XADM: Permissions on Address Book View Are Displayed Incorrectly After You Apply Service Pack 4 (284234)
The information in this article applies to:
- Microsoft Exchange Server 5.5 SP4
This article was previously published under Q284234 SYMPTOMS
After you apply Exchange Server 5.5 Service Pack 4 (SP4), the permissions for Address Book view in the Exchange Server 5.5 Administrator program are displayed incorrectly.
CAUSE
In Exchange Server 5.5, the permissions for the Address Book view naming context are inherited from the site naming context. This design has proved to be impractical for many organizations because the site-level administrators can make a change that affects the whole organization. Reconfiguring the Address Book view can put a stress on the directory services, as discussed in the following Microsoft Knowledge Base article: 251054 XADM: High Dsamain.exe CPU Usage When Populating Address Book Views
A heuristic bit is introduced in a post-Service Pack 3 fix that allows you to block the inheritance of permissions from site level to Address Book view level. The Administrator program has been adjusted with a separate fix to display the new permissions, which depends on the heuristic setting. These fixes are described in the following Microsoft Knowledge Base articles:
248398 XADM: Restricting Permission to Address Book Views
262773 XADM: Permissions Tab on Address Book View Object Should Not Display Inherited Permissions
Based upon Microsoft Product Support Services (PSS) experience and customer requests, SP4 changes the definition of the heuristic bit, as described in the following Microsoft Knowledge Base article:
282184 XADM: Heuristic Changes for Address Book Views in Exchange Server 5.5 Service Pack 4
With SP4 installed, by default, the permissions on the Address Book Views object are not inherited by the site naming context. Additionally, the service account has been given default permissions on the Address Book view. The default service account permissions are effective as long as no other account is specified explicitly on the permission page. This enables you to overwrite the service account permissions on the Address Book view. If the service account and additional accounts need permission, each account must be given permission explicitly on the Address Book view.
The Exchange Server 5.5 SP4 Administrator program does not reflect this, and shows the wrong permissions on the Address Book view.
RESOLUTIONA supported fix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Apply it only to computers that are experiencing this specific problem. This fix may receive additional testing. Therefore, if you are not severely affected by this problem, Microsoft recommends that you wait for the next Microsoft Exchange Server version 5.5 service pack that contains this hotfix. To resolve this problem immediately, contact Microsoft Product Support Services to obtain the fix. For a complete list of Microsoft Product Support Services phone numbers and information about support costs, visit the following Microsoft Web site: NOTE: In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The typical support costs will apply to additional support questions and issues that do not qualify for the specific update in question.
The English version of this fix should have the following file attributes or later:
Component: Administrator Program
STATUSMicrosoft has confirmed that this is a problem in Microsoft Exchange Server version 5.5 SP4.
| Modification Type: | Minor | Last Reviewed: | 10/6/2005 |
|---|
| Keywords: | kbHotfixServer kbQFE kbbug kbExchange550preSP5fix kbfix kbQFE KB284234 |
|---|
|