There are simple ways to view Public Folder Permissions. You can either use the Exchange Admin Center in Exchange or Office 365. You can also use PowerShell to do the same. The problem is when you are trying to get in-depth analysis across a large number of folders. If those folders have groups, then you need to dig even further, which can take a long time. It’s clear that to get more meaning out of a Public Folder Permission report you will need to invest plenty of time and resources.
ExchangeSavvy recently released a new Public Folder Permissions reporting capability to help make this quick and easy by doing the following:
- Multi-Threaded Lookup
- Multiple Public Folder Permission Report Types
- Group Membership
- Nested Group Discovery
- Reporting Flexibility
With ExchangeSavvy, Public Folder Permission Reports can now be quick, painless, and predictable. Extract users even if they’re in a group or nested within multiple groups.
When searching for permissions, it’s common to think of this as a serial task. This can add a lot of time to your search. You also run the risk of not having a completed command due to the amount of time it takes.
With our Public Folder Permission reporting, we are able to multi-thread this process by folder. By doing this, we are able to provide the following
- Track progress from any point in a Public Folder hierarchy and know how many folders will be scanned and how long it will take
- Control how many threads you use to run your report
- If a failure occurs, it can be bypassed and still allow the Public Folder Permission report to complete
With this approach, you no longer have to be concerned with the depth of the Public Folder hierarchy when generating a permissions report. Tackle any complex Public Folder hierarchy with ease.
Multiple Public Folder Permisssion Report Types
Multiple options are available to give you the Public Folder Permissions report that you are looking for:
- Full Permissions
- Permissions Owner
- Permission Rollup
The Full Permissions report will report all user permissions regardless of permission assigned.
This report option is similar to the Full Permissions report, but it will only list those with owner permissions.
Unlike the other report options, this report type doesn’t list the actual permissions a user has. It only reports a user if they have any type of permission to the Public Folder being queried or any subfolder beneath it. This is very helpful when converting Public Folders to Shared Mailboxes. You can run a Permission Rollup report and know instantly which users need to have impersonation rights to the Shared Mailbox.
Group Membership in Public Folder Permission Reports
If you could only assign users to a Public Folder, then Public Folder Permission Reports wouldn’t be that hard. However, that’s almost never the case. It’s one thing to be able to see which Groups have permissions to a specific Public Folder. In most cases, it’s more valuable to know which users have permission to that Public Folder because of that group membership.
The Public Folder Permission reports in ExchangeSavvy will extract users that were a part of Group membership. There’s no need to have to do a separate lookup on the Group because the users have been extracted and presented in the report.
When a user listed is discovered through Group membership, the Group will be listed separately. This allows you to see quickly how this user has the permission they have to the Public Folder.
Nested Group Discovery and Permissions
To make matters more complicated, it’s highly probable that Groups with membership to a Public Folder also have Groups as members. In these cases, you need to dig further through the nested Groups in order to discover which end users have access.
The Public Folder Permission Reports in ExchangeSavvy are able to explore these nested Groups. If a user is granted access through a nested Group, you will see the user listed with the permission level. In the Group column, you will see how they are getting permission through nested Groups. The first Group detected is first followed by the next and so on and so forth.
Along with our other reporting options, with the Public Folder Permission Reports, you can export to the following report types:
You also have the option to set where you want the permission report to start. This allows you to create multiple Public Folder Permission reports. You can create a report starting at each Public Folder root folder for example.
The Public Folder Permission Reports are available today in the following ExchangeSavvy products: