messages from that mailbox. A mail−enabled user has no mailbox in your Exchange system. Rather, a mail− enabled user has an e−mail address outside your Exchange system. A mail−enabled user can log on to your Windows 2003 network and act as any other Windows 2003 user. However, such a user must send and receive messages in another messaging system. When a mailbox−enabled user sends a message to a mail− enabled user, Exchange sends the message to the mail−enabled users external e−mail address. Mail−enabled users are new to Exchange. They make it easy to deal with Windows 2003 users who want to use an external e−mail account. Dont confuse mail−enabled users with contacts (custom recipients in Exchange 5.5). Contacts point to addresses that are external to your Exchange system, just like mail−enabled users. However, thats all they do. There is no Windows 2003 user connected with a contact. To start, Ill show you how to create and manage a new mailbox−enabled user. After that, Ill show you how to create and manage a mail−enabled user. Note Youll notice that here I use the term user rather than user account. An Exchange user is a Windows 2003 user account that has been either mailbox− or mail−enabled. Creating and Managing Mailbox−Enabled Users This is a pretty complex section. Creating a mailbox−enabled user is a piece of cake, but managing one isnt so easy. Because a mailbox−enabled user is both a Windows 2003 and an Exchange 2003 user, the management interface for such a user is full of mind−boggling and sometimes diverting detail. Youll spend a good deal of time in this section doing hands−on tasks, but youll also devote considerable effort to understanding the dizzying array of management options available for mailbox− enabled users. In this section, we first create a mailbox−enabled user. Then we take a look at all of the management options available for each user on the user Properties dialog box. Creating a Mailbox−Enabled User Lets create a mailbox−enabled user for Jane Dough, a securities consultant for a major multinational conglomerate. Because Jane doesnt exist as a user, well first have to create her user account to mailbox−enable that account. To start, right−click the Users container and select New > User from the pop−up menu. The New Object − User dialog box opens (see Figure 11.13). Fill in at least your users first and last names. Each field that youre filling in contains a property or, more specifically, an attribute of the user. The users full name is automatically created. Notice in Figure 11.13 that the system uses the last_name, first_name middle_initial. format for display names that I created in the section Setting the Default Format for Display Names earlier in this chapter. Finally, enter a user login name. The preWindows 2000 name is automatically created. Creating and Managing Mailbox−Enabled Users 274 Figure 11.13: Using the New ObjectUser dialog box to create a new user account Click Next and enter a password for the user. Click Next again and view and accept the creation of an Exchange mailbox (see Figure 11.14). This is where you choose whether or not to mailbox− enable this user. Note that you can change the default mailbox alias and select the server and mailbox store on which the mailbox will be created. Click Next, and then Finish on the last page of the New Object − User dialog box. Figure 11.14: Mailbox−enabling a new user Find your new user in the Users container, and double−click it (see Figure 11.15). This opens the Properties dialog box for your new user. If the dialog box doesnt show the new users e−mail address yet, close the dialog box and wait a few minutes for the Recipient Update servers to create the address. You dont have to create a new user account and mailbox−enable the user at the same time. You can deselect the Create an Exchange Mailbox option on the New ObjectUser dialog box (see Figure 11.14, shown earlier), create the user account, and then mailbox−enable the user later. To mailbox−enable an existing user account, right−click the account in the Users container and select Exchange Tasks. A wizard will then guide you through the mailbox−enabling process. Tip When a user account has been mailbox−enabled, how do you get rid of the mailbox? Just open the Exchange Task Wizard (right−click the user and select Exchange Tasks from the menu that pops up) and select Delete Mailbox. To delete a user account, whether its mailbox−enabled or not, select it and either press the Delete key or right−click it and select Delete from the menu that pops up. Creating and Managing Mailbox−Enabled Users 275 Managing Mailbox−Enabled Users Okay, now lets take a tour of the user Properties dialog box shown previously in Figure 11.15. Before we begin that tour, I need to talk a bit about the property pages on the dialog box that are relevant to Exchange and those that are not. Figure 11.15: The Properties dialog box for a new user Exchange−relevant means that a property page contains e−mail−specific attributesattributes that