Computer Performance, Exchange 2003

Microsoft Exchange 2003 -  GAL Anonymous Access

Introduction to Anonymous Access to GALs in Exchange 2003

Normally you configure an object's permissions through Access Control List on the security tab.  However, Exchange has cases where you can only alter permissions with ADSI Edit.

Topics for Configuring Anonymous Access to the GAL

 ♠

Strategy for configuring Anonymous Access to the GAL

1) Give the 'Anonymous' user read access to the GAL.

2) Configure permissions with ADSI Edit because there is no tab in the Exchange System Manager.

3) Install ADSI Edit.

4) Make sure you are editing the Configuration Container (not the Domain).

5) Drill down in ADSI Edit to the Address Lists Container.

6) Give the 'Anonymous' user read permission.

Where does ADSI Edit come from?

With any new utility always, 'Where do I get this program?'  In the case of ADSI Edit, you install it as part of Windows Server 2003's support tools.  Once installed, I add ADSI Edit as a snap-in to my MMC along-side my Active Directory Users and Computers and Exchange System Manager.

Finding the Address Lists Container

When ADSI Edit launches, make sure that you choose the Configuration container, and not the Domain container.  Expand the Services, Microsoft Exchange and then the name of your Exchange Organization (Mine was GuyMail).

Your next decision is which Address List to configure permissions?  The Default Global Address List, or the Offline Address list.

Guy Recommends: SolarWinds Engineer's Toolset v10Engineer's Toolset v10

The Engineer's Toolset v10 provides a comprehensive console of utilities for troubleshooting computer problems.  Guy says it helps me monitor what's occurring on the network, and the tools teaches me more about how the system literally operates.

There are so many good gadgets, it's like having free rein of a sweetshop. Thankfully the utilities are displayed logically: monitoring, discovery, diagnostic, and Cisco tools.  Download your copy of the Engineer's Toolset v 10

Setting Permissions on the Security Tab

Now you want the Address Lists Container, and finally select the particular Address List you wish to edit.  Right click on the CN=, and select the Security Tab and Anonymous Logon.  Just give this anonymous account read access, not full control.

 

Summary

ADSI Edit is helpful for those situations where Microsoft do not supply a tab to configure the permission that you need.  Take every opportunity to launch ADSI Edit and explore the attributes in the Configuration container of Active Directory.

 

.

Exchange Monitor from SolarWindsGuy Recommends: The SolarWinds Exchange Monitor

Here is a free tool to monitor your Exchange Server.  Download and install the utility, then inspect your mail queues, monitor the Exchange server's memory, confirm there is enough disk space and check the CPU utilization. This is the real deal - there is no catch.  SolarWinds provides this fully-functioning product for free, as part of their commitment to supporting the network management community.

Free Download of SolarWinds Exchange Monitor

See Also

 .


Google

Webcomputerperformance.co.uk

GFi Events Manager

Guy Recommends: GFi EventsManager

Let GFI EventsManager do the dirty work! Have event logs monitored automatically and get warned about critical events! Download a copy here

 

Home Copyright © 1999-2009 Computer Performance LTD All rights reserved

Please report a broken link, or an error.