Starting with the very first version of Exchange, Public Folders have been a way to access shared data. Public Folders do have their limits and are not designed to archive data or as a document collaboration solution. Public
Folders is an optional feature with no dependencies for features such
as free and busy time or OAB downloads if all clients are using Outlook
2007 or 2010. Until your organization is running Outlook 2010 or
Outlook 2007, Public Folders should be used and thus are a part of this
chapter. However, any proactive Exchange administrator should
understand that although Public Folders are supported, Microsoft SharePoint
may be a better long-term fit for your business going forward with new
When the time comes to start
planning for Public Folders, you want to keep in mind a few things
about creating Public Folder databases. First, it is important to size
your Exchange deployment accurately and to determine the amount of use
that your Public Folders will receive. If you determine that Public
Folders will be heavily used in your environment, best practice is to
deploy a dedicated Public Folder server that will allow you to dedicate
CPU and disk space to just the Public Folder function. Second, keep the
number of databases to a minimum. This will allow for simplified
management of the Public Folders database and will reduce the time
required to restore a database. A balance should be met when
determining the number of public folder databases so that you have
enough databases to meet the organization's requirements while at the
same time reducing the management of the databases.
Public Folder content is
replicated with an e-mail-based process. When a Public Folder or its
contents is modified, the Public Folder database the sends an e-mail
message to the other Public Folder databases that host a replica of the
Public Folder that describes the changes. If possible, multiple changes
are contained within one e-mail message up to the message size limit.
If the changes exceed the single message limit, multiple messages are
The Transport servers route the replication messages the same way other e-mail messages are routed. By default, Public Folder content replicates every 15 minutes, and cannot be configured to replicate more than every minute.
Public Folder configuration information is stored in Active Directory.
To optimize Public Folder replication, Active Directory replication
must also be working correctly and efficiently.
When you create a Public
Folder, by default only one replica of that Public Folder exists within
the Exchange Server organization. Creating replicas allows you to
replicate Public Folder data between Mailbox servers. Just by adding
multiple replicas for a Public Folder, the contents will be
automatically replicated. Because each mailbox server only has one
Public Folder database, it is recommended you install and configure at
least two mailbox servers in the Exchange organization so that
automatic Public Folder replication will occur. Basic replication can
be configured within the EMC by right-clicking the Public Folder
database and selecting Properties.
Public Folder replication is
not only for redundancy—it also allows you to have Public Folder
content in strategic locations, close to where the users are located.
This can result in faster access to Public Folder content and reduced
communication across wide area network (WAN) links.
You can create Public Folder
databases using either the EMC or the EMS. The proper rights must be
granted to the user account that will create Public
Folders; those rights are organization management and server
management. The EMC utilizes a simple wizard to create Public Folder
databases; the EMS uses the New-PublicFolderDatabase cmdlet. After you have created the Public Folder database you will need to run the Mount-Database cmdlet to mount the database.
If you must remove a Public Folder database you should consider the following factors:
If the Public Folder
database contains data it cannot be removed. You must delete or migrate
the data to another Public Folder database.
a Public Folder database has a mailbox database associated with it you
must associate the mailbox database with another Public Folder database
before it can be removed.
If any users are utilizing Outlook 2003 or previous versions, the last Public Folder cannot be removed.
Although either the EMC or the
EMS can be used to remove a Public Folder database, you will receive a
warning to inform you that it will not remove the actual database
files. These database files must be removed manually.
You can create Public Folders using the EMC, EMS, Outlook, and OWA. The Public
Folder Management Console is a simplified way for the creation,
configuration, and management of Public Folders. The Public Folder
Management Console can be found in the Toolbox node in the EMC. Tasks
that can be performed using the Public Folder management console
Updating the Public Folder hierarchy
Updating Public Folder content
Adding or removing Public Folders
Viewing and modifying Public Folder properties and replicas
Managing Send As permissions for mail-enabled Public Folders
For example, to use the
EMS to create the Project folder under the Sales top-level Public
Folder on the Fresno-EX01 server, run the following cmdlet:
New-PublicFolder -Name "\Sales\Project" -Server Fresno-EX01
The Remove-PublicFolder cmdlet works similarly to the New-PublicFolder cmdlet; however, it deletes the Public Folder and all replicas.
