| 0 comments ]

Overview

Add a note hereOne of an administrator’s most important tasks is to create and configure Exchange recipients. A recipient is an object in Active Directory that references a resource that can receive a message.

Add a note hereThe resource might be a mailbox in a private Information Store, such as in the case of a user, or a public folder in the public Information Store that is shared by many users. No matter where an actual resource exists, though, a recipient object is always created in the Active Directory.

Add a note hereIn this chapter, we will discuss the types of Exchange recipients, their creation, and their properties. Exchange has four basic types of recipients:

Add a note here Users A user is an Active Directory object that typically represents a person who uses the network. Once Exchange is installed and updates the schema, each user in the Active Directory can be mailbox-enabled, mail-enabled, or neither. A mailbox-enabled user has an associated mailbox in a private Information Store on an Exchange server. Each user’s mailbox is a private storage area that allows an individual user to send, receive, and store messages. A mail-enabled user is one who has an e-mail address but does not have a mailbox on an Exchange server. These users send and receive e-mail by using an external ISP.

Add a note here Groups A group in Active Directory is like a container to which you can assign certain permissions and rights. You can then place users (and other groups) into that group, and they automatically inherit the group’s permissions and rights. Exchange uses the concept of mail-enabled groups to form distribution lists. Messages sent to a group are redirected and sent to each member of the group. These groups allow users to send messages to multiple recipients without having to address each recipient individually.

Add a note here Contacts A contact is a pointer object that refers to an e-mail address for a non-Exchange recipient. Contacts are most often used for connecting your organization to foreign messaging systems, such as Microsoft Mail, Lotus cc:Mail, or the Internet. As an administrator, you would create contacts so that frequently used e-mail addresses are available in the Global Address List (GAL) as real names. This makes it easier to send mail because users do not need to guess at cryptic e-mail addresses.

Add a note here Public folders A public folder is like a public mailbox. It is a container for information to be shared among a group of people. Public folders can contain e-mail messages, forms, word-processing documents, spreadsheet files, and files of many other formats. Public folders can also be configured to send information to other recipients.

Add a note hereThe rest of this chapter discusses the creation and configuration of these four recipient objects, as well as related management tasks.

Users

Add a note hereIn previous versions of Exchange, such as Exchange Server 5.5, both the tool used to create user accounts (User Manager for Domains) and the tool used to administer Exchange (Exchange Administrator) could be used to create and manage mailboxes. This has changed in Exchange Server 2003. Now, one tool, named Active Directory Users and Computers, is used to create and manage mail-related user properties. Although the concept of the mailbox as a physical area of storage on an Exchange server is still valid, the concept of a mailbox as a recipient object in the Exchange directory no longer is. Now, there are only user objects in the Active Directory. Property pages of the user object are now used to configure Exchange-related properties.

Add a note hereThis tying together of user accounts and mailbox properties means that Exchange administrators and Windows administrators will now have to work more closely than ever before. Though many Exchange administrators who have worked with Exchange Server 5.5 may hate the idea of giving up control of mailbox administration, this is usually what happens. Since all of the user-related functions of mailbox management are now accessed through Active Directory Users and Computers, it makes sense to have one account administrator handle all of the user-management details.

Add a note here Exchange Server 2003 supports two mail configurations for a user: mailbox-enabled and mail-enabled. The creation and management of each type are discussed in the following sections.

Add a note here Mailbox-Enabled Users

Add a note hereEvery user in an organization needs access to an Exchange-based mailbox in order to send and receive messages using the Exchange server. One of the principal administrative tasks in Exchange is the creation and management of these mailboxes. In Exchange Server 2003, a user with an associated mailbox is called a mailbox-enabled user. Mailbox-enabled users are able to send and receive messages, as well as store messages on an Exchange server.

Creating a Mailbox-Enabled User

Add a note hereWhen the Active Directory forest is prepared for Exchange Server 2003, a number of important changes are made. One is that the Active Directory schema is updated with attributes for objects that relate to Exchange. Another important change is that the Active Directory Users and Computers snap-in is updated with extensions that allow the automatic creation of mailboxes whenever users are created. It is also easy to create mailboxes for existing users. Exercise 5.1 outlines the steps for creating a new user and an associated mailbox using Active Directory Users and Computers. Exercise 5.2 outlines the steps for creating a mailbox for an existing user. Both exercises assume that Exchange Server 2003 has previously been installed in the domain.

Add a note here EXERCISE 5.1: Creating a New User and Mailbox

  1. Add a note hereChoose Start > Programs > Administrative Tools > Active Directory Users and Computers.

  2. Add a note hereFrom the Action menu, point to New, and select User.

  3. Add a note hereOn the New Object – User screen, seen below, fill in the information for the new user. This includes the user’s full name and logon name. When you have finished, click Next.

    Add a note here Click to collapse
  4. Add a note hereOn the next screen, enter and verify the user’s password, and set any password restrictions you want, as seen below. When you have finished, click Next.

    Add a note here Click to collapse
  5. Add a note hereNext, you are given the opportunity to create an Exchange mailbox for the user. To do so, first make sure the Create An Exchange Mailbox option is selected, as seen below.

    Add a note here Click to collapse
  6. Add a note hereAn alias is suggested based on the logon name that you chose for the user. The alias is an alternate means of addressing a user that is used by foreign that may not be able to handle a full display name. You can change this if you have a specific policy in place for creating aliases, or you can leave it at the Windows default.

  7. Add a note hereBy default, the first Exchange server is selected as the server on which the mailbox should be created. Use the drop-down menu to change this if you want to create the mailbox on a different server.

  8. Add a note hereAlso by default, the first storage group on the selected server is chosen for you. Use the drop-down menu to alter that choice if desired. Once you have made your selections, click Next to go on.

  9. Add a note hereA summary screen is now displayed asking you to confirm your choices. If you want to change any of the settings, you can use the Back button to do so. Once you are satisfied with your choices, click Finish to exit the wizard, create the new user object in the Active Directory, and create the new mailbox on the selected Exchange server.


Add a note here EXERCISE 5.2: Creating a Mailbox for an Existing User

  1. Add a note here Choose Start > Programs > Administrative Tools > Active Directory Users And Computers.

  2. Add a note hereIn the Tree pane on the left, click the Users container.

  3. Add a note hereIn the Results pane on the right, find and select the user object for which you want to create a mailbox.

  4. Add a note hereFrom the Action menu, select Exchange Tasks.

  5. Add a note hereClick Next to bypass the Welcome screen of the wizard.

  6. Add a note hereOn the Available Tasks screen, seen below, make sure that Create Mailbox is selected, and click Next.

    Add a note here Click to collapse
  7. Add a note hereOn the Create Mailbox screen, make sure that the alias, server, and storage group selections are all appropriate, and then click Next.

  8. Add a note hereA summary screen is now displayed asking you to confirm your choices. If you want to change any of the settings, you can use the Back button to do so. Once you are satisfied with your choices, click Next to create the mailbox.

  9. Add a note hereAfter the mailbox has been completed, click Finish to exit the wizard.


Configuring Mailbox Properties

Add a note here A user object, like all objects, has properties. Those properties are configured and viewed through property pages and the individual attributes on those property pages. Mailbox properties are configured using several Exchange-related property pages of the user object. The property pages of a user object are accessed in one of two ways. With the user highlighted, you can use the Properties command on the Action menu to access the property pages. A quicker way is simply to double-click the user object.

Add a note hereMany of the attributes that you can configure are straightforward and do not warrant much explanation (e.g., phone number). This section describes several of the property pages that pertain to the Exchange organization and the important individual attributes.


Note

Add a note hereThe terms properties and attributes are used interchangeably in this chapter.

General Page

Add a note hereThe General page, shown in Figure 5.1, records general information about the user object. The first name, middle initial, and last name that you enter are used to generate a display name, which is the name of the recipient as it appears in the Active Directory Users and Computers window. The rest of the information on this page is used to further identify the recipient. All of this information is available to users when they browse the Global Address List from their e-mail client.

Click to collapse
Add a note hereFigure 5.1: The General page of a mailbox
Organization Page

Add a note hereThe Organization page contains fields for recording the organization information for the user, the name of the user’s manager, and the people who report to the user. These people are referred to as direct reports. All of these fields are optional. All the information configured on this property page is also available in the Global Address List.

Address and Telephones Pages

Add a note hereThe Address and Telephones pages contain information on addresses and phone numbers, as well as a place for free-form notes about the user. All of this information is also available in the Global Address List.

Exchange General Page

Add a note hereThe Exchange General page, shown in Figure 5.2, is used to configure general properties governing the Exchange mailbox associated with the user. The mailbox store that the user belongs to is displayed but cannot be changed. The alias is an alternate means of addressing a user that is used by foreign messaging systems that may not be able to handle a full display name.

Click to collapse
Add a note hereFigure 5.2: The Delivery Restrictions dialog box

Add a note hereYou will also find three buttons on this page that lead to more important settings: Delivery Restrictions, Delivery Options, and Storage Limits.

DELIVERY RESTRICTIONS

Add a note hereThe Delivery Restrictions dialog box, seen in Figure 5.3, contains information regarding from whom this mailbox will accept or reject messages. The default is to accept messages from everyone. In addition, you can configure size restrictions on incoming and outgoing messages on the mailbox.

Click to collapse
Add a note hereFigure 5.3: The Delivery Options dialog box
DELIVERY OPTIONS

Add a note hereThe Delivery Options dialog box, seen in Figure 5.4, specifies a list of users who can send mail “on behalf of” this mailbox user. It also allows mail sent to this mailbox to be rerouted to another mailbox, referred to as an alternate recipient. You can configure the alternate recipient to receive mail instead of the original mailbox or along with the original mailbox.

Click to collapse
Add a note hereFigure 5.4: The Storage Limits dialog box

Note

Add a note hereSend On Behalf Of permission can also be helpful in troubleshooting. If you assign this permission to yourself, as administrator, it allows you to test messages from any recipient in the organization. However, you should always use test mailboxes created for this purpose and not actual user mailboxes. Many users would consider having extended access into their e-mail an intrusion.

STORAGE LIMITS

Add a note hereThe Storage Limits dialog box, seen in Figure 5.5, lets you set two parameters: storage limits and deleted item retention time. Storage limits refer to the limit placed on the size to which a mailbox can grow and what happens when that limit is crossed. By default, the Information Store (IS) settings will be used. However, this can be overridden. If it is overridden, you can set values (in kilobytes) for when warnings will be issued, when sending messages will be prohibited, and when sending and receiving messages will be prohibited.

Click to collapse
Add a note hereFigure 5.5: The Exchange General page of a mailbox

Add a note hereThe deleted item retention feature enables mailbox users to retrieve deleted items. But to prevent excessive build-up of deleted items, Exchange allows you to set a retention time for deleted items. You can configure that length of time through this setting or at the IS object. The IS default value will be used, but you can configure a mailbox to override that setting by specifying the number of days for deleted item retention. You can also configure a mailbox to keep deleted items (i.e., not permanently deleted) until the mailbox has been backed up.

E-mail Addresses Page

Add a note hereEach time an Exchange mailbox is created, a number of non-Exchange mail addresses, also called foreign mail addresses or proxy addresses, are automatically generated for that Exchange mailbox. This allows Exchange mailboxes to be prepared to receive mail from foreign mail systems. The E-mail Addresses page, seen in Figure 5.6, lets you configure these addresses.

Click to collapse
Add a note hereFigure 5.6: The E-mail Addresses page

Add a note hereMicrosoft Exchange can generate foreign addresses for the following systems, although by default it creates only X.400 and SMTP foreign addresses:

  • Add a note hereCustom address

  • Add a note hereX.400 address

  • Add a note hereMicrosoft Mail address

  • Add a note hereSMTP address

  • Add a note herecc:Mail address

  • Add a note hereLotus Notes address

  • Add a note hereNovell GroupWise address

Exchange Features Page

Add a note hereThe Exchange Features page, shown in Figure 5.7, lets you enable and disable advanced Exchange features for an individual mailbox. Such features include Outlook Mobile Access features, Outlook Web Access, and the ability to connect to the Exchange organization using various e-mail protocols.

Click to collapse
Add a note hereFigure 5.7: The Exchange Features page
Exchange Advanced Page

Add a note hereThe Exchange Advanced page, shown in Figure 5.8, lets you configure a number of miscellaneous features that the Exchange designers decided were advanced for one reason or another.

Click to collapse
Add a note hereFigure 5.8: The Exchange Advanced page

Add a note hereThe simple display name is an alternate name for the mailbox. It appears when, for some reason, the full display name cannot. This situation often occurs when multiple language versions of System Manager are used on the same network.

Add a note hereBy default, all recipients except public folders are visible to users via the Global Address List. You can use the Hide From Exchange Address Lists option to hide a mailbox from that list or other lists created in System Manager. The mailbox will still be able to receive mail; it just will not be included in address lists.

Add a note hereIf you select the Downgrade High Priority Mail Bound For X.400 option, the current mailbox cannot send high-priority messages to X.400 systems. If a high-priority message is sent, it will automatically be downgraded to normal priority.

Add a note hereIn addition to the attributes just mentioned, three buttons lead to separate dialog boxes with more configuration options: Custom Attributes, ILS Settings, and Mailbox Rights.

CUSTOM ATTRIBUTES

Add a note hereThe Custom Attributes page lets you enter information about a mailbox in 15 custom fields. These fields can be used for any information that you need to include that isn’t available on the other property pages. For example, if your company uses a special employee identification numbering system, you could create a custom field for that number. These fields are available to users in the Global Address List only if they are using a special template that displays them or if they perform a specific LDAP query. By default, these fields are labeled extensionAttribute1 through extensionAttribute15, but they can be customized to suit your needs. Just select a field, and click Edit to enter a new value.

