15.1 Understanding Microsoft Exchange Management

Through ExA, you can manage mailboxes for user accounts. Because ExA extends existing DRA features, you can manage mailboxes when creating or cloning a user account or modifying user account properties. For example, the Clone User and Modify Limited Properties power allows you to specify some mailbox properties when cloning an existing user account with a mailbox or cloning a mailbox for an existing user account. You can also manage mailboxes through the Exchange tasks tab in the user account properties window.

ExA allows you to create or delete a mailbox, move a mailbox, set mailbox rights and security, set delivery restrictions and options, and set storage limits. For more information about mailbox policy, see Section 13.6.1, Mailbox Rules.

To manage Microsoft Exchange mailboxes using ExA, you must have the appropriate powers, such as those included in the Mailbox Administration and Manage Exchange Mailbox Rights roles. To modify specific mailbox properties, you must have the Exchange Mailbox power associated with the corresponding tab. For example, to manage delivery options for a Microsoft Exchange mailbox, you must have the Modify Exchange Mailbox Delivery Options power. To modify specific mailbox security permissions in Microsoft Exchange, you must have the power associated with the appropriate permission, such as the Modify Mailbox Ownership Rights power.

Distribution groups allow you to mail enable a group. By using distribution groups, you can send email to a single group, distributing this email to all group members. Through ExA, you can hide or expose group membership, manage email addresses, and clone existing groups. This flexibility allows you to create new Microsoft Exchange distribution groups whose membership includes a subset of the original group.

ExA integrates Microsoft Exchange management with group management. For example, when you establish or modify an email address for a distribution group, or clone a group that is mail enabled, ExA verifies that the email address is unique across domains in the forest. ExA also integrates distribution group management with managing your security model. For example, when you create a distribution group, the Create Group wizard allows you to add the new group to the appropriate ActiveViews and hide group membership. This integration allows you to use one process to address multiple goals.

Through ExA, you can manage email addresses for user accounts, contacts, and groups. ExA supports the following types of email addresses:

Because ExA extends existing DRA features, you can manage email addresses when performing account management tasks, such as managing account properties, creating new accounts, and cloning existing accounts. When you establish or modify an email address for an account, or clone a mail enabled account, ExA verifies that the email address is unique across the domains in the forest. You can create and delete email addresses through the Exchange Tasks feature, or let ExA automatically generate email addresses. For more information about automatically generating email addresses, see Section 13.7.5, Specifying a Default Email Address Policy.

To manage email addresses, you must have the appropriate powers, such as those included in the Mailbox Administration role.

Contacts are offered in Microsoft Windows domains as a way to manage email and telephone information about people without providing them a security account on your enterprise. You can also use contacts to add members to distribution lists or groups without granting them access to services. Contacts do not have a security identifier (SID), as do user accounts and groups, so you do not need to incorporate them into your security model.

DRA and ExA integrate Microsoft Exchange and administration tasks so you can use a single workflow or process to seamlessly manage contacts across multiple OUs and domains. You can display and change the settings of many contact properties, create contacts, delete contacts, perform Microsoft Exchange tasks, and manage group membership. For example, when you create a contact through the Account and Resource Management console, the Create Contact Wizard allows you to add the new contact to the appropriate distribution groups. To manage contacts, you must have the appropriate powers, such as those included in the Contact Administration role.

You can also set Microsoft Exchange policies, such as automatically generating email addresses, to further coordinate and streamline your contact and Microsoft Exchange administration needs. For more information, see Section 13.6, Creating and Implementing Microsoft Exchange Policy.

Microsoft Exchange's resource mailbox feature allows you to create a mailbox that represents a resource such as a conference room so that you can reserve it by sending it a meeting invitation, just as you would a person.

DRA contains a set of roles, powers, and policies that allow you to manage your resource mailboxes efficiently.

You can perform the following resource mailbox management tasks with DRA:

DRA has UI extension support for resource mailboxes as well as support for generating audit or UI reports. Support for ADSI scripts is also integrated into DRA.

A dynamic distribution group is a mail-enabled Active Directory group object that you can create to expedite the mass sending of email messages and other information.

The membership list for a dynamic distribution group is calculated each time a message is sent to the group, based on the filters and conditions that you define. This differs from a regular distribution group, which contains a defined set of members. When an email message is sent to a dynamic distribution group, it is delivered to all recipients in the organization that match the criteria defined for that group.

DRA contains a set of roles, powers, and policies that allow you to manage your dynamic distribution groups efficiently.

You can perform the following dynamic distribution group management tasks with DRA:

DRA also supports the following features: