Concepts and Planning << >>


You use permissions to control access to resources. A permission provides specific authorization to perform an action. Different levels of permissions exist for different objects.

You can also use built-in groups of permissions, called roles. For example, the Admin role gives a user a number of permissions, including Add child, Modify user attributes, and Delete.

Mailbox Permissions   You grant permission to log on to a mailbox by using the Microsoft Exchange Server Administrator program. You can set one or more Windows NT user accounts to have user permission on a mailbox. When a user attempts to log on to a mailbox, Microsoft Exchange Server determines whether that user has permission to access that mailbox.

Public Folder Permissions   Permission to access a public folder can be granted by the owner of a public folder, through Microsoft Outlook. Permissions to use public folders can be given to mailboxes, distribution lists, and public folders. For example, you can create an Employees distribution list and a Managers distribution list and, for each list, define different permissions on the Company Policies public folder. The Employees distribution list might have read-only permission, whereas the Managers list might have both reading and writing permissions.

Directory Permissions   Permissions to use the directory are granted to Windows NT user accounts. Users logged on to the Windows NT domain can view the directory in the Administrator program, but they need permission to modify it. An example of a directory permission is Add child, which enables users who have this permission on the Recipients container to create mailboxes.