- Exchange's Core Components
- Design Goals
- Architecture Similarities
- Terminology Changes
- Architecture Changes
- Directory Services
- Directory Access
- How DSProxy Is Used
- How DS Referral Is Used
- Transport Services
- IIS Integration
- Distributed Configurations
- Addressing with Exchange 2000
- Address Generation
- Directory Connectivity
- Active Directory Connector (ADC)
- Site Replication Service
- Address Lists
- Accessing Filter Rules for Address Lists
- Configuring Filter Rules for Address Lists
- Active Directory Users and Computers
- Creating Users
- Creating Groups
- Creating Contacts
- Managing Users
- Managing Groups
- Managing Contacts
- DS Referral
- Configuration of Diagnostic Logging
- Displaying Routing and Administrative Groups
Now that users are in the Active Directory, the logical progression is toward the management of these users. Using the AD Users and Computers interface, users can be managed directly. (See Figure 3.24.) Programming interfaces also can be used to manipulate these objects without the use of the MMC snap-in.
Figure 3.24 From the AD Users and Computers MMC snap-in, right-click different objects for context pop-up menus.
To access the user properties, right-click the user object. A pop-up context menu will appear. From this menu, select Properties. The Properties dialog box has 19 tabs to access the various property sheets. For Exchange, we are interested in only five of these property pages.
The General property page has the user's name and display name. (See Figure 3.25.) The Internet email address is also on this property sheet.
Figure 3.25 The email address in the E-mail field corresponds to the Primary (Default Reply) address.
From the Exchange General property sheet, an administrator can see the location of the user's mailbox store. The alias used for logon and mailbox access can be changed here as well. (See Figure 3.26.) From this property sheet, an administrator can drill down and make specific settings for Delivery Restrictions, Delivery Options, and Storage Limits.
Figure 3.26 Notice that the mailbox store location cannot be changed from this location. This action is done from the AD Users and Computers snap-in rather than from the property pages.
A Delivery Restrictions button is on the Exchange General property sheet. (Refer to Figure 3.26.) This button is used to open the Delivery Restrictions dialog box. (See Figure 3.27.) From this dialog box, inbound and outbound message restrictions can be set. Message restrictions can also be set by selecting either the Only From: or From Everyone Except: radio button. After selecting one of these buttons, users or groups can be added.
Figure 3.27 The message restrictions could be especially helpful for a user who only wanted to receive email from his or her assistant.
A Delivery Options button on the Exchange General property sheet is used to open the Delivery Options dialog box. (See Figure 3.28.) From this dialog box, send on behalf or permissions can be granted. This can be useful for an assistant that needs this type of capability for their manager's mailbox. The Forwarding address is used to specify a mail-enabled object, such as a contact. This Forwarding address will receive all the mail sent to this user. A check box called Deliver Messages to Both Forwarding Address and Mailbox can either cause or prevent the delivery of duplicate messages to the user's mailbox. The Recipient Limits can either accept the defaults for the user's environment, or can be set to a specific number for this particular user. This can be useful when the marketing group needs to send a mass mailing that exceeds the companywide policy.
Figure 3.28 Any mail-enabled object in the Active Directory can be specified in the Forwarding address field. Contacts, Public Folders, and Distribution Groups are examples.
A Storage Limits button on the Exchange General property sheet is used to open the Storage Limits dialog box. (See Figure 3.29.) For this dialog box, the default settings are to use the default settings of the mailbox store. These settings can be overridden at the administrator's discretion.
Figure 3.29 For an environment where fringe data loss is unacceptable, it is a good practice to check the Do Not Permanently Delete Items Until the Store Has Been Backed Up box.
The E-Mail Addresses property sheet is where the user's email addresses can be found. (See Figure 3.30.) Several different types of email addresses are supported. An administrator can create multiple addresses for the user of the following types: Custom, X.400, Microsoft Mail, SMTP, cc:Mail, Lotus Notes, and Novell GroupWise. At the bottom of the window is a check box called Automatically Update Email Addresses Based on Recipient Policy. This check box allows the administrator to make bulk changes to recipient addresses by applying a policy. In lines of business where mergers and acquisitions are frequent, this is a useful feature indeed.
Figure 3.30 In this example, the user has multiple SMTP addresses. The address in bold is the Primary, or default, reply address. This is the address that users outside the system will see in the header of messages sent by this user.
The Exchange Features property sheet can be used to enable, disable, or modify the services that the user is allowed to access. (See Figure 3.31.) If a service is to be enabled, the administrator will need to have the information for the service. In this example, if the administrator is to enable Instant Messaging, he or she would need to know the Home Server and Domain Name for Instant Messaging.
Figure 3.31 The Instant Messaging feature is currently disabled. The administrator could click the Enable button to turn on this feature for this particular user.
The Exchange Advanced property sheet can be used to set the user's simple display name, hide the user from Exchange address lists, or to set a downgrade action for high-priority mail bound for X.400. (See Figure 3.32.) Four buttons are on this property sheet that can be used to access the Custom Attributes, Protocol Settings, ILS Settings, and Mailbox Rights for this user object.
Figure 3.32 An administrator might want to hide a user from the address list. Perhaps an employee left the company, but might be returning at a later date.