AD Account Security Settings Not Holding
Posted on 2015-02-02
I've uncovered a weird situation where I have a couple accounts that are not maintaining their security settings. Specifically, I have accounts that I need to allow user1 to 'Send As' (via Exchange 2010). So, I go into the account with in ADUC and make sure that the 'Include inheritable permissions from the object's parent' is checked. In this case, it is not, so I check it and hit 'Apply'. Then, within Exchange EMC, I go into 'Manage Send As Permissions and add the existing user. All seems fine. Then, within a matter of minutes, the user no longer has any rights to the mailbox and the 'Include Inheritable...' check box is cleared. It really acts like someone else has the same account open within AD and is saving changes after I do, thus overwriting them. I know that is not happening. But I am wondering if there is something that I should be looking for on my DCs that may suggest a problem Are there Event Viewer logs or Replmon logs that I need to look at? I've gone through the logs, but am not finding anything obvious. I have a native 2008 functionality level.
I appreciate any assistance.