In Exchange 2000/2003 Server, can anyone create new Public Folders? How can I limit the creation of top-level Exchange Public Folders?
The highest Public Folder in a hierarchy is called a Top-Level Public Folder. By default, all users in the Exchange Organization can create Top-Level Public Folders; however, you can change the default with the Active Directory Service Interfaces (ADSI) Edit tool, which is part of the Windows 2000/2003 Support Tools (in the support\tools folder on the CD-ROM):
- Start the ADSI Edit utility (Start, Programs, Windows 2000 Support Tools, Tools, ADSI Edit).
- Double-click Configuration Container.
- Expand CN=Configuration, CN=Services, CN=Microsoft Exchange. Right-click your organizational name‘s container, and select Properties.
- Select the Security tab.
- Click Advanced.
- On the Permissions tab, find the entry with a name of Everyone and a permission of “Create top level public folder.”
- Select the Deny check box.
- Click OK to exit all the dialog boxes.
- Close the ADSI Edit utility.
Note: Beware, this will also prevent you from adding top-level PFs, so if you don‘t want to stop yourself from doing so, you can use specific groups of users instead of the Everyone system group.