Solved

Exchange 2013 - User Mailbox send as permissions disappearing

Posted on 2013-11-25
10
1,353 Views
Last Modified: 2015-11-27
Hi,

I have an Exchange 2013 installation - Version 15.0 ¿(Build 712.24)¿ in a Client's organisation, which was upgraded from 2010 by placing a new Exchange Server and moving the mailboxes. The 2010- Version 14.3 ¿(Build 123.4)¿ - is still active (not got round to taking it out yet as the Client is in a critical phase of project at moment and cannot have possibility of delay/disruption).

We have an ongoing problem that if we add in a send as permission to a mailbox, either from the ECP or via AD advanced permissions, some time later (10mins to 1hr), the permission is gone again.

Any pointers?

Thanks

Nick
0
Comment
Question by:pccorrect
10 Comments
 
LVL 6

Expert Comment

by:LectricX
Comment Utility
I'd say you've got a replications issue, where something thinks it's the boss and is re-applying what it believes should be the case.

Try changing which environment you apply the change on?  Eg:  Use the Exch2010 console to apply the change if you've been trying to use the 2013 one.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
Comment Utility
Primary reason for the permission being removed is the user is a member of a protected group - Domain Admins, Administrators, Power Users etc. If that is the case then the domain will remove the permission automatically.

If you have accounts with those permissions you should be running a dual account model - where the mail enabled account is a regular account and users have a separate admin level account.

Simon.
0
 

Author Comment

by:pccorrect
Comment Utility
Thanks LectricX - I'll give that a go now.

Simon - The user is a standard user, and not a member of any protected groups.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
Were they ever a member of a protected group? Even when removing the group permission the tag in the domain can stick.

Look in ADSIEDIT at the user account. See if the ADMINSDHOLDER value is set to 1. If it is, then that is the problem.

Simon.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:pccorrect
Comment Utility
I've requested that this question be deleted for the following reason:

Too Old
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
"Too Old".
You will need to have a better reason for wanting the question closed than that.

Some valid answers have been provided and you have failed to follow up on them.
1
 

Author Comment

by:pccorrect
Comment Utility
This was an old issue. I asked around and found out that this issue was not resolved and we moved this client to Office365.

What do you want me to do now?
0
 
LVL 18

Expert Comment

by:Peter Hutchison
Comment Utility
You can set permissions permenantly by modifying the security ACL for the AdminDSHolder object in the System container in AD. The changes will replicate to users who are members of protected groups.
0

Featured Post

Want to promote your upcoming event?

Is your company attending an event or exhibiting at a trade show soon? Are you speaking at a conference? Spread the word by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now