SBS User Security Property Page, Changes disapear next day

When making changes to the User account, security property page, on a Microsoft Small Business Server 2003, the changes that are made are gone the next day. If I add a user account and assign "send as", or even if I change an existing account or group object, the changes are saved for a while, i.e. I can close it, open it immediately, and the changes are still there. But if I open it the next day all changes are gone. The user accounts are in the default OU.
Who is Participating?
This user is (or has been at one point) member of a "protected group" (Administrators, Account Operators, Server Operators, Print Operators, Backup Operators, Domain Admins, Schema Admins, Enterprise Admins, Cert Publishers); check here for details:
The "Send As" right is removed from a user object after you configure the "Send As" right in the Active Directory Users and Computers snap-in in Exchange Server

Delegated permissions are not available and inheritance is automatically disabled

AdminSDHolder Thread Affects Transitive Members of Distribution Groups

Security tab of the adminSDHolder object does not display all properties
palmtekAuthor Commented:
The first tid you cited looks like the answer but there are no administrative groups in this account.
The user belongs to these groups.
Power Users
Domain Users
"domainname group"
"domainname group" (distribution list group)
Internet Users
Mobile Users
Remote Web Workplace Users
For one thing, it's enough if the user has been at some point a member of an administrative group; check the second article, there's an issue with resetting the inheritance flag.
Then out of experience, it seems that the Power Users falls under the "protected groups" as well (but I can't find official documentation, only cases in which it helped to remove the user from the Power Users group); so try this if the inheritance issue doesn't apply.
palmtekAuthor Commented:
oBdA, Have you ever tried removing inheritance from a user object before as a workaround to this problem or does not matter?
Well, inheritance is automatically removed from the protected accounts ...
The issue above is that the inheritance isn't in all cases automatically turned on again after a user has been removed from all protected groups, so protecting an account that doesn't need it anymore. The second article has a script to correct that.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.