Microsoft KB Archive/894252

= A user may be able to view the free-and-busy information of another user even though the other user belongs to separate company in Exchange 2000 or in Exchange 2003 =

Article ID: 894252

Article Last Modified on 10/25/2007

-

APPLIES TO


 * Microsoft Exchange Server 2003 Enterprise Edition
 * Microsoft Exchange Server 2003 Standard Edition
 * Microsoft Exchange 2000 Enterprise Server
 * Microsoft Exchange 2000 Server Standard Edition

-





SYMPTOMS
In a Microsoft Exchange 2000 Server environment or in a Microsoft Exchange Server 2003 environment, a user may be able to view the free-and-busy information of another user even though the other user belongs to a separate company.

For example, UserA in Company A sends a meeting request to UserB in Company B. UserB accepts the meeting request from UserA. When UserB opens the meeting request in Microsoft Outlook and then clicks the Schedule tab, the free-and-busy information for UserA is displayed.



CAUSE
This behavior occurs when the following conditions are true:
 * UserA and UserB reside in the same administrative group in the Exchange 2000 environment or in the Exchange 2003 environment.
 * UserA sends UserB a meeting request. Or, UserB sends UserA a meeting request.

For example, UserA and UserB reside in the same administrative group. If UserA sends UserB a meeting request, UserB also receives UserA's LegacyExchangeDN attribute. The LegacyExchangeDN attribute is contained in the meeting request. When UserB tries to view the free-and-busy information for UserA, Outlook uses the LegacyExchangeDN attribute to retrieve the free-and-busy information from the Schedule+ Free Busy Information folder. By default, all users in an administrative group have Editor permissions on the Schedule+ Free Busy Information folder for that administrative group.



WORKAROUND
To work around this behavior, use one of the following methods:
 * Turn off Editor permissions on the Schedule+ Free Busy Information folder for all users.
 * Move the user's mailbox into a separate administrative group.

Method 1: Turn off Editor permissions on the Schedule+ Free Busy Information folder for all users

 * 1) Log on to the Exchange 2003 computer by using an account that has Exchange Administrator permissions.
 * 2) Click Start, and then click System Manager.
 * 3) Expand Administrative Groups, expand  , and then expand Servers.
 * 4) Expand, expand  , expand Public Folder Store , and then click Public Folders.
 * 5) In the details pane, right-click Schedule+ Free Busy Information -  , and then click Properties.
 * 6) Click the Permissions tab, and then click Client Permissions.
 * 7) In the Name box, click Default.
 * 8) Under Permissions, click None in the Roles box, and then click OK.

Method 2: Move the user's mailbox into a separate administrative group

 * 1) Log on to the Exchange 2003 computer by using an account that has Exchange Administrator permissions.
 * 2) Click Start, click Administrative Tools, and then click Active Directory Users and Computers.
 * 3) Right-click the user whose mailbox you want to move, and then click Exchange Tasks.
 * 4) After the Exchange Task Wizard starts, click Next.
 * 5) On the Available Tasks page, click Move Mailbox, and then click Next.
 * 6) On the Move Mailbox page, click the destination server and the administrative group under Server, and then click Next.
 * 7) Complete the remaining steps in the Exchange Task Wizard.

Method 1: Turn off Editor permissions on the Schedule+ Free Busy Information folder for all users

 * 1) Log on to a domain controller by using an account that has Exchange Administrator permissions.
 * 2) Click Start, click Programs, click Microsoft Exchange, and then click System Manager.
 * 3) Expand Administrative Groups, expand  , and then expand Servers.
 * 4) Expand, expand  , expand Public Folder Store , and then click Public Folders.
 * 5) In the details pane, right-click Schedule+ Free Busy Information -  , and then click Properties.
 * 6) Click the Permissions tab, and then click Client Permissions.
 * 7) In the Name box, click Default.
 * 8) Under Permissions, click None in the Roles box, and then click OK.

Method 2: Move the user's mailbox to a separate administrative group

 * 1) Log on to a domain controller by using an account that has Exchange Administrator permissions.
 * 2) Click Start, click Programs, click Administrative Tools, and then click Active Directory Users and Computers.
 * 3) Right-click the user whose mailbox you want to move, and then click Exchange Tasks.
 * 4) After the Exchange Task Wizard starts, click Next.
 * 5) On the Available Tasks page, click Move Mailbox, and then click Next.
 * 6) On the Move Mailbox page, click the destination server under Server, and then click Next.
 * 7) Complete the remaining steps in the Exchange Task Wizard.



STATUS
This behavior is by design.

Additional query words: XADM Free Busy Information

Keywords: kbtshoot kbprb KB894252

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.