ILS SETTINGS

Add a note hereTwo fields on this page allow you to specify the server name of a Microsoft Internet Locator Service (ILS) and the account name (ILS account) for this mailbox. This is applicable if your network is using Microsoft NetMeeting for online meetings.

MAILBOX RIGHTS

Add a note hereThis page allows you to view and configure the permissions that users and groups have for this mailbox. It should be noted that you could assign multiple users as the owners of a mailbox. This is useful when you want to create a mailbox that will be used by a group of people, such as a Help Desk department. A single mailbox could be created, and all users of that department could be made an owner of that mailbox.

Add a note hereYou can modify the particular rights of any user in the list by selecting the user and modifying the Allow and Deny check boxes beside the individual mailbox rights. Some of the more common rights that you can assign here are:

Add a note here The Delete Mailbox Storage right Allows a user to delete the actual mailbox from the Information Store. This right is given only to administrators by default.

Add a note here The Read Permissions right Lets the user read mail in the mailbox. You could use this right alone to allow a user to read another user’s mail but not send, change, or delete messages.

Add a note here The Change Permissions right Allows a user to delete or modify items in the primary user’s mailbox.

Add a note here The Take Ownership right Allows a user to become the owner of a mailbox. By default, only administrators are given this permission.

Add a note here The Full Mailbox Access right Allows a user to access a mailbox and read and delete messages. It also allows the user to send messages using the mailbox.

Security Page

Add a note hereThe Security page, seen in Figure 5.9, lets you configure security options for the Active Directory object (in this case, a user account), including the Send As option. Previously this was configured using the Mailbox Rights page.

Click to collapse
Add a note hereFigure 5.9: The Security page

Note

Add a note hereIn order to see the Security page of the user account, you will need to have enabled the Advanced Features view in Active Directory Users and Computers. You can do this by selecting the Advanced Features option located on the View menu of the Active Directory Users and Computers console.

Member Of Page

Add a note hereThis page specifies the distribution groups of which this mailbox is a member. Not only can you manage a group from a user’s properties, but you can also manage a group from the group’s properties. For more information on distribution lists, see the section “Groups” later in this chapter.

Add a note here Mail-Enabled Users

Add a note hereA mail-enabled user is simply a user who has an e-mail address but not a mailbox on an Exchange server. This means that the user can receive e-mail through their custom address but cannot send mail using the Exchange system. You cannot mail-enable a user during account creation. The only way to create a mail-enabled user is first to create a new user that is not mailbox-enabled and then to enable mail for that user. Exercise 5.3 outlines the steps for mail-enabling a user.

Add a note here EXERCISE 5.3: Creating a Mail-Enabled User

  1. Add a note hereClick Start, point to Programs, point to Administrative Tools, and select Active Directory Users And Computers.

  2. Add a note hereIn the tree pane on the left, click the Users container.

  3. Add a note hereIn the right pane, find and select the user object for which you want to enable mail.

  4. Add a note hereFrom the Action menu, select Exchange Tasks.

  5. Add a note hereClick Next to dismiss the opening page of the Exchange Task Wizard.

  6. Add a note hereSelect the Establish E-mail Address option from the list, as seen below, and click Next.

    Add a note here Click to collapse
  7. Add a note hereOn the Establish E-mail Address page, seen below, enter the desired alias for the user and then click the Modify button to create an e-mail address for the mail-enabled user.

    Add a note here Click to collapse
  8. Add a note hereThe New E-mail Address dialog appears, as seen below, with a list of address types. From this list, select the type of e-mail address you want to create for the user, and click OK. For this exercise, we will create an SMTP e-mail address.

    Add a note here Click to collapse
  9. Add a note hereThe Internet Address Properties dialog opens, as seen below. On the General tab of the dialog, enter the e-mail address for the user.

    Add a note here Click to collapse
  10. Add a note hereYou can configure advanced settings by switching to the Advanced tab, seen below. If desired you can override the Internet Mail Service default settings for the user by checking the Override Internet Mail Service Settings For This Recipient box and configuring your own message format settings. When you have finished, click OK.

    Add a note here Click to collapse
  11. Add a note hereYou are now returned to the Exchange Task Wizard, and the new e-mail address appears in the appropriate field. Click Next to go on.

  12. Add a note hereThe Exchange Task Wizard will now mail-enable the user. When the process has completed you will be presented with a summary page. Click Finish to exit the wizard.


Add a note hereOnce you enable mail for a user following this procedure, you can configure the mail settings in the same way you would for a mailbox-enabled user.


Note

Add a note hereMicrosoft has introduced a new type of user object in Exchange Server 2003. The InetOrgPerson object is used to improve compatibility between Exchange Server 2003 and those directory services that use the InetOrgPerson object. You can learn more about the InetOrgPerson object at www.faqs.org/rfcs/rfc2798.html.

0 comments

Post a Comment