Applications Server

Exchange Server 2010 : Managing Public Folders

12/1/2010 9:06:46 AM

Starting with the very first version of Exchange, Public Folders have been a way to access shared data. Public Folders do have their limits and are not designed to archive data or as a document collaboration solution. Public Folders is an optional feature with no dependencies for features such as free and busy time or OAB downloads if all clients are using Outlook 2007 or 2010. Until your organization is running Outlook 2010 or Outlook 2007, Public Folders should be used and thus are a part of this chapter. However, any proactive Exchange administrator should understand that although Public Folders are supported, Microsoft SharePoint may be a better long-term fit for your business going forward with new content.

When the time comes to start planning for Public Folders, you want to keep in mind a few things about creating Public Folder databases. First, it is important to size your Exchange deployment accurately and to determine the amount of use that your Public Folders will receive. If you determine that Public Folders will be heavily used in your environment, best practice is to deploy a dedicated Public Folder server that will allow you to dedicate CPU and disk space to just the Public Folder function. Second, keep the number of databases to a minimum. This will allow for simplified management of the Public Folders database and will reduce the time required to restore a database. A balance should be met when determining the number of public folder databases so that you have enough databases to meet the organization's requirements while at the same time reducing the management of the databases.

Public Folder content is replicated with an e-mail-based process. When a Public Folder or its contents is modified, the Public Folder database the sends an e-mail message to the other Public Folder databases that host a replica of the Public Folder that describes the changes. If possible, multiple changes are contained within one e-mail message up to the message size limit. If the changes exceed the single message limit, multiple messages are sent.

The Transport servers route the replication messages the same way other e-mail messages are routed. By default, Public Folder content replicates every 15 minutes, and cannot be configured to replicate more than every minute.


The Public Folder configuration information is stored in Active Directory. To optimize Public Folder replication, Active Directory replication must also be working correctly and efficiently.

When you create a Public Folder, by default only one replica of that Public Folder exists within the Exchange Server organization. Creating replicas allows you to replicate Public Folder data between Mailbox servers. Just by adding multiple replicas for a Public Folder, the contents will be automatically replicated. Because each mailbox server only has one Public Folder database, it is recommended you install and configure at least two mailbox servers in the Exchange organization so that automatic Public Folder replication will occur. Basic replication can be configured within the EMC by right-clicking the Public Folder database and selecting Properties.

Public Folder replication is not only for redundancy—it also allows you to have Public Folder content in strategic locations, close to where the users are located. This can result in faster access to Public Folder content and reduced communication across wide area network (WAN) links.

You can create Public Folder databases using either the EMC or the EMS. The proper rights must be granted to the user account that will create Public Folders; those rights are organization management and server management. The EMC utilizes a simple wizard to create Public Folder databases; the EMS uses the New-PublicFolderDatabase cmdlet. After you have created the Public Folder database you will need to run the Mount-Database cmdlet to mount the database.

If you must remove a Public Folder database you should consider the following factors:

  • If the Public Folder database contains data it cannot be removed. You must delete or migrate the data to another Public Folder database.

  • If a Public Folder database has a mailbox database associated with it you must associate the mailbox database with another Public Folder database before it can be removed.

  • If any users are utilizing Outlook 2003 or previous versions, the last Public Folder cannot be removed.

Although either the EMC or the EMS can be used to remove a Public Folder database, you will receive a warning to inform you that it will not remove the actual database files. These database files must be removed manually.

You can create Public Folders using the EMC, EMS, Outlook, and OWA. The Public Folder Management Console is a simplified way for the creation, configuration, and management of Public Folders. The Public Folder Management Console can be found in the Toolbox node in the EMC. Tasks that can be performed using the Public Folder management console include:

  • Updating the Public Folder hierarchy

  • Updating Public Folder content

  • Adding or removing Public Folders

  • Viewing and modifying Public Folder properties and replicas

  • Managing Send As permissions for mail-enabled Public Folders

For example, to use the EMS to create the Project folder under the Sales top-level Public Folder on the Fresno-EX01 server, run the following cmdlet:

New-PublicFolder -Name "\Sales\Project" -Server Fresno-EX01

The Remove-PublicFolder cmdlet works similarly to the New-PublicFolder cmdlet; however, it deletes the Public Folder and all replicas.

Public Folders have two types of permissions: administrative and client. Administrative permissions control functions such as configuring replicas, setting deleted item retention, creating new Public Folders, and mail-enabling Public Folders. You can set these permissions using the EMS with the following three cmdlets: Get-PublicFolderAdministrativePermission, Add-PublicFolderAdministrativePermission, and Remove-PublicFolderAdministrativePermission.

Client permissions control functions such as creating, reading, editing, and deleting Public Folders and the items within the folders. You can configure client permissions using the Outlook client, EMS, and the Public Folder Management Console. When assigning client permissions keep in mind the Default and Anonymous special user accounts. These users are shown in the properties of the Sales Public Folder from within Outlook in Figure 1. The Default special user represents all users who are not explicitly defined access. By default, the Default special user inherits its permissions from the parent folder. When managing Public Folder permissions, this group is often overlooked, allowing more people access to the folder than the administrator expects. The anonymous special user represents all users who do not have a specific permissions set and users that are not logged in. The Anonymous special user is particularly important when a Public Folder is mail-enabled. E-mail messages sent from the Internet would be submitted anonymously. For a Public Folder to be able to receive messages from the Internet, the anonymous special user requires the Create Items permission. If you do not want your mail-enabled Public Folder to receive e-mail from the Internet, this permission should be removed.

