Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. XADM: Cannot Modify Security Properties in Exchange System Manager After You Use ExOLEDB

XADM: Cannot Modify Security Properties in Exchange System Manager After You Use ExOLEDB

View products that this article applies to.

Symptoms

When you next try to modify security permissions by using the Exchange System manager utility after you modify the Extensible Markup Language (XML) security descriptor of a public folder by using the Exchange Object Linking and Embedding (OLE) Database (DB) Provider (ExOLEDB), you may not be able to do so, and you may receive an "Access denied" error message.

↑ Back to the top

Cause

This issue may occur if you do not specify the use of "Admin" credentials when you log on to the Exchange private or public store by using the ExOLEDB provider.

When you do not specify the use of "Admin" privileges, the following attributes are missing for each user who is specified in the Access Control Entries (ACEs) that you create, causing Exchange System Manager to be unsuccessful when it next tries to open the security properties of that object:
NT4_COMPATIBLE_NAME
AD_OBJECT_GUID
DISPLAY_NAME
This occurs because the OPENSTORE_USE_ADMIN_PRIVILEGE flag is not passed by ExOLEDB during the logon process if you do not specify the use of "Admin" in the logon process.

↑ Back to the top

Resolution

To resolve this issue, when you modify the Access Control List (ACL) entries of a public folder by using the ExOLEDB provider, open the item by using administrative credentials. To do this, implicitly pass the OPENSTORE_USE_ADMIN_PRIVILEGE flag by adding "admin" to the Uniform Resource Locator (URL) that you use to access the object properties. For example, use one of the following paths, specifying the admin credential in each:
  • file://./backofficestorage/admin/mydomain.com/public folders/foldername
  • http://servername/exadmin/admin/mydomain.com/public folders/foldername

↑ Back to the top

More information

For additional information about the Microsoft Exchange OLE DB provider, visit the following Microsoft Exchange OLE DB provider Web site:
http://msdn2.microsoft.com/en-us/library/ms985513.aspx
For additional information about file URL namespace, visit the following Microsoft File URL Namespace Web site:
http://msdn2.microsoft.com/en-us/library/aa123943.aspx
For additional information about the Exchange 2000 Server Software Development Kit (SDK), visit the following Microsoft Exchange Server Web site:
http://msdn2.microsoft.com/en-us/library/ms879504.aspx

↑ Back to the top

Keywords: KB812853, kbprb

↑ Back to the top

Article Info
Article ID : 812853
Revision : 4
Created on : 2/28/2007
Published on : 2/28/2007
Exists online : False
Views : 330