provide information about a user that other users can view, or attributes that are necessary to the proper functioning of the electronic−messaging environment. E−mail−specific attributes are attributes relating directly to a mailbox−enabled users mailbox. These include limits on what can be stored in the mailbox, who can access it, and such. E−mail−specific property pages in Figure 11.15 include these: Exchange General• E−mail Addresses• Exchange Features• Exchange Advanced• Attributes that provide information about a user that other users can view are attributes that an Outlook user can view. Figure 11.16 shows the Properties dialog box for user Jane Dough that opens when you click on her name in the Address Book that is part of the Outlook client. (See Chapter 10, A Quick Overview of Outlook 2003, for a refresher on the Address Book.) The General tab, which you can see in detail, and the other four tabs, which you cant, include a great deal of the information that is administered and managed on various property pages of the user Properties dialog box, shown earlier in Figure 11.15. Information carries over to the Outlook Address Book properties dialog box (Figure 11.16) from the following property pages on the user Properties dialog box (Figure 11.15): General• Address• Telephones• Organization• Member Of• Creating and Managing Mailbox−Enabled Users 276 Figure 11.16: Viewing user attributes in the Outlook Address Book So, as an Exchange Server 2003 manager, you should focus on 9 of the 20 property pages on the user Properties dialog box. Does that mean that you dont have to worry about the other 11 pages? No such luck. Although these pages focus heavily on Windows 2003 account attributes, you need to understand some of them so that you can either use them when necessary or ask a Windows Server 2003 administrator to set up certain attributes for you. These pages, which have attributes that are necessary to the proper functioning of the electronic messaging environment, include Account• Profile• Published Certificates• Security• Environment• All right! Now, lets look at the 9 Exchange−specific property pages and the 5 property pages that cover attributes necessary to the proper functioning of the Exchange environment that appear on the user Properties dialog box. Well look at each property page in the order specified here. After I discuss the 14 Exchange−specific property pages, Ill quickly discuss the remaining 6 property pages on the user Properties dialog box. Note There are other ways to manage the mailboxes of mailbox−enabled users other than with individual user property pages. Ill talk about these in Chapter 12. For now, suffice it to say that these include setting storage parameters for an entire mailbox store and using Exchange Servers Mailbox Manager. E−Mail−Specific Property Pages Exchange 5.5 administrators will find most of the mailbox management user interfaces that they are accustomed to in the four e−mail−specific property pages. A number of property pages were displayed on Exchange 5.5s mailbox dialog box. To avoid property page mania, Exchange 2003 adds only four e−mail−specific property pages to the user Properties dialog box. Two of these pages, Exchange General and Exchange Advanced, contain buttons that open seven additional property pages. Lets take a look at the four e−mail−specific property pages on the Windows 2003 user Properties dialog box: Creating and Managing Mailbox−Enabled Users 277 E−Mail Addresses The E−Mail Addresses property page shows a mailboxs addresses for different types of messaging systems (see Figure 11.11, shown earlier). As I noted in the earlier section Setting the Default Format for Organizational E−Mail Addresses, two addressing defaults are created by default when you install Exchange Server 2003: SMTP and X.400. These addressing defaults are then used to generate specific addresses for each recipient. Using the E−Mail Addresses property page, you can add a new address or manually change or even remove an existing address. For example, I sometimes give certain users a second SMTP address that includes their specific department. Adding, modifying, or removing addresses manually is fun, but not for those new to Exchange 2003, both because its a little dangerous to play with addresses and because its sometimes not enough to just add, change, or remove the address. You might also have to do some things in other areas within Exchange and maybe even in external systems. Ill talk about all this stuff in Chapter 16, Advanced Exchange Server Administration and Management. You can also use the E−Mail Addresses property page to set an address of a particular type as the primary address. The primary address is the one that appears in the From field of a message. It is also the return address for replies to the message. You need two addresses of the same type to change the primary address. In the case of my second SMTP address example, I leave the system−generated address as the primary address. Exchange Features You use