Administering Address Lists
Creating and modifying
address lists is the majority of the administrative work involved in
managing address lists. However, you can perform additional
administrative tasks to administer an address list. One is to configure
access permissions for an address list, and another is to override
address list update scheduling by forcing an immediate update.
Setting Permissions on Address Lists
By
default, all users in an organization can access all address lists (the
Authenticated Users group has List Contents permission). There might be
situations where you want to restrict access to a particular address
list, such as to keep users from using an executive management address
list to e-mail all executives easily. Denying access to an address list
does not prevent users from e-mailing the recipients in the address list
by other means, such as selecting them from the GAL, but it does
prevent them from seeing a particular address list when they are using
Outlook.
To set permissions for an address list, perform the following steps:
1. | Right-click the address list in Exchange System Manager and click Properties.
|
2. | Click the Security tab, shown in Figure 5, which shows the users and groups with configured permissions and what those permissions are.
|
3. | A
gray check box means that the permissions have been inherited from a
higher level object, in this case the All Address Lists container. You
can add users and groups and configure their permissions or change the
permissions for existing users and groups that are listed.
|
Setting permissions
must be done carefully because group membership can cause unintended
results. This is especially true when you use the explicit Deny
permission rather than unselecting Allow.
Important
If
the address list is part of an offline address list that a user has
permission to download, they will be able to access the address list
offline. This is true even if they have been explicitly denied
permission online. |
Updating an Address List Manually
Normally
when you make changes to an address list, the changes are replicated to
other Exchange servers in the organization by the Recipient Update
Service. This replication occurs on a configurable schedule. There are
times when you do not want to wait until the next scheduled update takes
place, so Exchange Server 2003 allows you to force an immediate update
manually.
To update an address list manually, perform the following steps:
1. | Expand the Recipients container in Exchange System Manager.
|
2. | Click
the Recipient Update Services container. Notice that there are two
default Recipient Update Services: one for the domain and one for the
enterprise. The enterprise Recipient Update Service is responsible for
updating system objects such as the Message Transfer Agent and the
System Attendant. The domain Recipient Update Service updates recipient
objects.
|
3. | Right-click
the Recipient Update Service for the domain and click Update Now. This
will force any address list changes to be replicated immediately.
Alternatively, you can click Rebuild, which rather than just updating
changes will rebuild all the address lists.
|
Managing a Recipient Update Service
The Recipient Update
Service exists to ensure that address list memberships are accurate by
updating them across the organization to reflect any changes that are
made. You need to have a Recipient Update Service for each domain in an
Exchange Server 2003 organization. However, that is the minimum
requirement. You can have multiple Recipient Update Services in a
domain, and it is useful to do so if you have a domain that spans
multiple Active Directory sites. Whether you are creating a new
Recipient Update Service or modifying an existing one, the configuration
options are similar. Figure 6
shows what the Recipient Update Services Properties dialog box looks
like. To reach this dialog box, expand the Recipient Update Services
container in Exchange System Manager, and then right-click Recipient
Update Service in the contents pane and click Properties.
The options you can configure are as follows:
Domain The domain that the Recipient Update Service is responsible for.
Exchange Server The Exchange server that the Recipient Update Service runs on.
Windows Domain Controller
The domain controller that the Recipient Update Service will contact
and communicate with when making updates to Active Directory.
Update Interval
The schedule that the Recipient Update Service will use to update
address lists. The default setting is Always Run, which means that
whenever a change is made, the Recipient Update Service will make the
update immediately. You can click the drop-down menu to choose a
different interval or click Customize to create a custom schedule. The
Always Run setting can create a lot of network traffic if frequent
changes are made to address lists, which can have undesirable effects on
performance.
A Recipient Update
Service is created automatically in a domain when Exchange Server 2003
is installed, if there isn’t one already. In domains where there are no
Exchange Server 2003 servers but there are Exchange Server 5.5 servers
that are part of the organization, you must create a Recipient Update
Service for that domain. To do so, you must first run DomainPrep in the
domain. Then start Exchange System Manager, right-click Recipient Update
Services, point to New, and then click Recipient Update Service. Select
the destination domain for the Recipient Update Service and complete
the other fields previously listed, as required.