Public Folders have two
types of permissions: administrative and client. Administrative
permissions control functions such as configuring replicas, setting
deleted item retention, creating new Public Folders, and mail-enabling
Public Folders. You can set these permissions using the EMS with the
following three cmdlets: Get-PublicFolderAdministrativePermission, Add-PublicFolderAdministrativePermission, and Remove-PublicFolderAdministrativePermission.
Client permissions control
functions such as creating, reading, editing, and deleting Public
Folders and the items within the folders. You can configure client
permissions using the Outlook client, EMS, and the Public Folder Management Console. When assigning client permissions keep in mind the Default and Anonymous special user accounts. These users are shown in the properties of the Sales Public Folder from within Outlook in Figure 1.
The Default special user represents all users who are not explicitly
defined access. By default, the Default special user inherits its
permissions from the parent folder. When managing Public Folder
permissions, this group is often overlooked, allowing more people
access to the folder than the administrator expects. The anonymous
special user represents all users who do not have a specific
permissions set and users that are not logged in. The Anonymous special
user is particularly important when a Public Folder is mail-enabled.
E-mail messages sent from the Internet would be submitted anonymously.
For a Public Folder to be able to receive messages from the Internet,
the anonymous special user requires the Create
Items permission. If you do not want your mail-enabled Public Folder to
receive e-mail from the Internet, this permission should be removed.
The provided cmdlets are able
to fully administer public folders and can be used to automate a
variety of administrative tasks. Also included in the Scripts directory
of the Exchange installation are a number of valuable pre-created
Public Folder management scripts:
AddReplicaToPFRecursive.ps1 This script adds the specified server to the replica list for a given Public Folder and all folders underneath it.
AddUsersToPFRecursive.ps1 This script allows you to grant user permissions to a folder and all folders beneath it.
This script finds and replaces a server in the replica list of all
Public Folders, including system folders for a given Public Folder
RemoveReplicaFromPFRecursive.ps1 This script removes the specified server from the replica list for a given Public Folder and all folders underneath it.
RemoveUserFromPFRecursive.ps1 This script removes the given user's access permissions from the given public folder and all its subfolders.
Figure 1. The Default and Anonymous special users
ReplaceReplicaOnPFRecursive.ps1 This script finds and replaces a server in the replica list of a given Public Folder as well as all subfolders.
This script finds and replaces one user in the permissions on a given
Public Folder and all its subfolders with a second user; the original
user permissions are not retained.
This script copies one user's access permissions on a given Public
Folder and all its subfolders to a second user while retaining
permissions for the first user.
Exchange 2010 SP1
added a few important features for Public Folders. For example, it
enabled an administrator to set client permissions, override settings,
and replicate information recursively, similar to how Exchange 2003
administrators were able to do this. Also introduced in Exchange 2010
SP1 is the repair Public Folder database cmdlet, Repair-PublicFolderDatabase,
which is used to detect and fix the Public Folder corruptions in the
replication state, view verification, and physical corruption.
1. Managing and Using Public Folders in a Mixed Environment
When you have a mixed
Exchange 2003, Exchange 2007, and Exchange 2010 organization, you can
still use the Exchange 2003 Exchange System Manager to manage Public
Folders, which provide some features that are not present in the other
management tools. Be sure, however, to follow the supported scenarios
when performing Public Folder management:
Manager can be used to connect to, administer, and configure Exchange
2003 Public Folder databases for administration. Any changes will
replicate to both Exchange 2007 and Exchange 2010.
an Exchange 2010-only or a mixed Exchange 2010 and Exchange 2007
organization, you can't install or use Exchange System Manager to
manage Public Folders. In this case you must use the EMS.
verifying hierarchy replication or when viewing the Local Replica Age
Limit value on a folder, use Exchange System Manager for Public Folders
that exist on an Exchange 2003 server and the EMS for Public Folders
that exist on an Exchange 2010 or Exchange 2007 server.
A migration from an older
version of Exchange to Exchange 2010 is a good time to groom and
maintain your Public Folders. Public Folders are easy to set up and
use. Unfortunately, they are also easily abandoned. To ensure that the
resources are not wasted, a periodic audit is recommended. One way to
do this is to check the LastAccessTime
property of the Public Folders. Folders that have not been accessed in
a number of months or years usually can be archived and deleted. To
create an ordered list of the last time each Public Folder has been
accessed run Get-PublicFolderStatistics | Sort-Object LastAccessTime | Format-Table.