Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Domain Admin Mailbox Right

Posted on 2002-03-18
8
Medium Priority
?
453 Views
Last Modified: 2009-12-16
We just upgraded to Exchange 2000 and I noticed that all of the mailboxes have the Domain Admin group with a Deny status on the Full Mailbox access. But its an Inherited permission because its grey out check mark that can't be unchecked. I need to have Domain admin full permissions to all mailboxes, does anyone know where the permission is coming from and how to turn it off.
0
Comment
Question by:timd4273
8 Comments
 
LVL 23

Accepted Solution

by:
slink9 earned 800 total points
ID: 6878251
0
 

Author Comment

by:timd4273
ID: 6878285
The problem is with the mailboxes that were created with 5.5 and now are transfered to 2000. These mailboxes inherited these permissions automatically from somewhere, there are several of them. Domain Admin & Enterprise Admin are both given inherited permissions with deny as the full mailbox access permission.
0
 
LVL 23

Expert Comment

by:slink9
ID: 6878497
Yes, and that article seems to address default (or inherited?) rights and how to change them.  Did you try the steps in the article?
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 

Author Comment

by:timd4273
ID: 6878575
Yes, but the article doesn't refer to the permissions that are assigned once you send an email to the account. When you first create an mailbox it only adds a permission for "Self" and once an email is sent to the account it adds several permissions including Domain Admins. But Domain Admins have the permission of Deny for Full Mailbox Access, I need to change that setting to Allow. Any and all help is appreciated.
0
 

Expert Comment

by:MattAHill
ID: 8266393
Me too! And I found the answer :)

XADM: How to Get Service Account Access to All Mailboxes in Exchange 2000
http://support.microsoft.com/?kbid=262054

And this one

XADM: Security Tab Not Available on All Objects in System Manager
http://support.microsoft.com/default.aspx?scid=kb;EN-US;259221

This worked a treat, I had inherited denys on Full Mailbox Rights and after changing the SendAs & ReceiveAs deny's on the organisation I could then open anyones mailbox.
0
 
LVL 1

Expert Comment

by:HadleyR
ID: 11824932
slink9's link is dead.
0
 
LVL 23

Expert Comment

by:slink9
ID: 11825348
Go to http://support.microsoft.com and type in Q272153 and you will get to it.
0
 
LVL 1

Expert Comment

by:JoJoGabor
ID: 14330675
I had the same issue as this. I halso had to stop each server in the organisation from inheriting permissions, as I couldn't find the next level up to set permissions. Can anyone tell me where that is?
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
Mailbox Corruption is a nightmare every Exchange DBA wishes he never has. Recovering from it can be super-hectic if not entirely futile. And though techniques like the New-MailboxRepairRequest cmdlet have been designed to help with fixing minor corr…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
Suggested Courses

876 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question