the Exchange Features property page, shown in Figure 11.17, to enable and disable client−oriented features such as wireless and Internet−based access to your Exchange server. Well look at this page again in Chapter 14, Managing Exchange 2003 Services for Internet Clients and Chapter 19, Wireless Access to Exchange Server 2003. Figure 11.17: Using the Exchange Features property page to enable and disable various client access services Creating and Managing Mailbox−Enabled Users 278 Exchange General Now, click over to the Exchange General property page. The store holding the mailbox is shown in the Mailbox Store field (see the left side of Figure 11.18). You cant change the mailbox store here; you have to move a mailbox to change its store. Well get into moving mailboxes later in this book. Figure 11.18: The Exchange General property page and its Delivery Restrictions property page that is opened by clicking the Delivery Restrictions button The alias for the users mailbox is shown immediately after the name of the mailbox store. You can change the alias here, but that wont change the aliases used in Exchange addresses that have already been generated for this mailbox. The change will affect any addresses added in the future. Delivery Restrictions, Delivery Options, and Storage Limits The three buttons on the Exchange General property page open subproperty pages for further setting properties. These pages enable you to set a range of attributes relating to messages and permissions: Delivery Restrictions Sending and receiving messages takes network bandwidth. You can control bandwidth usage by setting limits on the size of messages that a user can send and receive. As you can see on the right side of Figure 11.18, shown earlier, you can choose to use the default limit for sent and received messages, or set a specific limit for the mailbox. Ill talk about setting default size options in the next chapter. In addition to setting message size limits, you can restrict the senders a mailbox can receive messages from. The default, as you can see in Figure 11.18, is to accept messages from everyone. Alternatively, you can choose to allow the mailbox to receive messages from a specific list of senders or from all senders but a specific list. You must choose the senders from among users, groups, and computers in your Active Directory. So, you cant use message restriction options to control messages from outside your Exchange organization unless you enter a specific address as a contact in your Active Directory and then select that address. Ill talk more about restricting messages to and from external mail systems in Chapter 13, Managing Exchange 2003 Internet Services. Delivery Options Figure 11.19 shows the Delivery Options subproperty page of the Exchange General property page. This ones pretty neat. You can grant another user permission to send messages on behalf of this mailbox. The From field in Send on Behalf messages identifies both the person sending the message and the Creating and Managing Mailbox−Enabled Users 279 individual on whose behalf the message was sent. Can you imagine going through and setting Send on Behalf options for each user? Whew! But dont worry: Users can do it for themselves using their Exchange clients. Figure 11.19: Using the Delivery Options property page to give other recipients special rights to a mailbox, set a forwarding address, and limit the number of recipients a mailbox can send messages to at one time The Forwarding Address option is quite neat too. With Exchange 5.5, users had to set up forwarding in their Outlook clients. They can still do this, but Exchange 200x administrators now have the option of setting the forwarding address, which, if nothing else, means that forwarding from Exchange environments should be more accurate. As with message restrictions in the last section, you can forward to an address only in your Active Directory. So, you have to enter a contact for external addresses. Even so, this little addition alone is almost worth the price of admission to Exchange Server 2003. Some organizations have their mass mailers. These are people who write a message and then send it to everyone that they can find on their corporate address list, either by picking everyones name or by using one or more distribution lists. The Recipient Limits option on the Delivery Options property page lets you limit the number of recipients that a mailbox user can send a message to. In computing this limit, a distribution group is not equal to one recipient. Instead, it is equal to all the recipients on the list. This is a nice way to cut down on all that internal spamming on your system. The default is a whopping 5,000 recipients. Ill show you how to change the default in the next chapter. Storage Limits Use the Storage Limits subproperty page of the Exchange General property page to either accept the stores default maximum−size limits (youll learn how to set the default in the next chapter) or set specific maximum limits for the mailbox. As