Until Exchange 2010, control over Exchange objects was exercised by good 'ol Windows Access Control Lists (ACLs) and Access Control Entries (ACEs). The upside of this implementation was that it was shared with Windows so if you understood how ACLs worked for Windows, you had a fair chance of understanding it for Exchange. The downside is that ACLs are a crude control mechanism that works well when configuring user access to objects such as files but is less satisfactory in the world of Exchange.
↧