Solved

Domain Admin Mailbox Right

Posted on 2002-03-18
8
442 Views
Last Modified: 2009-12-16
We just upgraded to Exchange 2000 and I noticed that all of the mailboxes have the Domain Admin group with a Deny status on the Full Mailbox access. But its an Inherited permission because its grey out check mark that can't be unchecked. I need to have Domain admin full permissions to all mailboxes, does anyone know where the permission is coming from and how to turn it off.
0
Comment
Question by:timd4273
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 23

Accepted Solution

by:
slink9 earned 200 total points
ID: 6878251
0
 

Author Comment

by:timd4273
ID: 6878285
The problem is with the mailboxes that were created with 5.5 and now are transfered to 2000. These mailboxes inherited these permissions automatically from somewhere, there are several of them. Domain Admin & Enterprise Admin are both given inherited permissions with deny as the full mailbox access permission.
0
 
LVL 23

Expert Comment

by:slink9
ID: 6878497
Yes, and that article seems to address default (or inherited?) rights and how to change them.  Did you try the steps in the article?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:timd4273
ID: 6878575
Yes, but the article doesn't refer to the permissions that are assigned once you send an email to the account. When you first create an mailbox it only adds a permission for "Self" and once an email is sent to the account it adds several permissions including Domain Admins. But Domain Admins have the permission of Deny for Full Mailbox Access, I need to change that setting to Allow. Any and all help is appreciated.
0
 

Expert Comment

by:MattAHill
ID: 8266393
Me too! And I found the answer :)

XADM: How to Get Service Account Access to All Mailboxes in Exchange 2000
http://support.microsoft.com/?kbid=262054

And this one

XADM: Security Tab Not Available on All Objects in System Manager
http://support.microsoft.com/default.aspx?scid=kb;EN-US;259221

This worked a treat, I had inherited denys on Full Mailbox Rights and after changing the SendAs & ReceiveAs deny's on the organisation I could then open anyones mailbox.
0
 
LVL 1

Expert Comment

by:HadleyR
ID: 11824932
slink9's link is dead.
0
 
LVL 23

Expert Comment

by:slink9
ID: 11825348
Go to http://support.microsoft.com and type in Q272153 and you will get to it.
0
 
LVL 1

Expert Comment

by:JoJoGabor
ID: 14330675
I had the same issue as this. I halso had to stop each server in the organisation from inheriting permissions, as I couldn't find the next level up to set permissions. Can anyone tell me where that is?
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question