Applies to: Exchange Server 2007 SP3, Exchange Server 2007 SP2, Exchange Server 2007 SP1, Exchange Server 2007
Topic Last Modified: 2007-08-23

Use the Organization Configuration node to configure administrative access roles for users or groups. The result pane displays a list of identities that are configured as Exchange administrators, including the administrative role and scope assigned to them. In Microsoft Exchange Server 2007, these roles are called administrator roles and include the following:

The Exchange Public Folder Administrator role is available only in Exchange 2007 Service Pack 1 (SP1).

The scope is displayed only for the Exchange Server Administrators role. If the role is Exchange Server Administrators, the scope is the Exchange servers to which that role applies. If the role is Exchange Organization Administrators, Exchange Recipient Administrators, or Exchange View-Only Administrators, the scope is the entire organization.

If you add the Exchange Server Administrators role to a user, that user inherits the permissions that are permitted by the Exchange Server Administrators role and the Exchange View-Only Administrators role.

For more information about the Exchange 2007 permissions model, see Permission Considerations.

The Organization Configuration node contains the following sub-nodes:

New in Exchange 2007 SP1

In Exchange 2007 SP1, you can create an Exchange Public Folder Administrator role. For more information about the Exchange Public Folder Administrator role, see Configuring Public Folder Permissions.


The Mailbox node allows you to manage Mailbox server role settings that apply to your entire Exchange 2007 organization. You can maintain existing or create new address lists, managed custom folders, messaging records management (MRM) mailbox policies, and offline address books (OABs).

Address Lists

Use the Address Lists tab to create and manage address lists for your organization. Address lists are a subset of recipients in your organization based on properties of the recipients. You can create new address lists by using the Exchange Management Console by selecting the New Address List wizard from the action pane. To edit an existing group, select the group in the result pane, and then click Edit in the action pane. The Edit Address List wizard will appear and walk you through the editing of the group.

Managed Default Folders

Managed default folders are folders that, by default, are located in users' mailboxes in Microsoft Office Outlook 2007. You do not have to create managed default folders. Examples of managed default folders are the Sent Items folder and the Inbox. You can see a list of all managed default folders in the Exchange Management Console. For more information about managed default folders, see Deploying Messaging Records Management.

Managed Custom Folders

Managed custom folders are managed folders that you create for messaging records management.

Managed custom folders are placed in users' mailboxes according to your specifications by the managed folder mailbox assistant, whenever it runs. Users can also add managed custom folders to their own mailboxes with Web services when you configure a Web page for that purpose for your organization. Managed custom folders are typically given names that reflect their intended role in users' mailboxes. For example, a managed custom folder for personal e-mail might be given the name Non-Work Related.

For more information about managed custom folders, see Managing Messaging Records Management.

Managed Folder Mailbox Policies

Managed folder mailbox policies are used to create logical groupings of managed folders. When a managed folder mailbox policy is applied to users' mailboxes, all the managed folders that are linked to the policy are deployed in a single operation. For more information, see the following topics:

Offline Address Book

The offline address book (OAB) provides offline access to directory information from the global address list (GAL) and from other address lists. Outlook users choose which OABs they want to download. Users who work offline connect to Exchange servers and download OABs to obtain information about other users in their organization. For more information, see Organization Configuration > Mailbox > Offline Address Books.

Client Access

The Client Access node contains the Exchange ActiveSync Mailbox Policies tab. Use this tab to create Exchange ActiveSync mailbox policies to apply a common set of policies or security settings to a collection of users. After you deploy Exchange ActiveSync in your Exchange 2007 organization, you can create new Exchange ActiveSync mailbox policies or modify existing policies. For more information, see Understanding Exchange ActiveSync Mailbox Policies.

Hub Transport

The Hub Transport node allows you to view and maintain the features of the Hub Transport server role. The Hub Transport server role is deployed inside your organization's Active Directory directory service. It handles all internal mail flow, applies organizational message routing policies, and is responsible for delivering messages to a recipient's mailbox. For more information, see Hub Transport Server Role: Overview.

