide a way of sharing Exchange data across your Exchange organization inside of Exchange
You configure public folders from within Exchange System Manager. Navigate to the appropriate Administrative Group and expand the public folders container. You can create and configure public folders from here. Once top-level public folders are created, users with adequate permissions will be able to create subfolders and store content
strongly recommend that you keep public folder usage under tight control. Microsoft has suggested that public folders will be phased out of Exchange gradually, with the logical replacement being SharePoint Portal Server.
**************************************************************
We have public folders running on Exchange 2003. A user has deleted a subfolder within public folders. Although deleted item retention is enabled, the folder cannot be recovered -- even with full control permissions through the public folder hierarchy.
We receive the error, "Outlook was unable to recover some or all of the items in this folder. Make sure you have the required permissions to recover items in this folder and try again. If the problem persists contact your administrator."
I have full owner rights right through the tree and still cannot recover this folder. Any advice would be appreciated.
One thing you may want to look into is whether there were nested public folders beneath this public folder, and what permissions were set on the public folders nested inside of the folder you are trying to recover.
From what I understand, you need rights for the public folder that you are trying to recover, and all nested public folders beneath that public folder.
For example, if you had the following public folder hierarchy:
Top Level Public Folder #1 L Public Folder A L Public Folder B L Public Folder C Let's say you had permissions on Public Folder A and Public Folder B -- but no permissions on Public Folder C. If Public Folder A was deleted, attempting to recover it by viewing the dumpster contents, while highlighting Top Level Public Folder #1, will fail with the message you refer to. This is because you don't have rights on Public Folder C.
I suspect this is what you're experiencing, in which case you will need to resort to a backup. The two ways of recovering the folder from backup are (a) building a recovery server or (b) using a third-party solution to recover the public folder from backup to your production environment.
MEMBER FEEDBACK TO THIS ASK THE EXPERT Q&A:
We utilize these basic procedures with Outlook Web Access to recover public folders that have been deleted, but we could not recover through Outlook.
Our work environment consists of a Windows 2000 domain in native mode and Exchange in mixed mode. Some of our users accidentally deleted public folders that they then needed back. I used the Recover Deleted Items Wizard to recover these folders (How to use Exchange Server 5.5 or Exchange 2000 Server to recover items that are not first transferred to the Deleted Items folder in Outlook). This has been a very useful tool -- however, it doesn't always work.
20% is used in places where the folder name has a space.
I then used the syntax to try to open up the public folder where the person deleted the folder: (http://servername/public/toplevel/subfolder/?cmd=showdeleted&btnClose=1). I saw the folder that the user wanted to recover, highlighted it, clicked Recover and that was it. It didn't give me an error like I received through the Outlook client.
This is actually better than recovering it through the Outlook client, because if you recover it from the Outlook client, it adds (Recovered) to the end of the name of the folder, and also adds "Recovered" to all the e-mail addresses you have assigned to the folder. Recovering the folder through Outlook Web Access does not.
—Dave K.
The end user used her Outlook calendar as the division calendar instead of making a public folder calendar. How do I export the information from her Outlook calendar to the newly created public folder calendar?
Here are some steps for you to follow:
<>1. <>Log onto the end user's account via Outlook.
<>2. <>Navigate to the Outlook folder where the user has saved all the division appointments.
<>3. <>Now you will want to define a new view. Call it whatever you want (i.e., "everything").
<>4. <>In the new view dialog, select the "table" type and make sure all defaults are accepted (i.e., don't select a filter).
<>5. <>Click apply.
<>6. <>You will now see a list of all appointments in this Calendar.
<>7. <>From here on in things get simple. Just select Edit -> Select All (or simply click CTRL-A) and then copy all items to the newly created public folder calendar.
That's all you need to do. You should now have all the appointments in the shared public folder for all to see.
No comments:
Post a Comment