XADM: Cannot Modify Security Properties in Exchange System Manager After You Use ExOLEDB (812853)
The information in this article applies to:
- Microsoft Exchange 2000 Enterprise Server
- Microsoft Exchange 2000 Server
SYMPTOMS When you next try to modify security permissions by using
the Exchange System manager utility after you modify the Extensible Markup
Language (XML) security descriptor of a public folder by using the Exchange
Object Linking and Embedding (OLE) Database (DB) Provider (ExOLEDB), you may
not be able to do so, and you may receive an "Access denied" error message.
CAUSEThis issue may occur if you do not specify the use of
"Admin" credentials when you log on to the Exchange private or public store by
using the ExOLEDB provider. When you do not specify the use of
"Admin" privileges, the following attributes are missing for each user who is
specified in the Access Control Entries (ACEs) that you create, causing
Exchange System Manager to be unsuccessful when it next tries to open the
security properties of that object: NT4_COMPATIBLE_NAME AD_OBJECT_GUID DISPLAY_NAME This occurs because the OPENSTORE_USE_ADMIN_PRIVILEGE flag is not
passed by ExOLEDB during the logon process if you do not specify the use of
"Admin" in the logon process. RESOLUTIONTo resolve this issue, when you modify the Access Control
List (ACL) entries of a public folder by using the ExOLEDB provider, open the
item by using administrative credentials. To do this, implicitly pass the
OPENSTORE_USE_ADMIN_PRIVILEGE flag by adding "admin" to the Uniform Resource
Locator (URL) that you use to access the object properties. For example, use
one of the following paths, specifying the admin credential in each:
- file://./backofficestorage/admin/mydomain.com/public
folders/foldername
- http://servername/exadmin/admin/mydomain.com/public
folders/foldername
Modification Type: | Minor | Last Reviewed: | 6/13/2003 |
---|
Keywords: | kbprb KB812853 |
---|
|