Public folders are no longer mail-enabled via the graphical interface of the Exchange Management Console in Exchange 2007. This task, as well as many others, are carried out using the Exchange Management Shell command-line interface (CLI). I had to perform this task last week and had to look up the steps beforehand. I am adding them here for future reference but hope this post is of value to others as well.

The first step is to verify that the public folder that you want to mail-enable has not already been enabled. This is accomplished with the Get-MailPublicFolder cmdlet. The syntax is as follows:

Get-MailPublicFolder -Identity “YourPublicFolderName”

Next you need to disable the Email Address Policy for the public folder (the same as unchecking the Automatically update email addresses based on email address policy in the Exchange Management Console). This task is accomplished using the Set-MailPublicFolder cmdlet as follows:

Set-MailPublicFolder -Identity “YourPublicFolderName” -EmailAddressPolicyEnabled:$FALSE

Once you have confirmed that the public folder is not already mail-enabled and have excluded the folder from the Email Address Policy, you mail-enable the folder with the Enable-MailPublicFolder cmdlet:

Enable-MailPublicFolder -Identity “\YourPublicFolderName”

Now you are ready to assign the email address(es) to the public folder.  Again, we use the Set-MailPublicFolder cmdlet:

Set-MailPublicFolder -Identity “YourPublicFolderName” -EmailAddresses address1@contoso.com,address2@contoso.com,address3@contoso.com

The first address listed in the above cmdlet is automatically designated as the Primary SMTP address for the folder. If needed, you can change the primary address as follows:

Set-MailPublicFolder -Identity “YourPublicFolderName” -PrimarySmtpAddress PrimaryAddress@contoso.com

If you want to grant Send As permissions in Exchange 2010, you can use the Manage Send As Permission Wizard. In the Exchange Management Console, right-click the desired mailbox and then select Manage Send As Permission from the pop-up menu. In the Manage Send As Permission Wizard, click Add, and then use the Select Recipient dialog box to choose the user or users who should have this permission. To revoke this permission, select an existing user name in the Security Principal list box and then click Remove. Click Manage to set the desired Send As permissions.

An option to the Manage Send As Permission Wizard is the Exchange Management Shell. In the Exchange Management Shell, you can use the Add-ADPermission and Remove-ADPermission cmdlets to manage Send As permissions. The syntax of the Add-ADPermission cmdlet is as follows:

Add-ADPermission -Identity UserBeingGrantedPermission -User UserWhoseMailboxIsBeingConfigured -ExtendedRights ‘Send-As’

The following example of the Add-ADPermission cmdlet grants my user account Send As permissions to John Public’s mailbox:

Add-ADPermission -Identity ‘CN=Jim Doyle,OU=Engineering,DC=contoso,DC=com’ -User ‘CONTOSO\jpublic’ -ExtendedRights ‘Send-As’

The permissions granted above are removed using the Remove-ADPermission cmdlet.  The syntax of this cmdlet is listed below:

Remove-ADPermission -Identity UserBeingRevokedPermission -User UserWhoseMailboxIsBeingConfigured -ExtendedRights ‘Send-As’
-InheritanceType ‘All’ -ChildObjectTypes $null -InheritedObjectType $null -Properties $null

The following example of the Remove-ADPermission cmdlet revokes the permission assigned above with the Add-ADPermission cmdlet:

Remove-ADPermission -Identity ‘CN=Jim Doyle,OU=Engineering, DC=contoso,DC=com’ -User ‘CONTOSO\jpublic’ -ExtendedRights ‘Send-As’
-InheritanceType ‘All’ -ChildObjectTypes $null -InheritedObjectTypes $null -Properties $null

In my previous post, I concluded by saying that my next post would cover Send As permissions in Exchange 2010; however, I am going to slip this one in first.

Recently we discovered that we were not collecting disk performance data from one of the remote servers we manage with Operations Manager 2007.  Disk performance counters are enabled by default on all Windows operation systems after Windows 2000.  As this particular server is running Windows Server 2003 Small Business Server, I initially assumed that the counters were enabled.  I attempted to rebuild the performance counters from an elevated command prompt by running lodctr /R from the C:\WINDOWS\System32 directory.  Still no disk performance counters in Operations Manager 2007.

After a bit of research using my new best friend Bing, I was led to check the following registry key on the remote server:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PerfDisk\Performance

If present, locate the Disable Performance Counters value in the details pane.  If the data value is 0, the counters are enabled and if the value is 1, the counters are disabled.  In our instance, this value was set to 1 as shown below.

After changing the value, a reboot of the server was necessary for the operating system to reload the registry and pick up the change.  Our Network Operations Center (NOC) rebooted the server during the overnight maintenance period.  The following morning I check the Operations Manager 2007 Console and still had no disk performance counters.  I logged back onto the remote server and attempted to rebuild the performance counters from an elevated command prompt as outlined above.  Back in the Operations Manager Console, there were now ten performance counters available for each logical disk.

The moral of this story – first check the registry for the existence and setting of the key listed above, reboot the server, and then rebuild the performance counters.  Hopefully, this information will save someone else some troubleshooting and research time.

An Exchange administrator occasionally must grant a user access to another user’s mailbox. In Exchange 2010, there are a couple of ways to accomplish this task. For those who prefer a graphical experience, the access permissions can be granted with the Manage Full Access Permission Wizard.

An alternative method is by running the Add-MailboxPermission cmdlet in the Exchange Management Shell, the command line interface for administering an Exchange 2010 server. The syntax of the cmdlet is as follows:

Add-MailboxPermission -Identity UserBeingGrantedPermission -User UserWhoseMailboxIsBeingConfigured -AccessRights ‘FullAccess’

The following example of the Add-MailboxPermission cmdlet grants my user account full access to John Public’s mailbox:

Add-MailboxPermission -Identity ‘CN=Jim Doyle,OU=Engineering,DC=contoso,DC=com’ -User ‘CONTOSO\jpublic’ -AccessRights ‘FullAccess’

In order to revoke the full access permissons assigned above, an Exchange administrator would run the Remove-MailboxPermission cmdlet in the Exchange Management Shell:

Remove-MailboxPermission -Identity ‘UserBeingGrantedPermission’ -User ‘UserWhoseMailboxIsBeingConfigured’ -AccessRights ‘FullAccess’ -InheritanceType ‘All’

The following example of the Remove-MailboxPermission cmdlet revokes my user account’s full access permissions to John Public’s mailbox:

Remove-MailboxPermission -Identity ‘CN=Jim Doyle, OU=Engineering,DC=contoso,DC=com’ -User ‘CONTOSO\jpublic’ -AccessRights ‘FullAccess’ -InheritanceType ‘All’

In my next post, I will show how to grant a user Send As permissions using the Exchange 2010 and the Exchange Management Shell.