The provided cmdlets are able to fully administer public folders and can be used to automate a variety of administrative tasks. Also included in the Scripts directory of the Exchange installation are a number of valuable pre-created Public Folder management scripts:

  • AddReplicaToPFRecursive.ps1 This script adds the specified server to the replica list for a given Public Folder and all folders underneath it.

  • AddUsersToPFRecursive.ps1 This script allows you to grant user permissions to a folder and all folders beneath it.

  • MoveAllReplicas.ps1 This script finds and replaces a server in the replica list of all Public Folders, including system folders for a given Public Folder database.

  • RemoveReplicaFromPFRecursive.ps1 This script removes the specified server from the replica list for a given Public Folder and all folders underneath it.

  • RemoveUserFromPFRecursive.ps1 This script removes the given user's access permissions from the given public folder and all its subfolders.

    Figure 1. The Default and Anonymous special users

  • ReplaceReplicaOnPFRecursive.ps1 This script finds and replaces a server in the replica list of a given Public Folder as well as all subfolders.

  • ReplaceUserPermissionOnPFRecursive.ps1 This script finds and replaces one user in the permissions on a given Public Folder and all its subfolders with a second user; the original user permissions are not retained.

  • ReplaceUserWithUserOnPFRecursive.ps1 This script copies one user's access permissions on a given Public Folder and all its subfolders to a second user while retaining permissions for the first user.

Exchange 2010 SP1 added a few important features for Public Folders. For example, it enabled an administrator to set client permissions, override settings, and replicate information recursively, similar to how Exchange 2003 administrators were able to do this. Also introduced in Exchange 2010 SP1 is the repair Public Folder database cmdlet, Repair-PublicFolderDatabase, which is used to detect and fix the Public Folder corruptions in the replication state, view verification, and physical corruption.

1. Managing and Using Public Folders in a Mixed Environment

When you have a mixed Exchange 2003, Exchange 2007, and Exchange 2010 organization, you can still use the Exchange 2003 Exchange System Manager to manage Public Folders, which provide some features that are not present in the other management tools. Be sure, however, to follow the supported scenarios when performing Public Folder management:

  • Exchange System Manager can be used to connect to, administer, and configure Exchange 2003 Public Folder databases for administration. Any changes will replicate to both Exchange 2007 and Exchange 2010.

  • In an Exchange 2010-only or a mixed Exchange 2010 and Exchange 2007 organization, you can't install or use Exchange System Manager to manage Public Folders. In this case you must use the EMS.

  • When verifying hierarchy replication or when viewing the Local Replica Age Limit value on a folder, use Exchange System Manager for Public Folders that exist on an Exchange 2003 server and the EMS for Public Folders that exist on an Exchange 2010 or Exchange 2007 server.

A migration from an older version of Exchange to Exchange 2010 is a good time to groom and maintain your Public Folders. Public Folders are easy to set up and use. Unfortunately, they are also easily abandoned. To ensure that the resources are not wasted, a periodic audit is recommended. One way to do this is to check the LastAccessTime property of the Public Folders. Folders that have not been accessed in a number of months or years usually can be archived and deleted. To create an ordered list of the last time each Public Folder has been accessed run Get-PublicFolderStatistics | Sort-Object LastAccessTime | Format-Table.

Other -----------------
- Exchange Server 2010 : Managing Outlook Web App Themes
- Exchange Server 2010 : Managing Details Templates
- Exchange Server 2010 : Managing Address Lists
- Exchange Server 2010 : Managing Address Policies
- Exchange Server 2010 : Designing and Implementing AD RMS Integration (part 5) - Configuring AD RMS Super Users
- Exchange Server 2010 : Designing and Implementing AD RMS Integration (part 4)
- Exchange Server 2010 : Designing and Implementing AD RMS Integration (part 3) - Transport and Journal Report Decryption
- Exchange Server 2010 : Designing and Implementing AD RMS Integration (part 2) - AD RMS and Exchange Server 2010
- Exchange Server 2010 : Designing and Implementing AD RMS Integration (part 1) - Overview
- Exchange Server 2010 : Multi-Mailbox Search (part 2) - Performing a Multi-Mailbox Search
- Exchange Server 2010 : Multi-Mailbox Search (part 1) - Litigation Hold
- BizTalk Server 2009 : Consuming WCF services without orchestration
- BizTalk Server 2009 : Consuming WCF services from orchestrations
- BizTalk Server 2009 : Exposing WCF services from schemas
- Active Directory Domain Services 2008: Exclude an Attribute from Directory Service Auditing
- Active Directory Domain Services 2008: Configure Auditing on Object Security Access Control Lists
- Active Directory Domain Services 2008: Disable the Detailed Directory Service Replication Auditing Subcategory
- Active Directory Domain Services 2008: Enable the Detailed Directory Service Replication Auditing Subcategory
- Active Directory Domain Services 2008: Disable the Directory Service Replication Auditing Subcategory
- Active Directory Domain Services 2008: Enable the Directory Service Replication Auditing Subcategory
- First look: Apple Watch

- 10 Amazing Tools You Should Be Using with Dropbox

- Sigma 24mm f/1.4 DG HSM Art

- Canon EF11-24mm f/4L USM

- Creative Sound Blaster Roar 2

- Alienware 17 - Dell's Alienware laptops

- Smartwatch : Wellograph

- Xiaomi Redmi 2
Popular tags
Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 Adobe Indesign Adobe Flash Professional Dreamweaver Adobe Illustrator Adobe After Effects Adobe Photoshop Adobe Fireworks Adobe Flash Catalyst Corel Painter X CorelDRAW X5 CorelDraw 10 QuarkXPress 8 windows Phone 7 windows Phone 8