700 likes | 848 Views
Recipient Management, Policies, and Permissions in Exchange 2007. Daniel Kenyon-smith http://blogs.technet.com/danielkenyon-smith/default.aspx . Introduction. Daniel Kenyon-smith . Audience Discovery. Exchange 5.5. Exchange 2000 or 2003. Exchange 2007 . What Will We Cover?.
E N D
Recipient Management, Policies, and Permissions in Exchange 2007 • Daniel Kenyon-smith http://blogs.technet.com/danielkenyon-smith/default.aspx
Introduction Daniel Kenyon-smith
Audience Discovery Exchange 5.5 Exchange 2000 or 2003 Exchange 2007
What Will We Cover? Administrative • Recipient management model update • Administrative permission model overview
Helpful Experience IT administration experience with Microsoft Exchange Server 2003, Exchange 2000 Server, or Exchange Server 5.5 Level 300
Agenda • Using the Exchange 2007 Toolset • New ways of working • Managing Recipients • New recipient types • Understanding Administrative Permissions • Split permission model • Delegation
Design Principles • Make it simple, intuitive, and organized • Enable administrative automation
Agenda • Using the Exchange 2007 Toolset • Managing Recipients • Understanding Administrative Permissions
Exchange 2007 Management Model * AD=Active Directory PowerShell Engine Exchange cmdlets Process boundary E2007 Store AD* Registry Files
Exchange 2007 Management Model * AD=Active Directory Command-line PowerShell Engine Exchange cmdlets Process boundary E2007 Store AD* Registry Files
Exchange 2007 Management Model * AD=Active Directory Graphical Command-line WinForms PowerShell data provider PowerShell Engine Exchange cmdlets Process boundary E2007 Store AD* Registry Files
Exchange Management Console 2 Console tree 1 1 4 3 Result pane Work pane Action pane 2 3 4
Exchange Management Shell • The Shell is a powerful and flexible command-line interface • Built on command-line PowerShell technology from Windows • Extends functionality of the Exchange Management Console • Supports automation and bulk operations • Enables administrators to write secure automation scripts
Exchange Management Shell Continued • Object-oriented data handling • Namespaces enable groups or families of related commands • Pipelining • Access to CMD commands • Trusted scripts
Why Use the Shell? • One-liners • Raw mode • Whatif? • Interactive
Agenda • Using the Exchange 2007 Toolset • Managing Recipients • Understanding Administrative Permissions
Challenges • Improve poor separation between Active Directory and Exchange administration • Make implementation of split-permissions model easier
Mailbox Components Active Directory Exchange 2007 User John Smith Mailbox John Smith User Mailbox – John Smith
Challenges Continued • Automate user management • Solve Recipient Update Service problems • Admin role delegation needs to be more granular
What’s New • Simplified recipient provisioning • Instant-on recipients • Rich filtering support • New recipient types • Policy support for select mailbox settings
What’s New • Unified Messaging • New and improved client functionality • Information worker functionality
Explicit Recipient Types • Recipient types are now explicit versus implicit • Visual indicator • Filtering on type
Mailboxes • MailboxUser • SharedMailbox • LinkedMailbox • LegacyMailbox • Catch-All Mailbox
Resource Mailboxes • ConferenceRoomMailbox • EquipmentMailbox
Contacts • MailEnabledContact • MailEnabledUser
Distribution Groups • MailEnabledUniversalSecurityGroup • MailEnabledUniversalDistributionGroup • MailEnabledNonUniversalGroup • MailEnabledDynamicDistributionGroup
Public Folders • Deemphasized in 2007 • Supported through the Shell • Mixed environments still use public folders
Rich Filtering • Server and Recipient Configuration workcenter can filter objects • Support for up to 10 expressions • Support for AND and OR
Recipient Scoping • Domain- and forest-wide scoping supported • Results size limited to 1,000, but can be overridden • Console uses same list of GCs and DCs used by Services
demonstration • Locating Recipients • Work with Recipient Types • Use Filtering • Use Domain and Forest Scoping Demo
Enable/Disable • Enable/Disable • Adds or removes Exchange attributes from existing Active Directory objects
New/Remove • Creates or deletes Active Directory objects and adds or removes Exchange attributes
demonstration • Creating Recipients • Create and Manage Mailboxes • Create Distribution Groups and Dynamic Distribution Groups • Create Contacts • Disable or Remove Recipients Demo
Mailbox Management Updates • Restore mailboxes • Simplified proxy address • Advanced settings
Distribution Group Management Updates • Exclusive use of universal groups to avoid DL expansion problems in multidomain environments • Simplified proxy address • Advanced settings
Dynamic Group Management Updates • Created pre-defined filters • Simplified proxy address • Advanced settings
E-mail Address Policy Updates • Created pre-defined filters • Mailbox Manager functionality separated from e-mail address policies • Ability to schedule creation and application of e-mail address policies
E-mail Address Policy Updates Continued • RUS no longer needed • Automatic update of e-mail address policy • Advanced settings
Address List Updates • Created pre-defined filters • Ability to schedule creation and application of address lists • RUS no longer needed • Advanced settings
Offline Address List Updates • Public folder distribution optional, but still supported • New HTTP(S)-based distribution mechanism • Advanced features
General Recipient Management • Use Templates to Create Recipients • Secure Recipient Templates • Set storage quotas on a mailbox • Set delivery options on a mailbox • Add a new e-mail address to a mailbox • Policy support for a mailbox
Agenda • Using the Exchange 2007 Toolset • Managing Recipients • Understanding Administrative Permissions
Exchange 2003 Security and Permissions Model • Exchange Full Administrator • Exchange Administrator • Exchange View Only Administrator
How Things Have Changed Exchange 5.x Exchange 2007 Exchange 200x Sites Granular Admin Groups
Why We Made Changes • Separate Admins for Exchange and AD • A lack of granularity • Perception • No clear separation
New Administration Model • New administrator roles • Exchange Management Console • Exchange Management Shell