Share via

Exchange 2013 - Public Folders and the default rights

  • Article

Exchange 2013 did away with the Public Folder Database and now you have a mailbox with folders. To setup your PF you can follow the following guide:

https://collaborationpro.com/create-public-folder-mailbox-exchange-2013/

Accessing Public Folder in Outlook.

Once you have created your PF mailbox and folders, if you open up outlook you will notice nothing is showing:

https://collaborationpro.com/wp-content/uploads/2015/07/PF1-300x172.png

To be able to view public folders, click the 3 ... as shown above.

https://collaborationpro.com/wp-content/uploads/2015/07/PF2-300x146.png

Once the options tab pops up click on Folders as shown above.

https://collaborationpro.com/wp-content/uploads/2015/07/PF3-181x300.png

Now we can see the public folders.

Public Folder Rights

https://collaborationpro.com/wp-content/uploads/2015/07/PF4-300x149.png

After creating public folders in the first step, you will see above that we are able to view the folders and sub folders created.

You may be wondering how?

https://collaborationpro.com/wp-content/uploads/2015/07/PF5-233x300.png

If we right click on one of the folders and then click the Summary Tab you will see that the default rights is "Author". This is by design in Exchange 2013. The default user is basically all authenticated users.

If we go back to the Exchange Admin Center and check the root permissions or the folder permissions you will notice none are set:

https://collaborationpro.com/wp-content/uploads/2015/07/PF6-300x298.pnghttps://collaborationpro.com/wp-content/uploads/2015/07/PF7-300x137.pnghttps://collaborationpro.com/wp-content/uploads/2015/07/PF8-300x249.png

Now if we open up the Exchange Management Shell we can check the rights assigned:

https://collaborationpro.com/wp-content/uploads/2015/07/PF9-300x189.png

As you can see on both folders that was created, the default user has author rights.

Removing the Default User Rights and the problems

You can remove the default users rights BUT then nobody will be able to access the folders. To do this run the following command:

  • Remove-PublicFolderClientPermission -Identity "\ -User Default

If you want to add rights back then run the following command:

  • Add-PublicFolderClientPermission -Identity "\ -User Default -AccessRights Author