Microsoft KB Archive/322935

= XADM: Exchsrvr and Mailroot Folder Permissions in Exchange 2000 =

Article ID: 322935

Article Last Modified on 2/28/2007

-

APPLIES TO


 * Microsoft Exchange 2000 Server Standard Edition

-



This article was previously published under Q322935



SUMMARY
By default, Exchange 2000 Setup installs Exchange 2000 to the Program Files folder, which has tighter permissions than the rest of the file system. However, if a user installs Exchange 2000 in a location other than the Program Files folder, the installation folder inherits permissions from that location. Typically, this grants Full Control permissions to that location.

By default, Microsoft Windows 2000 and Windows .NET inherit the following permissions from the Program Files folder:
 * Local Administrator, System, and Creator Owner inherit Full Control permissions.
 * Terminal Server users and power users inherit Modify permissions.
 * Users inherit Read and Execute permissions.

If Exchange 2000 is installed in another location, permissions can be modified in the ExchSrvr folder to match the permissions that would have been inherited from the Program Files folder.

Additionally, Exchange 2000 Setup opens permissions in the Mailroot folder to permit certain Collaboration Data Object (CDO) calls to work. However, these permissions allow the server's Simple Mail Tranfer Protocol (SMTP) queues to be viewed by everyone.

After permissions are restricted, if you require CDO functionality, you must modify permissions on the Mailroot folder and the appropriate subfolders. To open the Mailroot folder and permit CDO calls, apply at least the following permissions:
 * Write access to the Pickup folder
 * Read access to the Drop folder

Additional query words: Exchsrvr Titanium Mailroot permission

Keywords: kbinfo KB322935

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.