Instant Messaging

Give Users Access to the Service

To give a user access to Instant Messaging Service, you assign the user to an Instant Messaging home server.

Important   Before you assign users to a home server, you must create at least one home server, and, if you are using Digest authentication (not necessary except in special circumstances), set the password policy on the domain controller so that user passwords are stored in a reversible, encrypted format.

To give users access to Instant Messaging Service:

  1. Start Active Directory Users and Computers
    On the Start menu, point to Programs, point to Administrative Tools, and then click Active Directory Users and Computers.
  2. In the console tree, open the Windows 2000 domain, and then click Users.
  3. You may already have Windows 2000 user accounts created. However, if you need to create new accounts, do so now for each Instant Messaging user. When creating each account, if Create an Exchange mailbox is checked, the Instant Messaging user will have an Exchange mailbox. (To authenticate users, Instant Messaging uses the same password as Windows 2000 Server. An Exchange mailbox is not required to use Instant Messaging.)
  4. Important   If you are using Digest authentication and you did not set the password policy before creating these accounts, you must now reset the users' passwords. Instant Messaging Service is unavailable to users until their passwords are changed. You reset user passwords from the Active Directory Users and Computers snap-in. For specific instructions, refer to the Windows 2000 online documentation. (This step is not necessary if you are using Integrated Windows authentication.)

  5. In the details pane, right-click a user name, and then click Exchange Tasks.
  6. In Exchange Tasks, click Enable Instant Messaging, and then click Next.
  7. Next to Instant Messaging Home Server, click Browse.
  8. In Select Instant Messaging Server, in the Server name column, select a home server. Click OK.
  9. If you have not yet configured an SRV resource record, choose an Instant Messaging Domain for this user from the drop-down list. Then click Next.
  10. Note   If you have already configured an SRV resource record (recommended for production deployments, but not necessary for test or pilot deployments), you can ignore the Instant Messaging Domain selection. When a user has a valid e-mail address already configured, Instant Messaging Service performs a DNS SRV query to determine the user's Instant Messaging domain.

  11. Review the Task Summary and note the Instant Messaging address for this user (, or This is the address the user needs to log on to Instant Messaging Service. Then click Finish.

Note   If, before starting this process, you configured an SRV resource record, and the user was already assigned a primary e-mail address with a domain matching the DNS zone for the SRV record, the Instant Messaging address for this user will be the same as the primary SMTP address, username@e-mail_domain. This is recommended, particularly for production environments.

If you did not configure an SRV record, the Instant Messaging address for this user will take the form: username@Instant_Messaging_Domain (the domain you selected in step 8). This is acceptable for tests or pilot deployments.

Related Topics

Set the Password Policy Create a Home Server DNS Resource Records