Microsoft KB Archive/328229

= HOW TO: Add Minimum Permissions Required for Mailbox Stores and Public Folder Stores =

Article ID: 328229

Article Last Modified on 10/25/2007

-

APPLIES TO


 * Microsoft Exchange Server 2003 Enterprise Edition
 * Microsoft Exchange Server 2003 Standard Edition
 * Microsoft Exchange 2000 Server Standard Edition

-



This article was previously published under Q328229



IN THIS TASK

 * SUMMARY
 * Maintain Minimum Permissions for Mailbox Stores and Public Folder Stores
 * Add Minimum Required Permissions
 * REFERENCES



SUMMARY
The mailbox store is the part of information store that maintains information in user mailboxes. A mailbox is where e-mail is delivered. The public folder store is the part of information store that maintains information in public folders. A public folder is a folder that co-workers can use to share a wide-range of information, such as project information or discussions about a general subject. This article describes how to add minimum permissions that are required for mailbox stores and public folder stores.

back to the top

Maintain Minimum Permissions for Mailbox Stores and Public Folder Stores
If you modify the default permissions on mailbox stores and public folder stores in Exchange 2000 Server or in Exchange Server 2003, make sure that you maintain the following minimum permissions:
 * Administrators group: Full Control
 * Authenticated Users group: Read and Execute, List Folder Contents, and Read
 * Creator Owner: None
 * Server Operators group: Modify, Read and Execute, List Folder Contents, Read, and Write
 * System account: Full Control

You might have problems mounting the mailbox stores or public folder stores if you do not maintain these permissions for these groups and accounts. The following messages and events indicate this type of problem:
 * &quot;An internal processing error has occurred. Try restarting the Exchange System Manager or the Microsoft Exchange Information Store service, or both.&quot;
 * &quot;MAPI or an unspecified service provider. ID no: 00000476-0000-00000000.&quot;
 * Information Store (2520) An attempt to determine the minimum I/O block size for the volume &quot;[drive:\]&quot; containing &quot;[drive:\]Exchsrvr\Mdbdata\&quot; failed with system error 5 (0x00000005): &quot;Access is denied.&quot; The operation will fail with error-1032 (0xfffffbf8).
 * &quot;Error 0xfffffbf8 starting Storage Group [dn of storage group] on the Microsoft Exchange Information Store.&quot;
 * &quot;The MAPI call 'OpenMsgStore' failed with the following error: The Microsoft Exchange Server computer is not available. Either there are network problems or the Microsoft Exchange Server computer is down for maintenance. The MAPI provider failed. Microsoft Exchange Server Information Store ID no: 8004011d-0526-00000000.&quot;

back to the top

Add Minimum Required Permissions
You may also have problems when you mount public folder stores if you have turned off the Allow inheritable permissions from parent to propagate to this object option for the public folder hierarchy. The following messages indicate this type of problem:
 * &quot;The store could not be mounted because the Active Directory information was not replicated yet.&quot;
 * &quot;The Microsoft Exchange Information Store service could not find the specified object. ID no: c1041722&quot;

To resolve this issue, add the required permissions again:
 * 1) Right-click the public folder MAPI tree, and then click Properties.
 * 2) On the Security tab, click to select the Allow inheritable permissions from parent to propagate to this object check box.

After you complete this procedure, wait for Microsoft Active Directory directory services to replicate the change to all of the domain controllers. After the change has been replicated, you can remount the store.

back to the top

