Microsoft KB Archive/277902

From BetaArchive Wiki
Knowledge Base


XADM: The Recipient Update Service Writes a Non-Canonical Security Descriptor to the Group

Article ID: 277902

Article Last Modified on 2/20/2007


APPLIES TO

  • Microsoft Exchange 2000 Server Standard Edition


This article was previously published under Q277902


SYMPTOMS

If Exchange Server 5.5 is running on a Microsoft Windows NT Server 4.0-based computer, Exchange Server 5.5 does not replicate groups with membership hidden in Active Directory. The Exchange Server 5.5 version of the Exchange Server Administrator program also cannot display these objects.

CAUSE

This problem can occur because for groups with membership hidden in Active Directory, the Recipient Update Service writes a non-canonical security descriptor to the group.

When the Exchange 2000 Active Directory Connector (ADC) is used, the change is replicated to Exchange Server 5.5, but when the Exchange 5.5 security descriptor is created, an ACCESS_ALLOWED_OBJECT_ACE type Access Control Entry (ACE) is created, which is only supported on Microsoft Windows 2000 Server and later. This causes problems when displaying the object on Exchange Server 5.5 computers because the Exchange Server 5.5 version of the Exchange Server Administrator program cannot process this type of security descriptor. If Exchange Server 5.5 is running on a Windows NT Server 4.0-based computer, replication of any naming context halts with an object that contains this kind of ACE.

RESOLUTION

To resolve this problem, obtain the latest service pack for Microsoft Exchange 2000 Server. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

301378 XGEN: How to Obtain the Latest Exchange 2000 Server Service Pack


The English version of this fix should have the following file attributes or later:

Component: ADC

File name Version
Adc.exe 6.0.4418.18


STATUS

Microsoft has confirmed that this is a problem in Microsoft Exchange 2000 Server. This problem was first corrected in Microsoft Exchange 2000 Server Service Pack 1.


Additional query words: Replication security descriptor DL membership RUS

Keywords: kbbug kbfix kbqfe KB277902



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/277902&oldid=152238
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki