• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1899
  • Last Modified:

Can't Manage Full Access Permission on Mailbox Exchange 2007

When trying to grant myself full access to a users mailbox I get the following error:

Warning:
The ACL for the object "CN=username,CN=OU,DC=Domain,DC=Domain" is not in canonical order (Deny/Allow/Inherited) and will be ignored.

Exchange Management Shell command completed:
Add-MailboxPermits -Identity  'CN=username,CN=OU,DC=Domain,DC=Domain' -User 'MyUsername' -AccessRights 'FullAccess'

Does anyone know how to resolve this?
0
Shawn
Asked:
Shawn
  • 2
  • 2
1 Solution
 
Joseph DalyCommented:
This looks wrong to me. Are you using the console or shell?

'CN=username,CN=OU,DC=Domain,DC=Domain

Distinguished name should look like below.

CN=George\, Curious,OU=container,OU=Test,DC=domain,DC=com
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
This is probably a permission inheritance issue. Open ADSIEdit, select "default naming context" navigate to the location above and right click select properties and check to ensure that the permissions are inherited from the parent folder.

Will.
0
 
Joseph DalyCommented:
Assuming your distinguished name path above is correct this should be the correct form.

'CN=username,OU=OU,DC=Domain,DC=Domain
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
Read the post to fast, it is due to wrong format CN=username,OU=OUname,DC=domain,DC=com

Will.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now