System Attendant missing permissions to it's own mailbox?


I have enabled mailbox access logging in Exchange 2007. After that I stumbled upon this event (represented multiple times):

Log Name:      Application
Source:        MSExchangeIS Mailbox Store
Date:          25-03-2010 10:40:47
Event ID:      1029
Task Category: Access Control
Level:         Warning
Keywords:      Classic
User:          N/A
Computer:      <CCR Node 1 name>
<CMS_name>-SA@<DNS_domain_name> failed an operation because the user did not have the following access rights:

'Delete' 'Read Property' 'Write Property' 'Create Message' 'View Item' 'Create Subfolder' 'Write Security Descriptor' 'Write Owner' 'Read Security Descriptor' 'Contact'

The distinguished name of the owning mailbox is /O=<Exchange_org>/OU=EXCHANGE ADMINISTRATIVE GROUP (FYDIBOHF23SPDLT)/CN=CONFIGURATION/CN=SERVERS/CN=<CMS_name>/CN=MICROSOFT SYSTEM ATTENDANT. The folder ID is in the data section of this event.

I don't know if the object <CMS_name>-SA@<DNS_domain_name> refer to a System Attendant account created by Exchange or the CMS' system (computer) account (normally this would be refered as <CMS_name>$).

I have search the AD domain for the object, but without luck. Maybe the object is hidden from normal LDAP searches (samaccountmame=<CMS_name>-SA@<DNS_domain_name>). I can't grant permissions to objects which I can't find.

I haven't noticed any issues which I could relate to these events.

Have anyone else seen this warning before?

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

BusbarSolutions ArchitectCommented:
please run setup and run forestprep and domainprep, domainprep should do it by itself so you might to try it by itself

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
MichaelVorbeckAuthor Commented:
Since this is logged for only a server or a service account for the server, I cannot see how forest- and domainprep should resolve this issue.
BusbarSolutions ArchitectCommented:
because forestprep and domainprep will restore permissions or the Exchange server
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.