Month: November 2011

Exchange 2010 – Part 13 – Address Lists and the Offline Address Book (OAB)

Address Lists and the Offline Address Book in Exchange 2010

In this post, we will review different address list types, including:

  • Global Address List
  • Custom Address Lists
  • Offline Address Lists
– We will try creating new address lists based on Organizational Units
– We will review the Offline Address Book (OAB) settings
– We will create new Offline Address Books and assign them
In review, let’s discuss and describe Address Lists and the OAB:
  • An address list allows persons to browse different recipients in your Exchange organization so that you can contact other persons easily. It’s difficult (for most people, not me) to remember email addresses for 100’s of associates.
  • In Exchange 2010 there are three different types of address lists
  •      – Global Address List (GAL): A collection of all mailbox-enabled users, mail-enabled users, mail-enabled contacts, dynamic distribution groups, mail-enabled groups, mail-enabled public folders, and system mailboxes. By default you have one Global Address List, but Exchange may handle multiple companies or organizations, with different GALs. If you have an organization with the need for multiple GALs, you will need to produce them using the Exchange Management Shell.
  •      – Custom Address Lists: Although typically there are breakdowns of the GAL into lists like All Contacts, All Groups, All Rooms, All Users and Public Folders (if you use these) you can create customized lists. You’re going to find that the custom lists are pretty flexible. Be sure you do not over-do the custom lists, but keep them in logical groups. You want to keep these as simple as possible.
  •      – Offline Address Book: Although a separate aspect of the Organization structure, this is connected with address lists. For users that are on the road a lot and are offline, they will still want to be able to find email addresses.
Now we can jump into a scenario:
– Create 3 new address lists (New York, Chicago, and Dallas). Note: These will be based off of Organizational Units.
– Create and configure a new Offline Address Book and apply it to the mailbox database.
– Create a special “Dallas” OAB and assign it only to those persons in the Dallas OU.
On your mailbox server, open Active Directory Users and Computers and ensure that the corresponding Organizational Units are available and ready.
For example, if a user is logged in, they will see all the users in the Global Address List. If the user goes offline (disable the Network Interface), and goes to the different address lists, they will be able to still view the Global Address List as it is set to be an Offline Address Book by default. However, the other Address Lists will be unavailable.
Go to the Exchange Management Console -> MS Exchange -> MS Exchange on-Premises -> Organization Configuration ->Mailbox ->Address Lists tab. Click on New Address List (wizard).
Place the new list in the top-level container (All Address Lists). Under Filter Settings, you will select the recipient container where you want to apply the filter (Organizational Unit). In our case we can select New York -> OK.
 ScreenShot042
Under Recipient Types, we can narrow down to specific types such as:
– Users with Exchange Mailboxes
– Users with external email addresses
– Resource mailboxes (Room or Equipment mailboxes)
– Contacts with external email addresses
– Mail-enabled groups
In our case we will use All recipient types.
At this point we can choose Conditions:ScreenShot0411
It depends on how involved you want to get in building an Address list and you can even apply Custom Attributes. Once you’ve selected the attributes you desire, go ahead and click the preview button at the bottom of the screen to get an idea of how the Address List will look.
Next you can schedule when the address list should be applied (perhaps in the evening/after hours.)
Now we’ve created our 3 Address Lists.
