Exchange 2013 Preview - Public Folders (Part 2)

In the first part of the article, we explored the new features of Public Folders in Exchange 2013 Preview, their improvements and how to work with them. In this second and final part, we will see how to mail-enable Public Folders and how to configure permissions and quotas. We will finalize with an overview of the steps involved in migrating Public Folders from Exchange 2010.

Mail-Enabling a Public Folder

To mail-enable a Public Folder [PF] you can, as expected, use both the Exchange Administration Center [EAC] and Exchange Management Shell [EMS]. Remember that we no longer have the Public Folder Management Console.

To use the EAC, login to it, navigate to Public Folders on the left side menu and select the Public Folders option. Then, select the PF you want to mail-enable and on the right hand side where it says Mail Settings – Disabled, click Enable:

Figure 2.1: Mail-enabling a Public Folder through the EAC

In the warning box asking if you really want to mail-enable the PF, click yes:

Figure 2.2: Mail-enabling a Public Folder through the EAC

The e-mail address assigned to the PF will be the display name without any spaces. In this case, it will be Exchange2013Project@letsexchange.com

If you now go back to the EAC and open the properties of the PF, you see many more tabs related to e-mail.

General Mail Properties – in here you can configure the PF Alias, Display Name, if it is hidden from the Address List and its Active Directory Custom Attributes:

Figure 2.3: Mail-Enabled Public Folder General Mail Properties

E-mail Addresses allows you to change the default e-mail address and/or add new e-mail addresses of the type SMTP, EUM, EX, X.500, X.400, MSMail, CcMail, Lotus Notes or NovellGroupWise:

Figure 2.4: Mail-Enabled Public Folder E-mail Addresses

Member Of – in here you configure the distribution groups that this PF belongs to:

Figure 2.5: Mail-Enabled Public Folder Member Of

Delivery Options allows you to configure Send-As and Send-on-Behalf permissions:

Figure 2.6: Mail-Enabled Public Folder Delivery Options

Mail Flow Settings allows you to set sending and receiving message size restrictions and who is allowed or blocked from e-mailing the PF:

Figure 2.7: Mail-Enabled Public Folder Mail Flow Settings

To mail-enable a PF through the EMS, we use the Enable-MailPublicFolder cmdlet:

Figure 2.8: Mail-enabling a Public Folder through the EMS

Public Folder Access Permissions

Because of the new design of Public Folders, unlike with previous versions of Exchange there are no longer Administrative permissions, only Client permissions also known as access rights.

In comparison to Exchange 2010, the access rights users can have over PFs are identical:

• ReadItems: The user has the right to read items within the specified public folder;
• CreateItems: The user has the right to create items within the specified public folder;
• EditOwnedItems: The user has the right to edit the items that the user owns in the specified public folder;
• DeleteOwnedItems: The user has the right to delete items that the user owns in the specified public folder;
• EditAllItems: The user has the right to edit all items in the specified public folder;
• DeleteAllItems: The user has the right to delete all items in the specified public folder;
• CreateSubfolders: The user has the right to create subfolders in the specified public folder;
• FolderOwner: The user is the owner of the specified public folder. The user has the right to view and move the public folder and create subfolders. The user can't read items, edit items, delete items, or create items;
• FolderContact: The user is the contact for the specified public folder;
• FolderVisible: The user can view the specified public folder, but can't read or edit items within the specified public folder.

In addition to these access rights, administrators can also assign permissions through roles, which include multiple access rights and makes the process easier:

• None: FolderVisible;
• Owner: CreateItems, ReadItems, CreateSubfolders, FolderOwner, FolderContact, FolderVisible, EditOwnedItems, EditAllItems, DeleteOwnedItems, DeleteAllItems;
• PublishingEditor: CreateItems, ReadItems, CreateSubfolders, FolderVisible, EditOwnedItems, EditAllItems, DeleteOwnedItems, DeleteAllItems;
• Editor: CreateItems, ReadItems, FolderVisible, EditOwnedItems, EditAllItems, DeleteOwnedItems, DeleteAllItems;
• PublishingAuthor: CreateItems, ReadItems, CreateSubfolders, FolderVisible, EditOwnedItems, DeleteOwnedItems;
• Author: CreateItems, ReadItems, FolderVisible, EditOwnedItems, DeleteOwnedItems;
• NonEditingAuthor: CreateItems, ReadItems, FolderVisible;
• Reviewer: ReadItems, FolderVisible;
• Contributor: CreateItems, FolderVisible.

