?
Solved

Exchange 2010 sp1 Broken SID!

Posted on 2011-03-08
2
Medium Priority
?
1,025 Views
Last Modified: 2012-06-21
Hey all,

when i go to manage permissions on any of my exchange users, it has the same broken SID listed as full access.  I tried to do resolution on the SID but it was some random user account that was deleted a long time ago.

Can anyone point me in the right direction to identify this SID?  and why it's on all my mailboxes?

thanks
0
Comment
Question by:BBQSTEAK
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 1

Accepted Solution

by:
hallcomis earned 2000 total points
ID: 35075848
Try http://www.joeware.net/freetools/tools/sidtoname/index.htm.  It is a CLI program that will identify broken SIDs.  Since it is a broken SID and the AD account no longer exists you can safely remove it from the mailboxes.
0
 
LVL 1

Expert Comment

by:hallcomis
ID: 35075887
Also, use ADSIEDIT.msc and start in the configuration container > services> Microsoft Exchange and view the security of the object for the broken SID.  Keep working your way down to the DB object until you find which top level object it is set on.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question