exmerge
I am using exmerge and it hangs on one mailbox.
I went and checked in AD and the security for mailbox rights for the user in question has both allow and deny checked for full mailbox access. They are being inherited from somewhere but i don't where.
Maybe it's because the domain\administrator account i am trying to use for exmerge has inherited deny for send and receive as on the mailbox store? Not sure where that inheritance is coming from either.
I went and checked in AD and the security for mailbox rights for the user in question has both allow and deny checked for full mailbox access. They are being inherited from somewhere but i don't where.
Maybe it's because the domain\administrator account i am trying to use for exmerge has inherited deny for send and receive as on the mailbox store? Not sure where that inheritance is coming from either.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Do not remove preconfigured security settings as stated in 35124869
@MegaNuk3 has the proper solution which is to grant explicit allow which will override the inherited deny
yes, this goes against what you know with NTFS permissions, but it is accurate
@MegaNuk3 has the proper solution which is to grant explicit allow which will override the inherited deny
yes, this goes against what you know with NTFS permissions, but it is accurate
Hi endital1097.
My comment is not "removing" security settings. It is one of the ways to resolve this issue. I have tested/performed this many times and it works a treat.
cmkeur, a full how-to on using exmerge, including setting up a user account etc to use to exmerge is contained in this article from microsoft. Hope this helps.
http://support.microsoft.com/kb/292509
My comment is not "removing" security settings. It is one of the ways to resolve this issue. I have tested/performed this many times and it works a treat.
cmkeur, a full how-to on using exmerge, including setting up a user account etc to use to exmerge is contained in this article from microsoft. Hope this helps.
http://support.microsoft.com/kb/292509
Also, note that my initial comment was no different than what MegaNuk3 had given. His is giving permissions to the account you are using to exmerge on a per mailbox level. In my initial comment, I assumed you were using the domain/administrator and was getting you to do what MegaNuk3 stated but on a much global level (on the storage group).
So endital1097, I disagree with your comment above and also MegaNuk3's solution wont work if cmkeur is using domain/administrator since in that case, you will have to break inheritance and then explicitly give permission , same as what I had suggested.
So endital1097, I disagree with your comment above and also MegaNuk3's solution wont work if cmkeur is using domain/administrator since in that case, you will have to break inheritance and then explicitly give permission , same as what I had suggested.
You don't have to break inheritance to give an Explicit Allow
You should never remove permission inheritance
Adding the user account or another group with explicit allow will work
I am just trying to protect from possible future issues related to permissions as that should be one of our goals in this forum
Adding the user account or another group with explicit allow will work
I am just trying to protect from possible future issues related to permissions as that should be one of our goals in this forum
ASKER