Remote Domain

Remote domains let you control mail flow with more precision, specify message formatting and policy, and specify acceptable character sets. After you create a remote domain, you can specify more advanced formatting, policy, and character set configurations for messages that you exchange with the remote domain. For more information, see Managing Remote Domains.

Accepted Domain

An accepted domain is any Simple Mail Transfer Protocol (SMTP) namespace for which an Exchange organization sends and receives e-mail messages. Accepted domains include those domains for which the Exchange organization is authoritative. An Exchange organization is authoritative when it handles mail delivery for recipients in the accepted domain. Accepted domains also include domains for which the Exchange organization receives mail and then relays to an e-mail server that is outside the Active Directory forest for delivery to the recipient. For more information, see Managing Accepted Domains.

Transport Rules

The transport rules that you configure on one Hub Transport server are applied through Active Directory to all other Hub Transport servers in the Exchange 2007 organization. The transport rules that you configure on an Edge Transport server are applied only to e-mail messages that pass through that specific Edge Transport server. For more information, see Overview of Transport Rules.


The Journaling agent is a compliance-focused agent that you can configure to journal e-mail messages that are sent or received in the Exchange 2007 organization. A journal rule can be applied to all e-mail, or scoped to apply to just internal or external e-mail. For more information, see Overview of Journaling.

Send Connectors

A Send connector controls outgoing connections from the organization. Send connectors are not scoped to a single computer. In Active Directory or in Active Directory Application Mode (ADAM), a Send connector is created as an object in a connector's container. More than one source server can be set on a connector. The source servers are the Hub Transport servers that are associated with that connector for sending messages. You can also select an Edge Subscription file as a source server entry. If there is a Send connector that is configured to send mail to an external domain, when any Hub Transport server in the organization routes mail to that domain, the messages will be delivered to a source server for that connector for relay to the destination domain. For more information, see Send Connectors.

Edge Subscription

Edge Subscription files allow for replication of configuration data from Active Directory to the local ADAM instance on the Edge Transport server. If you are installing more than one Edge Transport server, each server requires a separate Edge Subscription file. For more information, see Managing Edge Subscriptions.

Unified Messaging

Use this node to manage Unified Messaging (UM) server role settings that apply to your entire Exchange 2007 organization. You can maintain existing or create new UM dial plans, UM IP gateways, UM mailbox policies, and UM auto attendants. For more information, see Unified Messaging.

UM Dial Plan

The UM dial plan is an Active Directory container object that logically represents sets or groupings of Private Branch eXchanges (PBXs) that share common user extension numbers. In practical terms, users' extensions that are hosted on PBXs share a common extension number. Users can dial each others telephone extensions without appending a special number to the extension or dialing a full telephone number. A UM dial plan is a logical representation of a telephony dial plan. For more information, see Managing Unified Messaging Dial Plans.

UM IP Gateway

The UM IP gateway is a container object that logically represents a physical IP gateway hardware device. Before the IP gateway can be used to process UM calls, the IP gateway must be represented by an object in Active Directory. For more information, see Managing Unified Messaging IP Gateways.

UM Mailbox Policies

UM Active Directory mailbox policies are required when you enable users for Exchange 2007 UM. They are useful for applying and standardizing UM configuration settings for UM-enabled users. You create UM mailbox policies to apply a common set of policies or security settings to a collection of UM-enabled mailboxes. You use UM mailbox policies to set UM settings for UM-enabled users, such as personal identification number (PIN) policies, dialing restrictions, and other general UM mailbox policy properties. For more information, see Managing Unified Messaging Mailbox Policies.

UM Auto Attendant

The Unified Messaging Auto Attendant tab enables you to create one or more UM auto attendants depending on the needs of your organization. UM auto attendants can be used to create a voice menu system for an organization that lets external and internal callers navigate the UM auto attendant menu system to locate and place or transfer calls to company users or departments in an organization. For more information, see Managing Unified Messaging Auto Attendants.