?
Solved

Exchange 2010 - Permission issues when adding/removing users from Security Groups

Posted on 2013-02-01
2
Medium Priority
?
283 Views
Last Modified: 2013-02-19
Exchange 2010 SP1 server, 2003 DC's. Exisiting Domain Admins have the 'Inherit Permissions...." unchecked - by design. Is it normal for the user account to NOT re-inherit permissions (ie getting that check-box re-checked) when being removed from the Domain Admin's group.
I have ensured AD had replicated between all domains, even waited 24 hours just in case, and I have to manually re-inherit permissions on the user-account in AD. Is that by design, or is there another problem?
0
Comment
Question by:mhdcommunications
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 2000 total points
ID: 38844029
Yes.
Even removing them from the group doesn't reinstate the inheritance - it will actually be removed again.
You need to clear a value on the user account called AdminCount on the account. Then reapply the inheritance.

Simon.
0
 
LVL 1

Author Closing Comment

by:mhdcommunications
ID: 38906879
Thanks
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Course of the Month10 days, 23 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question