In the EMC, under Recipient Configuration, select one of your users and under the General Tab, you can see the Custom Attributes… button, where you can setup address lists that relate back to these custom Attributes. Under the General tab you can also hide a user from Exchange Address Lists.
However although we’ve created 3 new Address Lists, when a user is offline, they still will only see the Global Address List. First, lets look at the properties of our Default Offline Address Book.
In the EMC -> Org Config -> Mailbox ->Offline Address Book tab.
The default Generation Server will be a Mailbox Server. The distribution Mechanism is Web-Based. If you look at the properties of the Default Offline Address Book, under the General Tab, you can find Updates are scheduled to run at 5:00am. Under the Address Lists tab, you can add include other lists… Add -> so if you want an individual see lists exactly as they see it at work, but we will create a separate OAB. Now under the Distribution Tab, with modern Outlook clients, Exchange will use Web-based distribution from a virtual directory. The virtual directory may or may not reside on your Mailbox server. The Mailbox server provides the OAB, however, the OAB will be distributed by a Virtual Directory.
ScreenShot0431
Now we want to create a new Offline Address Book and apply it to our Mailbox database where all of our users reside.
Mailbox -> New Offline Address Book.
Name it something like New Default OAB. For the Address book generation server choose your Mailbox server. We will include the default Global Address List, and Include the following address lists:
We will select the three address lists New York, Dallas, and Chicago:ScreenShot044
After hitting Next, we will be prompted for Distribution Points.
We will Enable Web-Based distribution here and choose our default virtual directory (client-access server). If we had older Outlook clients we would Enable public Folder Distribution. We do have the option of choosing both Web-based and public folder distribution, however which is nice.
Now we have a new Offline Address Book. In Database Management, we will see our Mailbox Databases. We can organize our Offline Address Books to different Mailbox Databases. With a particular mailbox selected, in the action pane, you can set the default OAB as well.
If you want to apply an Offline Address book only to a limited amount of special recipients, first create the SpecialOAB, then open up the Exchange Management Shell. First we need to get the users who have the Organizational Unit Dallas, and pipe it out to set the OAB. Your code will look something like the following:
[PS] C:Windowssystem32>Get-User -OrganizationalUnit Dallas | set-Mailbox -OfflineAddressBook “SpecialOAB”
In review:
  • We looked at different address list types
  •      – Global Address List
  •      – Custom Address Lists
  •      – Offline Address Lists
  • We created several new address lists based on Organizational Units but also showed how to determine other conditions to filter which users are in an address list
  • We reviewed the settings for the Offline Address Book (OAB) and especially discussed the generation and distribution methods
  •      – Generation is done on the Mailbox server
  •      – Distribution is done through Public Folders or Web-based
  • We created new Offline Address Books and assigned one to the mailbox database and used the EMS to assign the other to individuals.
Lastly, in one of my previous posts http://www.jasoncoltrin.com/?p=77 , I explained how changes to these Offline Address Books in certain instances can take up to 56 hours to propagate down to the client. If you have changes you want to make available to clients who are going offline, there are some manual steps you need to take to ensure they get the latest Offline Address Book right away.
A good majority of the content provided in my Blog’s Exchange series is derived from J. Peter Bruzzese’ excellent Train Signals Exchange Server 2010 Video Disk Series, as well as my own Exchange 2010 lab. Trainsignal.com is an invaluable source for accurate, easy to understand, IT information and training. http://www.trainsignal.com

