Solved

IIS Lockdown Tool and NTFS Permissions of M:\domain\Public Folders

Posted on 2003-10-26
3
389 Views
Last Modified: 2008-02-07
Hello all!

I'm using Windows 2000 Server, Exchange 2000 Server, all latest Service Packs

Just 2 days ago i installed IIS Lockdown Tool. After that i saw that all clients had access to all public folders, so not respecting their user access policy. I tried to control this to Exchange System Manager, but i received error 80040102. I searched for help and found something at Microsoft web site.

Anyway. I uninstalled IIS Lockdown Tool. I correted the NTFS permissions for every public folder and now also Exchange System Manager is working with Public Folders.

The only problem now is that Everyone has access to List Folder Content of Public Folders in M drive. So every user can see all the list of Public Folders. Of course he/she can't access all of them, but he can see all the list.

I tried to change NTFS Permissions of M:\domainname\PublicFolders, but was impossible, because the owner for that folder was System account. Of course i used Administrator account to do that change.

Anyone has an idea how to change NTFS permissions of M:\domainname\PublicFolders  ?

Thanks to all!
0
Comment
Question by:renis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 24

Accepted Solution

by:
David Wilhoit earned 500 total points
ID: 9626475
NOOOOOOOO!!! NEVER, EVER, change the permissions on the M: drive. Don't even look at it. Permissions for public folders are changed in the ESM or on the Outlook client. This can have consequences later or immediately, the M: drive is not to be toyed with. If you've already done it, stop, and check to see that all items are visible.

If you remove the everyone group, NOBODY will access the folders. Everyone group is essential to the ACL. Whatever perms are laid down on the public folders in the M: drive, are base perms, and should not be changed. If you removed anything in the way of permissions, and you have any trouble later, remember this and be prepared to resolve it. The below article is more of an FYI, than a resolution for you. Just making sure you know about this part:

http://support.microsoft.com/default.aspx?scid=kb;en-us;298924

I have personally seen several cases where MS has to reset the perms on the public folders from the command line because admin removed the everyone group from the ACL list.

D
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question