Microsoft KB Archive/328808

= HOW TO: Remove User Permission from the Create Top-Level Public Folder in Exchange 2000 =

Article ID: 328808

Article Last Modified on 10/25/2007

-

APPLIES TO


 * Microsoft Exchange Server 2003 Enterprise Edition
 * Microsoft Exchange Server 2003 Standard Edition
 * Microsoft Exchange 2000 Server Standard Edition

-



This article was previously published under Q328808



IMPORTANT: This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry



IN THIS TASK
SUMMARY Remove User Permission from the Create Top-Level Public Folder
 * Add the ShowSecurityPage Entry to the Registry
 * Remove the Create Top-Level Public Folder Permission

REFERENCES



SUMMARY
To keep the number of public folder hierarchies in your organization to a manageable size, you can prevent users from creating top-level public folders. Because the Everyone group in Exchange is granted the Create top-level public folder permission by default, you must remove this permission manually.

back to the top

Remove User Permission from the Create Top-Level Public Folder
There are two methods to remove this permission. In the first method, if you have purchased Exchange 2003, you may run the setup/forestprep command. The Exchange 2003 setup/forestprep command not only updates the schema; it also modifies permissions to the organization so that users who do not have administrator accounts cannot create top-level public folders. In the second method, if you have not purchased Exchange 2003, you can remove the top-level public folder creation permission manually. The process below discusses how to use Exchange System Manager in Exchange 2000 to remove the permission manually.

Note Even if you remove the Create top-level public folder permission at the organizational level through either of these two methods, the permission is restored when you add a new server that is running Exchange 2000 to the organization. If you add a new server that is running Exchange 2000, you must remove the permission manually at the organizational level again, or you must run the Exchange 2003 setup/forestprep command. To remove the permission manually by using Exchange System Manager, you must first add the ShowSecurityPage entry to the registry. When you add the ShowSecurityPage entry to the registry, the organization's Properties dialog box displays the Security tab. By default, the Security tab does not appear; therefore you must first add it.

Note For information about how to edit the registry, see &quot;Change Keys and Values&quot; in Help in Regedit.exe. In Help in Regedt32.exe, see &quot;Add and Delete Information in the Registry&quot; and &quot;Edit Registry Information.&quot; If you are running Microsoft Windows NT or Microsoft Windows 2000, update your Emergency Repair Disk (ERD) also.

back to the top

Add the ShowSecurityPage Entry to the Registry
WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

 Start Registry Editor: On the Start menu, click Run, type regedit, and then click OK. Locate the following key in the registry:

 To add the ShowSecurityPage DWORD value, click Edit, click New, and then click DWORD Value. For the new value name, type: ShowSecurityPage  Double-click ShowSecurityPage, and then type 1 in Value data. Go to the next procedure.

back to the top

Remove the Create Top-Level Public Folder Permission

 * 1) Start System Manager: On the Start menu, point to Programs, point to Microsoft Exchange, and then click System Manager.
 * 2) Right-click the organization, and then click Properties.
 * 3) Click the Security tab.
 * 4) Under Name, click Everyone.
 * 5) Under Permissions, scroll to Create top level public folder.
 * 6) In the Allow column, click to clear the check box.

back to the top

<div class="references_section">