XADM: ADC Drops Mailbox Owner After Modification of Exchange Server 5.5 Mailbox (325559)
The information in this article applies to:
- Microsoft Exchange 2000 Server SP2
This article was previously published under Q325559 SYMPTOMS After Active Directory Connector (ADC) replication, users
may receive an access denied error message and may be unable to log on to the
Microsoft Exchange Server 5.5 mailbox. If you view the permissions of the
mailbox in the Exchange Server 5.5 Exchange Server Administrator program (after
you view the rights for roles on the Permissions tab), the
mailbox owner right has been removed from the permissions for that account.
CAUSE This problem may occur if all the following conditions
exist:
- A mailbox-enabled user is created with the Microsoft
Exchange Lightweight Directory Access Protocol (LDAP) Management Agent (MA)
instead of using Active Directory Users and Computers.
- The msExchMailboxSecurityDescriptor attribute is not set for the user.
- An Active Directory replication occurs.
- The user object is modified in some way.
- Another Active Directory replication occurs. When this
occurs, the mailbox owner right is removed from the permissions for that
account, and the user cannot log on to the mailbox.
WORKAROUND To work around this problem, use either of the following
methods:
- Set the msExchMailboxSecurityDescriptor attribute on the mailbox-enabled user if you are creating the
user programmatically.
For additional information about how to do this, click the
following article number to view the article in the Microsoft Knowledge Base:
304935HOWTO: Set Exchange 2000 Mailbox Rights at the Time of Mailbox Creation - Wait for the ADC replication to complete two cycles before
you modify the mailbox-enabled user object.
STATUS Microsoft
has confirmed that this is a problem in the Microsoft products that are listed
at the beginning of this article.
| Modification Type: | Major | Last Reviewed: | 10/21/2003 |
|---|
| Keywords: | kbDirectory kbnofix kbprb KB325559 |
|---|
|