public folders ACL
Chuck Maurice
it in the "recover deleted items" in Outlook (the retention date was set to
30 days). But when trying to recover it (we tried with all users, including
admin, which is the owner of the top level folder), we see the message
"Outlook was unable to recover some or all of the items in this folder.
Make sure you have the required permissions to recover items in this folder,
and try again. If the problem persists, contact your administrator."
There is no backup, as the server has been newly uinstalled, I suspect this
is related to the default age limit (30 days), but I am not sure... Anyway,
I enabled diagnostics logging in exchange, on the msexchangeis - public
folder service... i can see these events in the application log when i try
to recover the folder (all are event id 1030):
first:
Admini...@ourdomain.local failed an operation on folder
/O=OURDOMAIN/OU=FIRST ADMINISTRATIVE
GROUP/CN=RECIPIENTS/CN=_O=OURDOMAIN_CN=ADDRLISTS_CN=06AF981E4A4CB04CC98EC285
38E44935000008 on database "First Storage Group\Public Folder Store
(OURSRVNAME)" because the user did not have the following access rights:
'Delete' 'Read Property' 'Write Property' 'Create Message' 'View Item'
'Create Subfolder' 'Write Security Descriptor' 'Write Owner' 'Read Security
Descriptor' 'Contact'
second:
Admini...@ourdomain.local failed an operation on folder
/O=OURDOMAIN/OU=FIRST ADMINISTRATIVE GROUP/CN=RECIPIENTS/CN=OAB VERSION
2631828124155811DC9710399B23B9AFF002720 on database "First Storage
Group\Public Folder Store (OURSRVNAME)" because the user did not have the
following access rights:
'Delete' 'Read Property' 'Write Property' 'Create Message' 'View Item'
'Create Subfolder' 'Write Security Descriptor' 'Write Owner' 'Read Security
Descriptor' 'Contact'
third:
Admini...@ourdomain.local failed an operation on folder
/O=OURDOMAIN/OU=FIRST ADMINISTRATIVE GROUP/CN=RECIPIENTS/CN=OAB VERSION
3A631828124155811DC9710399B23B9AFF002721 on database "First Storage
Group\Public Folder Store (OURSRVNAME)" because the user did not have the
following access rights:
'Delete' 'Read Property' 'Write Property' 'Create Message' 'View Item'
'Create Subfolder' 'Write Security Descriptor' 'Write Owner' 'Read Security
Descriptor' 'Contact'
So it looks to be some permissions on the public folders, public folder
store, or whatever... So how can I reset the permissions to default one?
Even if I have to do it manually, it shouldn't be a problem, as we are only
8 users...
By the way, I have quite the same error messages (but now event id 1235)
when I try to create a distribution group with an associated mail-enabled
public folder... I mean the wizard stops after a few minutes with an error
message, telling me that the exchange public folder could not be created.
But the public folder is there, but is not mail enabled!!!
This is the event message:
Admini...@ourdomain.local failed an operation on folder on database
"First Storage Group\Public Folder Store (OURSRVNAME)" because the user did
not have the following access rights:
'Delete' 'Read Property' 'Write Property' 'Create Message' 'View Item'
'Create Subfolder' 'Write Security Descriptor' 'Write Owner' 'Read Security
Descriptor' 'Contact'
Any idea?
Krogsgaard
I know this is a bit late to respond to you problem, anyway I have the excact same problem on my server.
This problem is probably because from the time you deleted the public folder and to the time you try to recover the folder, your antivirus signature was updated, MS has confirmed this to be a bug in exchange 2003 but there is NO KB article on this.
Exchange product team has decided that this is too large a design change for a hotfix and even to large for a service pack, so there will be no fix.
If any MS guys are reading this, you can read Bug article #243030.
Anyway, you can recover it from OWA, since this is only a problem with MAPI.
Log on to owa as the user who deleted the folder: http://<nameofserver>/public/<path to the folder above the deleted one>/?cmd=showdeleted
You have to type in the path since there is no "recover deleted items" button when loggin on to public folders through OWA.
/Krogsgaard