Solved

Exchange 2010 - Permission issues when adding/removing users from Security Groups

Posted on 2013-02-01
2
276 Views
Last Modified: 2013-02-19
Exchange 2010 SP1 server, 2003 DC's. Exisiting Domain Admins have the 'Inherit Permissions...." unchecked - by design. Is it normal for the user account to NOT re-inherit permissions (ie getting that check-box re-checked) when being removed from the Domain Admin's group.
I have ensured AD had replicated between all domains, even waited 24 hours just in case, and I have to manually re-inherit permissions on the user-account in AD. Is that by design, or is there another problem?
0
Comment
Question by:mhdcommunications
2 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 38844029
Yes.
Even removing them from the group doesn't reinstate the inheritance - it will actually be removed again.
You need to clear a value on the user account called AdminCount on the account. Then reapply the inheritance.

Simon.
0
 
LVL 1

Author Closing Comment

by:mhdcommunications
ID: 38906879
Thanks
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now