Introduction to Anonymous Access to GALs in Exchange 2003
Normally you configure an object's permissions through Access Control List on the security tab. However,
Exchange has cases where you can only alter permissions with ADSI Edit.
Topics for Configuring Anonymous Access to the GAL
♠
1) Give the 'Anonymous' user read access to the GAL. 2) Configure permissions with ADSI Edit because there is no tab in the Exchange System Manager. 3) Install ADSI Edit. 4) Make sure you are
editing the Configuration Container (not the Domain). 5) Drill down in ADSI Edit to the Address Lists Container. 6) Give the 'Anonymous' user read permission.
With any new utility always, 'Where do I get this program?' In the case of ADSI Edit, you install it as
part of Windows Server 2003's support tools. Once installed, I add ADSI Edit as a snap-in to my MMC along-side my Active Directory Users and Computers and Exchange System Manager.
When ADSI Edit launches, make sure that you choose the Configuration container, and not the Domain container. Expand the Services, Microsoft Exchange and then the name of your Exchange
Organization (Mine was GuyMail).
Your next decision is which Address List to configure permissions? The Default Global Address List, or the Offline Address list.
Guy Recommends: SolarWinds Engineer's Toolset v10
The Engineer's Toolset v10 provides a
comprehensive console of utilities for troubleshooting computer problems. Guy says
it helps me monitor what's occurring on the network, and the tools
teaches me more about how the system literally operates.
There are so many good gadgets, it's like having free rein of a
sweetshop. Thankfully the utilities are displayed logically: monitoring, discovery, diagnostic, and Cisco tools.
Download your copy of the Engineer's Toolset v 10
Now you want the Address Lists Container, and finally select the particular Address List you wish to
edit. Right click on the CN=, and select the Security Tab and Anonymous Logon. Just give this anonymous account read access, not full control.
ADSI Edit is helpful for those situations where Microsoft do not supply a tab to configure the permission that you need. Take every opportunity to launch ADSI Edit and explore the
attributes in the Configuration container of Active Directory.
 Guy Recommends:
The SolarWinds Exchange Monitor
Here is a
free tool to monitor your Exchange Server. Download and
install the utility, then inspect your mail queues, monitor the Exchange
server's memory, confirm there is enough disk space and check the CPU
utilization. This is the real deal - there is no catch. SolarWinds
provides this fully-functioning product for free, as part of their commitment to
supporting the network management community.
Free Download of SolarWinds Exchange Monitor
See Also
| 