Exchange 2010 – Working with Public Folders – Part 12

In this post, we will look at Public Folders in Exchange 2010. More specifically:

  • We will review the purpose and use of Public Folders within your organization (and discuss the fact that they may no longer be used in some future version of Exchange).
  • We will go through the creation of a Public Folder database in the Exchange Management Console and see the properties that we can configure.
  • We will work with the Public Folder Management Console and the Outlook client to create and manage Public Folders.
  • We will review permission settings and delegating permissions for folders and sub-level folders.
In review, the purpose of Public Folders:
  • Public Folders are Nostalgic (out of date) – Public Folders were introduced with the first version of Exchange and have been used for many years as a means of collaborating with persons in your organization through a shared folder structure.
  • Users will see the Public Folder structure in their Outlook client and can view items that have been either posted or emailed to the folder (if it is mail-enabled) and they may have the ability to add content, create sub-folders and so-forth if they have permissions to do so.
  • Are Public Folders required in Exchange 2010?
  •      If you have Outlook 2007 and/or 2010 clients only, than the answer is no (it is completely optional if you want to).
  •      If you have Outlook 2003 clients, then the answer is yes. They use the Public Folder structure for Offline Address book distribution, free/busy lookups, organization form library, and security settings.
The Offline Address Book distribution in Exchange 2010 is now done with the BITS HTTP connection to the Exchange Client Access server. The Free/Busy look-ups are now done through the Availability Web Service. Security settings are done through Group Policy. Organizational Forms have been pushed aside in favor of InfoPath forms.
Starting with Exchange 2010, Public Folders are De-emphasized
  • Public Folders have become the dumping grounds for anything and everything your people want to share with each other. Public folders tend to sprawl out of control.
  • Public Folders are so late-1990’s. They aren’t designed for two very important 2010+ aspects of corporate life: Archiving data, and Document Sharing and Collaboration (check-in/check-out, versioning). Associates tend to try to hide their personal mail archives in Public Folders so that they are backed up.
  • As a result, the Microsoft Exchange Team has been making threats to pull Public Folder support from a future version of Exchange.
  • The idea is to encourage organizations toward SharePoint (although you are welcome to research and use some other collaboration solution).
  • While SharePoint has great features, any collaboration software has the potential to become the NEW dumping grounds for your organization.
How do I create the Public Folder database in Exchange 2010?
  • During the installation of the first Exchange 2010 Mailbox Server in your organization you see the question: “Do you have any client computers running Outlook 2003 and earlier or Entourage in your Organization?” If you answer “Yes” then the Public Folder database is automatically created.
  • You can also manually create a Public Folder database on any Mailbox Server in your organization and then determine if you want to replicate folders to that server.
How do I establish or create a High Availability structure for my Public Folders?
  • In Exchange 2010 there are no HA solutions you can use by default. The only way to ensure content is available is to create a new database and replicate content to that server.
Options for configuring Public Folder databases:
  • Maintenance Schedule
  • Replication Interval – specific to DB
  • Storage Limits
  • Deletion Settings
  • Age Limits
  • Public Folder Referral
Options for configuring individual Public Folders:
  • Replication (Both server choice and replication schedule)
  • Limits (Storage, Deleted Item, Age)
Path to managing the Public Folder in the Exchange Management Console (EMC):
MS Exchange -> MS Exchange On Premises -> Organization Configuration -> Mailbox -> Database Management Tab -> Right-click on Public Folder DB file and choose Properties.
Maintenance Schedules run from 1-5am by default. (ESE scanning check sum is an option as well. For smaller databases, you can get away with un-checking this option).
Circular Logging, again, is not having transaction logs building up. This is a space saver but not good when trying to recover from an emergency.
Replication Tab – replication of messages between PF databases.
Limits Tab – storage limits on the database. There is by default a maximum size of message of 10MB for each item placed in a Public Folder by default.
Public Folder Referral – Use Active Directory site costs. Essentially PFR comes into play with large organizations with multiple PF DBs, multiple Mail Box servers hosting PF DB’s. Certain PF’s may not be hosted at that same location. Site costs can be used to determine or manage PF locations.

You can configure  certain items on individual public folders like replication. Replication at the database level can be scheduled, or you can establish on the individual folder themselves.

Go to the Public Folder Console by going to the EMC -> Toolbox -> Public Folder Management Console:

Default Public Folders – include existing public folders created by an administrator. Try to maintain and organize Public Folders with a structure to maintain focus. One possibility is organizing by location. To add new folders, select New Public Folder… in the Action Pane. You can create sub-folders inside each Public Folder. You can delegate permissions on Public Folders to allow users the ability to create new sub-folders. Right-Click on a Public Folder, choose Properties. Under the Replication tab, you can add servers to replicate the content to and if you want High Availablity, you will select a different MailBox server and replicate the folder. You might replicate content to put them closer to actual user’s locations. You can use the default public folder replication schedule, or create your own. For limits, you can use the default quotas, or establish your own.

System Public Folders – we will cover these later.

 

Key Focus Points of Public Folders:

What are some of the key concepts of Public Folders?

