asked on

Write Personal Information rights keeps resetting

We have experienced some users are not able to set Delegates in outlook.
Apparantly this is due to the following permission setting not being set:
SELF - Write Personal Information

To solve the Delegates issue, we set this permission on the User object security settings in AD.
However, after a little while, the permission is reset (removed) again, thus making delegates unusable again.
I've been looking through the permissions of the OU etc. without any luck of "spotting" wherein the problem lies.

Do someone have a good suggestion on this matter?

ASKER CERTIFIED SOLUTION

LauraEHunterMVP

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

dennismeng

ASKER

Hi,

A few users are Account Ops, but majority of the users are just regular domain users - and I see the issue on those accounts as well.

LauraEHunterMVP

Have the other users -ever been- members of a protected group? See the links above, if you add a user to one of these groups and then remove it, the permissions inheritance issue remains until you manually reset the adminCount attribute and re-enable inheritance on the account(s) in question.

dennismeng

ASKER

It seems that this solved the issue:

dsacls "cn=adminsdholder,cn=system,dc=<mydomain>,dc=com" /G "\SELF:RPWP;Personal
Information"

Am awaiting user feedback now.
So Laura, it seems that your suspicious points are true :)
Will revert once I know for good that above permission settings solved it.

dennismeng

ASKER

Seems things are good now - so will close the question awarding you Laura :) Thanks alot!