Answered by:
Exchange 2000/2003 Delegate Permissions

Question
-
Hi,
I have an exchange organisation with 2x Exchange 2000 and
2x Exchange 2003 servers. I am trying to use the Delegate Control Wizard to
give a security group Exchange View Only rights.It works ok for the Exchange 2003 servers.
For the Exchange 2000 servers, the permissions propagate
down to the server level but not the Mailbox Store Level. On each of the
Mailbox Stores the Allow inheritable permissions from parent to propagate to
this object is ticked.Is there another step I am missing on the 2000 servers?
Monday, February 13, 2012 11:42 AM
Answers
-
OK, I have not attempted this before, least of all in relation to an exchange 2000 box. Via adsiedit please can you review the permissions currently set for CN=InformationStore & verify that these flow down on to CN=My Storage Group?
If required please add suitable permissions for the group you wish to have view only capability.
Regards
- Proposed as answer by AllBarOne Friday, February 17, 2012 5:51 PM
- Marked as answer by Terence Yu Monday, March 5, 2012 3:08 AM
Tuesday, February 14, 2012 4:34 PM
All replies
-
Hello,
Please attempt to use the exchange 2000 delegation wizard on one of the exchange 2000 servers, as described here....
http://support.microsoft.com/kb/289811
Kind Regards
Monday, February 13, 2012 4:17 PM -
Hi,
I managed to get the permissions sorted on one of the 2000 boxes by unticking the Allow
inheritable permissions and then re checking it, but it does not work on the
other 2000 server.I have tried your suggestion on the server that still is a problem, but it as before
it does not change the permissions on the mailbox store.I have tried to apply permissions explicitly on the mailbox
store, however I am unable to see the mailbox store in AD when creating user
accounts still, I have tried giving full access and I still have the same
problem.Cheers.
Tuesday, February 14, 2012 10:09 AM -
Hi,
If you feel comfortable using adsiedit.msc please check the following path in the active directory "configuration partition"...
CN=Services,CN=Microsoft Exchange,CN=Name of your Exchange organisation,CN=Administrative Groups,CN=First Administrative Group,CN=Servers.
Does the problem 2000 server appear in the list of exchange servers found here?
Regards
Tuesday, February 14, 2012 11:13 AM -
Hi,
I have checked ADSI Edit and the server is there,
also the mailbox stores are in CN=InformationStore,CN=My Storage Group,
Cheers.
Tuesday, February 14, 2012 11:35 AM -
OK, I have not attempted this before, least of all in relation to an exchange 2000 box. Via adsiedit please can you review the permissions currently set for CN=InformationStore & verify that these flow down on to CN=My Storage Group?
If required please add suitable permissions for the group you wish to have view only capability.
Regards
- Proposed as answer by AllBarOne Friday, February 17, 2012 5:51 PM
- Marked as answer by Terence Yu Monday, March 5, 2012 3:08 AM
Tuesday, February 14, 2012 4:34 PM -
Hi
This link will be helpful to you.
Working with Store Permissions in Microsoft Exchange 2000 Server and Exchange Server 2003
PS: exchange 2000 is not supported by MS now.Terence Yu
TechNet Community Support
Wednesday, February 15, 2012 1:08 AM -
Hi,
Looking at the permissions in ADSI edit the Storage Groups where not inheriting permissions.
Thanks for your help with this.
Friday, February 17, 2012 9:10 AM -
Hi
Good to know we got there.
All the best.
Friday, February 17, 2012 5:52 PM