?
Solved

SBS 2003 resets inheritance of security entries from OU to User records.

Posted on 2006-06-21
3
Medium Priority
?
494 Views
Last Modified: 2010-04-19
I'm trying to workaround SendAs permissions problem introduced by the last Exchange patch on our SBS 2003.

It affects Research in Motion BlackBerry Enterprise Server (BES) and other simmilar systems.

Recomendation in MS KB 912918 was to add service account additional rights to OU container for the users that needs BES service, but the problem is that SBS seems to periodically dissable the "Allow inheritable permissions from the parent to propagate to this object and all child objects. Include this with entities explicitly defined here." in AD Users and Computers MCC.

This reset happens every few hours.

Do you know how to dissable this reset?

regards, nejc
 
0
Comment
Question by:JernejS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 1000 total points
ID: 16955385
Are yo uusing the default OU?  \MyBusiness\Users\SBSUsers  ??

If not you need to be.  Please see http://sbsurl.com/itpro for an overview of this.

So, therefore you should be modifying the SendAs permission on the SBSUsers container, or if you just want a sub-group to have this permission, you need to create a SECURITY GROUP in the Security Groups OU and put the permission on the new Security Group.  You would then join any users that need this to the security group, or what would be easier is to add the security group to the Mobile User's template and then just reapply that template to the affected users with the "Change User Permissions" wizard.  This will ensure that any users you add in the future get this setting correctly.

Jeff
TechSoEasy

0
 
LVL 1

Author Comment

by:JernejS
ID: 16957594
Jeff,

thanks for your quick answer, the idea with new security group is great, modifying Mobile Template is even better...

Works fine now.

Regards,

Nejc
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16967756
Terrific!  Glad you got it working... If you've ever worked with AD before and are used to creating OUs for everything, it can be difficult to grasp SBS's concepts... but once you do, as you have, it's obvious that these things work well.  Especially considering you have to make sure that everything is set in so many places if you don't use the tools provided!  :-)

Jeff
TechSoEasy
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A lot of problems and solutions are available on the net for the error message "Source server does not meet minimum requirements for migration" while performing a migration from Small Business Server 2003 to SBS 2008. This error pops up just before …
The problem of the system drive in SBS 2003 getting full continues to be an issue, even though SBS 2008 and SBS 2011 are both in the market place.  There are several solutions to this, including adding additional drive space or using third party uti…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question