shown in Figure 11.20, you can use any or all of three options when setting limits. The mailbox user gets a warning when the first limit is reached and then on a specific schedule thereafter until storage drops below the limit. Ill show you how to set the default warning message schedule in the next chapter. Creating and Managing Mailbox−Enabled Users 280 Figure 11.20: Using the Storage Limits property page to limit the amount of disk space available to a mailbox and determine how deleted but retained items are handled When the second limit is reached, the mailbox can no longer send mail. It can still receive mail, however, because you might not want those who send messages getting a bunch of bounced message notifications just because a mailbox user is a resource hog. The third limit prevents reception as well as sending of messages. This option is useful when a user will be out of the office for an extended period and you dont want that persons mailbox to fill up with gobs of unanswered messages. Exchange 5.5 brought a great new concept to Microsoft messaging: deleted item retention. Essentially, when a user deletes messages from the Deleted Items folder, the messages no longer show up in the folder but are retained in the Exchange server message store for a specific time. Using an Outlook 2000 or 2003 client, a user can retrieve deleted messages not yet deleted from the store. Ill show you how to set default deleted−item retention parameters in the next chapter. You can use the Storage Limits property page to set retention parameters for a specific mailbox. You can set the number of days that deleted items are kept on the mailboxs Exchange server before they are automatically and finally deleted, or you can specify that items should not be deleted until the store in which they are located has been backed up. Exchange Advanced Properties Page The Exchange Advanced properties page brings together a number of Exchange 2003 attributes that you might need to modify (see Figure 11.21). Exchange 5.5 refugees will be happy to see that they can manage many of their favorite Exchange attributes using this page. Lets look at these attributes in the order that they appear on the page. Creating and Managing Mailbox−Enabled Users 281 Figure 11.21: The Exchange Advanced property page Simple Display Name The Simple Display Name field is especially useful in certain multilingual Exchange environments. Exchange clients and the Exchange System Manager show the simple display name when the full display name cant be properly shown. For example, if a full display name is stored in a double−byte character set such as Chinese Traditional or Korean, and if a particular copy of the client or the Exchange System Manager isnt set to display the character set, the simple display name is shown in place of the full display name. Hide from Exchange Address Lists Select Hide from Exchange Address Lists to prevent a mailbox from showing up in the various address lists supported by Exchange. Generally, you want to hide a mailbox from the Address Book to protect a particular mailboxs privacy or when it is used by custom−programmed applications rather than by human users. Downgrade High−Priority Mail Bound for X.400 Check this box to prevent the mailbox from sending X.400 mail at high priority. If the mailbox user attempts to send a message destined for an X.400 system at high priority, the Exchange Server downgrades the priority to Normal. You use this option to ensure that messages to X.400 mail systems conform with the older 1984 X.400 standard. Custom Attributes, ILS Settings, and Mailbox Rights Now lets focus on the subproperty pages on the Exchange Advanced properties page that you view by clicking the button bearing their names. Custom Attributes You use the Custom Attributes property page, shown in Figure 11.22, to fill in custom information for a mailbox. For example, you can use one of the custom fields to hold the Employee ID for the user of the mailbox. You would, of course, use the same custom field for the same item for each users mailbox. You can rename the attributes, but it requires digging deeply into Active Directory. I talk a little Creating and Managing Mailbox−Enabled Users 282 about how you go about digging in Chapter 16. Figure 11.22: Setting custom attributes for a mailbox ILS Settings Microsofts Internet Locator Service (ILS) is designed to make it easier for users to find each other so that they can hold electronic discussions or conferences. You enter information about the mailbox users ILS server and account on the dialog box that pops up when you click ILS Settings. ILS runs as a Windows 2003 service. Mailbox Rights You use the Mailbox Rights property page to establish or change permissions for the mailbox. Figure 11.23 shows the default mailbox access permissions granted to the user for whom the mailbox is created. SELF is an Active Directorywide groupthat is, it is not limited to any specific domain in Active Directory. SELF has a range of rights, including Exchange−specific rights. When a user is created, that user is added to the group. Members of the group SELF get the default mailbox permissions shown in Figure 11.23 by virtue of belonging to the group. These permissions apply only to the users mailbox, not to all mailboxes. Creating and Managing Mailbox−Enabled Users 283 [...]