Moving and renaming built-in Exchange groups

During domain prep, Exchange 2000 and Exchange 2003 creates two new domain groups, one Global security group called Exchange Domain Servers, and one Domain local security group called Exchange Enterprise Servers. It is not supported (and it will break Exchange if you do) to rename or move these groups to any other container than the container they are created in, namely the Users contaner.

Exchange 2007 uses universal security groups that are by default created during the preparation of Active Directory in the root domain in the Microsoft Exchange Security Groups container: Exchange Servers,Exchange View-Only Administrators,Exchange Public Folder Administrators,Exchange Recipient Administrators,Exchange Organization Administrators, and ExchangeLegacyInterop. These groups can be renamed and/or moved to another organizational unit in the same domain or any other domain in your Active Directory forest, since Exchange can locate these groups anywhere in the forest by using the combination of two properties (a preset GUID and a distinguished name) combined with the forest's otherWellKnownObjects attribute.

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top