When you create a PF, it will automatically inherit its parent’s access rights. By default, these are Author for authenticated users and None for anonymous users, but depends if you changed the parent’s access rights or not:

Figure 2.9: Public Folder Default Permissions

To change or add new permissions, we have to use the EMS and the Add-PublicFolderClientPermission cmdlet:

Figure 2.10: Configuring Public Folder Permissions through the EMS

With the settings above, the user Nuno will:

1. have full control (including setting permissions for other users in Outlook) over the Office 365 Project PF as he now owns it;
2. no longer have access to the New Documents PF (he will not even be able to see it).

Figure 2.11: Public Folder Permissions in Outlook

Similar to what happens in many organizations at the moment, I am guessing most administrators will give their Exchange Admins security group Owner permissions to all PFs so they can easily manage their permissions through Outlook. However, it is always a good idea to create a new security group and give it a descriptive name such as Public Folder Admins so that users know what its purpose is and don’t simply remove it from the Permissions list.

Send-As and Send-on-Behalf Permissions

As with previous version of Exchange, users can send e-mails from a Public Folder. As we saw in the beginning of this article, once you mail-enable a PF, you will see more options available when editing a PF in the EAC.

To change these permissions through the EAC, go to Public Folders on the left side menu and then click in Public Folders. Select the PF to which you want to assign Send permissions to, click on the pencil (edit) icon and then click on Delivery Options:

Figure 2.12: Setting Send-As Permissions through the EAC

Once you assign the permissions, users can use Outlook to send e-mails as if they were sent from the PF or on behalf of it:

Figure 2.13: Sending e-mail from a Public Folder

Figure 2.14: E-mail received from a Public Folder

Setting Public Folder Quotas

As before, Public Folders in Exchange 2013 have a Warning and a ProhibitPost quota. By default, PFs use the Quotas set at the Organization Level:

Figure 2.15: Public Folder Quotas

Let’s start by setting Quota limits at the organization level and then individual quotas. By running the Get-OrganizationConfig cmdlet, we see that we can set the Warning and ProhibitPost quotas we saw above. However, with this Preview edition only the ProhibitPost Quota seems to work in the EMS (tab completion also doesn’t show the IssueWarning parameter):

Figure 2.16: Setting Global Public Folder Quotas through the EMS

So let’s set individual limits instead using the EAC and check them in the EMS:

Figure 2.17: Setting Public Folder Quotas through the EAC

Figure 2.18: Checking Public Folder Quotas through the EMS

Once the quota of this particular PF goes over the limits, it will either receive a warning message or prevent users from e-mailing the PF.

Because PFs are now stored in mailboxes, we can also assign quotas at the mailbox level:

Figure 2.19: Public Folder Mailbox Quotas

We can use the EAC to change these quotas as you can see in the picture above, or we can use the EMS:

Figure 2.20: Setting Public Folder Mailbox Quotas through the EMS

Once the size of the PF mailbox is bigger than the ProhibitSendReceiveQuota quota for example, users will get a similar message to the one below if they try to drag-and-drop and item to the PF:

Figure 2.21: Public Folder Mailbox Over Quota

Or a message similar to the one below if they send an e-mail to the PF:

Figure 2.22: Public Folder Mailbox Over Quota

Migrating Public Folders from Exchange 2010

Since PFs are now very different from what they used to be, how can they be migrated? Unfortunately, this will only be possible from Exchange 2010 SP3 onwards as this Service Pack will include new cmdlets for PF migration... For this reason, I will not be able to show the process just now, but will leave you with the high level steps involved:

• From Exchange 2010 SP3, you run the Export-PublicFolderStatistics.ps1 and PublicFolderToMailboxMapGenerator.ps1 scripts to generate a CSV file with the PF hierarchy from 2010 and to configure how your current PFs will map into PF mailboxes in 2013;
• You create the Master Hierarchy PF Mailbox and any other PF mailboxes as needed or wanted;
• You import the CSV data into the Master Hierarchy PF Mailbox (so you have the hierarchy);
• You create a new PF migration request using the New-PublicFolderMigrationRequest cmdlet;
• From Exchange 2010, you lock down access to all PFs logging off users so that the migration completes its final synchronization. During this process users will not be able to access PFs;
• You finalize the public folder migration by completing and resuming the migration request.

Conclusion

In this second and final part of the article, we saw how to mail-enable Public Folders in Exchange 2013 Preview and to configure permissions and quotas. We finalized with an overview of the steps involving in migrating Public Folders from Exchange 2010.