  • Public Folder Trees
  •      Default Public Folders (IPM_Subtree – folders that users are typically aware of)
  •      System Public Folders (System PF structure known as the Non_IPM_Subtree – used by outlook for free/busy data, eforms registry and events root, for outlook clients that do not support 2010 or 2007 features (Availability service etc.) Legacy clients don’t know where to look for this, but can get their legacy data from these structures)
  • Replication
  •      Hierarchy – Properties of the folders, and organizational information, name of public folder, which server holds the replicas, and permissions are replicated with the heirarchy
  •      Content (Requires configured replication) – you decide which mailbox servers have copies of the content.
  • Referrals
  •      If a client looks for somethign in the Public Folder heirarchy, if they click on the folder, do they get it from their local Mailbox server? If it can’t find the data from their Mailbox, it will look for a replica in the same site. If it can’t find it there, it will look for the lowest cost site.
  • What are Mail-enabled Public Folders?
  •      They provide a bit more functionality to PFs
  •      Users can post to a PF through email.
Permissions: The Reality vs. The Potential
  • Exchange Administrators should consider delegating folder creation and management to others.
  • The easiest way to delegate is to assign persons to the Public Folder Management Group and let them worry about creating and managing Public Folders through Outlook
  • If you wanted to see the permissions or set the permissions on Public Folders, you cannot use the EMC/Public Folder Management Console. You must use the Exchange Management Shell.
  •      – Cmdlet used to add administrative permissions:  Add-PublicFolderAdministrativePermission
  •      – Cmdlet used to add client permissions: Add-PublicFolderClientPermission

In an Outlook 2010 client, if a user does not have permissions to create a sub-folder in a Public Folder, check the properties of the folder first -> Summary Tab.

To add a user to a Public Folder Management Group so that they can make changes/add folders to a Public Folder, you’ll need to open the Exchange Management Shell:

Edit – you can change permissions now through the Public Folders Management Console if Exchange 2010 SP1 is installed

[PS] c:windowssystem32>Add-RoleGroupMember -Identity “Public Folder Management” -Member User.Name 

After hitting Enter, nothing appears to happen, but when logged in as the user, and visiting the properties of a Public Folder in Outlook, you will see the additional properties/permissions available. And from here you can give additional permissions to other users.

If a Public Folder is mail-enabled, in the Global Address List, you can change the address book to Public Folders, which will list all available Mail-Enabled Public Folders.

Permissions: Rights vs. Roles

  • When using Outlook to assign permissions to a Public Folder you assign Roles (like Editor, Author and so forth).
  • Those Roles have underlying Rights assigned to them. For example, a Reviewer (role) has the rights ReadItems and FolderVisible.
  • There are 10 different Rights that mix and match for each role:
  1. ReadItems
  2. CreateItems
  3. EditOwnedItems
  4. DeleteOwnedItems
  5. EditAllItems
  6. DeleteAllItems
  7. CreateSubFolders
  8. FolderOwner
  9. FolderContact
  10. FolderVisible
Each of these is a different set of permissions that combine to create a different role. A “none” role doesn’t allow any permissions and the user will not be able to even view items.
If you are the type that doesn’t want to delegate to users rights and roles, and want to adjust them on the EMShell, you can use the following commands:
[PS] c:windowssystem32>Get-PublicFolderClientPermission -identity “PublicFolderName”
Let’s say we want to give Jason.Coltrin a role:
[PS] c:windowssystem32>Add-PublicFolderClientPermission -identity “PublicFolderName” -user “jason.coltrin” -accessrights Editor
It can be more simple to use the Outlook client GUI, but using the above commands, you can make the changes in the Exchange Management Shell.

With Exchange SP1, you can change permissions (rights and roles) for public folders using the Public Folder Management Console -> Right-click on Default Public Folders -> Choose Properties -> Permissions Tab. 

 

 

 

 

A good majority of the content provided in my Blog’s Exchange series is derived from J. Peter Bruzzese’ excellent Train Signals Exchange Server 2010 Video Disk Series, as well as my own Exchange 2010 lab. Trainsignal.com is an invaluable source for accurate, easy to understand, IT information and training. http://www.trainsignal.com