Solved

Security Rights  disappear

Posted on 2004-09-03
6
198 Views
Last Modified: 2010-04-14
I am currently in the middle of an Exchange 5.5 to 2003
migration and have run into a little problem (if there is
such a thing). I believe it is a W2K AD issue...

Any new rights added for a user will disappear after about
30 minutes.

Details:

Single Exchange site - Single W2K AD domain (native
mode).  NOTE - customer claims domain was in Native Mode
before Exchange 2003 install. I believe it was changed
AFTER.

All ExDeploy tools pass - Exch2003 Domain Prep/Forest Prep
ran OK.

Customer installed Exch2003 server - migrated 4 test
mailboxes successfully.

Mail flow is working correctly both internal and internet.

No errors logged on 5.5 server or 2003 server. DC's have
no events logged either.

I'll give you the exact steps used to add the "send as"
right (this is how I discovered the problem):

Open AD Users and Computers on GC.

Under VIEW select ADVANCED FEATURES (adds security tab to
the properties page).

Open properties sheet for USER1. Select Security tab.
Add USER2 with "Receive As" and "Send As" rights.
Close properties.

The right will take effect and function properly and then
disappear after about 30 minutes.

ANY new user/right disappears after 30 minutes.
It looks like only default permissions remain (all groups
by the way.).
Tried the same with mailboxes that live on the 2003 server
with the same result, but I don't believe this is related
to just mailboxes.

Also tried setting up the ADC as 1-way from Windows to
Exchange just for giggles.
This may be one for the AD guru's!

Thanks All!

SM
0
Comment
Question by:smunicom
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 2

Expert Comment

by:sqwasi
ID: 11976406
smunicom,

Have you tried installing the Exchange 2003 Service Pack 1?  I have had a number of wierd things happen with Exchange 2003 and SP1 seemed to help it.  Also, since your checking on that Service Pack, does your 2KServer have SP4?
0
 

Author Comment

by:smunicom
ID: 11977164
W2K Server is SP4 w/hotfixes.
Exchange 2003 server is SP1. Also applied SP1 to ADC.

I'm heavily leaning toward a hiccup with the ADC connectors...

SM
0
 
LVL 2

Expert Comment

by:sqwasi
ID: 12013433
smunicom,
Did you get this problem solved?  If not I will look into this more.  Let us know.  Thanks.
0
Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

 

Author Comment

by:smunicom
ID: 12098663
Problem solved.

The users in question were somehow part of the Backup Operators group, which is a protect group in AD. The AdminSDholder object fires off a script to reset all protected groups to a security template every 60 minutes, therefore removing and rights which were manually set on the accounts in question.

I made sure to put this one in my personal notes!

SM
0
 
LVL 2

Expert Comment

by:sqwasi
ID: 12118790
SM,

Thank you for letting us know how you solved that problem.  That is great to hear that you solved it!  Could you please close this question by assiging the points if you think they are deserved.  If not you can just delete the question.  Thank you.
0
 

Accepted Solution

by:
ee_ai_construct earned 0 total points
ID: 12204244
Question answered by asker or dialog valuable.
Closed, 500 points refunded.
ee_ai_construct (replacement part #xm34)
Community Support Admin
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
website 1 321
Running Baan iV on VMware 3 185
Windows Services - Run a Program Grey Out 3 92
reboot server with scheduled time and week base 4 62
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This article describes a method of delivering Word templates for use in merging Access data to Word documents, that requires no computer knowledge on the part of the recipient -- the templates are saved in table fields, and are extracted and install…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question