If you don’t perform any clean-up of orphaned permissions or fix other issues with your Public Folder structure beforehand, then you will experience synchronization errors when you perform the migration itself. There is no equivalent in Exchange 2007.When you perform a Public Folder migration from Exchange Server 2010 and newer to Office 365, a key step outlined in the Exchange Team Blog post Making your public folder migrations faster and more reliable is to ensure that you’ve performed clean-up prior to the migration. Exchange 2003 SP2 is the best tool for this as you can add someone or a group and propagate down without overwriting the existing permissions. If you need to add someone or a group later on, then use the tools in ESM to propagate the settings. Once you are happy with the permissions, then create the new folders. Therefore if you are going to be creating a significant hierarchy of public folders, create the parent folder first and set the permissions that you want to propagate down to the new folders. Public Folder permissions only propagate automatically when the sub folder is first created. If your number of public folders is quite small, then it no trouble for the administrator to have to make some changes to the public folders which the users cannot. Modify the permissions so that the user has just the rights that they need, without giving them too many. It may also lead to someone deleting a folder in error, particularly if they are a non-technical user. This can give them more permissions than they need. In many cases users don't need owner rights. It also helps if you need to delegate access to someone without giving them access to their entire Exchange system.
![edit exchange public folder permissions edit exchange public folder permissions](https://msftwebcast.com/wp-content/uploads/2020/04/6.-select-the-public-folder-and-click-on-edit-icon-1024x576.png)
Should someone in IT then leave, they can be removed from the group without having to worry about permissions on the individual folders. Particularly when you are setting the owner right to someone in the IT team.įor Owner type permissions, create a group called "Email Admins" and then grant this group owner of all of your public folders.
![edit exchange public folder permissions edit exchange public folder permissions](https://www.falconitservices.com/wp-content/uploads/2021/06/image_thumb-224.png)
Using a group is always better than setting permissions to individuals. Use Groups and not Individuals Where Possible
![edit exchange public folder permissions edit exchange public folder permissions](https://jthys.files.wordpress.com/2011/04/exchangepublicfolders2.jpg)
Use your equivalent of "All Staff" to grant that permission to everyone, then increase the permissions as required for the people who need to access it. Therefore if you want internal users to be able to email a public folder, then they need at contributor rights. They are not anonymous, but are an authenticated user. The anonymous permission does not apply to a user with Outlook on the same server. This permission can catch people out when they have a mail enabled folder which they want to use internally but hide from the users. Contributor can email the folder, but cannot see it or modify the contents.
![edit exchange public folder permissions edit exchange public folder permissions](https://i.stack.imgur.com/wWZWV.png)
If the folder is mail enabled, then the anonymous permission needs at least contributor rights to be able to receive email. Anonymous Permission and Mail Enabled Folders If you have a folder that everyone in the company needs to see and possibly review the contents of, then use your equivalent of " All Staff" to set the basic permission. To combat that, change the "Default" permission to none for all of your public folders. Therefore it can give a user unintentional access to a folder. The "Default" permission is what a user gets when they are aren't controlled by another permission to their user or group. Similarly, if the Default permission is set too high, then that give unforeseen access (see below). If a user is a member of a group and that group is given one set of permissions, you cannot lock the user out by restricting their access as a named individual. To get the best from public folders though, there are some things that you need to consider. You can actually hide public folders from users totally, so that they don't even know that they are there. One of the reasons that public folders are so popular is because of the control you have over them with permissions.