Limit Creation of Top-Level Exchange Public Folders

Posted on January 8, 2009 by Daniel Petri in Exchange Server with 0 Comments

In Exchange 2000/2003 Server, can anyone create new Public Folders? How can I limit the creation of top-level Exchange Public Folders?

The highest Public Folder in a hierarchy is called a Top-Level Public Folder. By default, all users in the Exchange Organization can create Top-Level Public Folders; however, you can change the default with the Active Directory Service Interfaces (ADSI) Edit tool, which is part of the Windows 2000/2003 Support Tools (in the support\tools folder on the CD-ROM):

  1. Start the ADSI Edit utility (Start, Programs, Windows 2000 Support Tools, Tools, ADSI Edit).
  2. Double-click Configuration Container.
  3. Expand CN=Configuration, CN=Services, CN=Microsoft Exchange. Right-click your organizational names container, and select Properties.

  1. Select the Security tab.
  2. Click Advanced.

  1. On the Permissions tab, find the entry with a name of Everyone and a permission of “Create top level public folder.”
  2. Select the Deny check box.

  1. Click OK to exit all the dialog boxes.
  2. Close the ADSI Edit utility.

Note: Beware, this will also prevent you from adding top-level PFs, so if you dont want to stop yourself from doing so, you can use specific groups of users instead of the Everyone system group.