... have Exchange 5. 5 servers in your Exchange organization, dont click Change Mode on the organization Properties dialog box shown in Figure 12.2 Native Exchange mode is a nice place to be, but not until all your Exchange servers are running Exchange Server 2003 or at least Exchange 2003 and Exchange 2000 Warning Setting an Exchange organization to native mode is not the same as setting a Windows 2003. .. are totally unrelated As I mentioned in Chapter 6, Upgrading to Windows Server 2003 and Exchange Server 2003, you set a domain to native mode when you no longer need to support NT 4 servers, when all your servers are running Windows Server 2003 You set an organization to native mode when you no longer need to support Exchange 5. 5 servers Your System Manager should now look like the one in Figure 12.3... back to earlier discussions for specifics The Exchange Server Hierarchy Youll remember from Chapter 4, Exchange Server 2003 Architecture, that the Exchange Server 2003 hierarchy includes the following components: • The organization • Administrative groups • Servers • Recipients In the last chapter, we talked a good deal about three kinds of recipients: Exchange users, distribution groups, and contacts... on the Exchange Advanced/Mailbox Rights property page Exchange 2003 was designed to better protect user mailboxes from the prying eyes of rogue Exchange administrators than Exchange 5. 5 did As I noted back in the section Mailbox Rights, Exchange administrators (for example, members of the Exchange Admins group that we created back in Chapter 8) arent given access to user messages And, although Exchange. .. Distribution Group Members from Exchange Address Lists The Exchange 5. 5 Advanced property page included an option for hiding the members of a group from the Exchange address book This is a nice feature if you want users to see a distribution group in Exchange 2003 address lists but dont want them to see the membership of the group So, how do you do it in Exchange 2003? Run the Exchange Task Wizard (right−click... snap−in to manage Exchange users, distribution groups, and contacts Now I want to show you how to use the Exchange 2003 System Manager to administer the Exchange Server hierarchy and core components As in the last chapter, I focus mainly on the basics here, saving advanced administration and management for later chapters Featured in this chapter: • The Exchange Server 2003 hierarchy • Exchange core components... in one place or another as they move through your Exchange and Windows 2003 system I think that Exchange managers are more attuned than Windows 2003 administrators to users and to both how they perceive this information and how they might use it Additionally, Exchange administrators managed this information in Exchange 5. 5 Therefore, I believe that Exchange managers should administer this information... box Thats because Ive set myself as her manager on her Organization property page This is a big improvement over Exchange 5. 5s Organization property page With 5. 5, you had to jump through too many hoops to produce essentially the same information that you see here Of course, neither 5. 5 nor 2003 works if you have one of those dysfunctional organizations where people are expected to serve multiple masters... continue our exploration of basic Exchange Server management Well focus on the management of Exchange Servers hierarchy and core components This includes the last of the Exchange recipients, public folders, and all the other aspects of the hierarchy, including the organization, administrative groups, servers, and information stores 307 Chapter 12: Managing the Exchange Server Hierarchy and Core Components... Windows 2003 organizational units, and Exchange recipients Each selection on the drop−down list has its own set of property pages The Find Exchange Recipients option is shown in Figure 11.47 It has three Exchange oriented property pages The Storage property page lets you further qualify your search by looking for recipients on a particular Exchange server and in a particular mailbox store on the server . over Exchange 5. 5s Organization property page. With 5. 5, you had to jump through too many hoops to produce essentially the same information that you see here. Of course, neither 5. 5 nor 2003 works. Exchange server. Well look at this page again in Chapter 14, Managing Exchange 2003 Services for Internet Clients and Chapter 19, Wireless Access to Exchange Server 2003. Figure 11.17: Using the Exchange. on the Exchange Advanced/Mailbox Rights property page. Exchange 2003 was designed to better protect user mailboxes from the prying eyes of rogue Exchange administrators than Exchange 5. 5 did.