Microsoft KB Archive/823017

From BetaArchive Wiki
Knowledge Base


Article ID: 823017

Article Last Modified on 10/25/2007


APPLIES TO

  • Microsoft Exchange Server 2003 Standard Edition
  • Microsoft Exchange Server 2003 Enterprise Edition



Important This article contains information about how to modify the registry. Make sure to back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows registry


SYMPTOMS

When you try to mount a public folder store by using the Exchange Server 2003 version of Exchange System Manager, you may receive both of the following error messages:

The store could not be mounted because the Active Directory information was not replicated yet. You can either: -press Cancel and mount store later from its context menu or, -press Retry to let Exchange System Manager keep trying to mount store for you.

The Microsoft Exchange Information Store service could not find the specified object. ID no:c1041722

Additionally, the following event is logged in the application event log: Event Type: Error
Event Source: MSExchangeIS
Event Category: General
Event ID: 9519
Date: 8/30/2000
Time: 9:17:35 AM
User: N/A
Computer: Server
Description: Error 0x80004010f starting database "First Storage Group\%GUID% (Server)" on the Microsoft Exchange Information Store.


CAUSE

This issue may occur if the public folder permissions for the Everyone group are set to Deny at the root of the public folder hierarchy in Exchange System Manager.

RESOLUTION

To resolve this issue, use either of the following methods.

  • === Method 1 ===

    By default, Exchange System Manager does not display the Security tab when you view the properties of the Organizational object. To view the Security tab and then modify permissions, you have to edit the registry.

    Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.

    1. To make the Security tab visible in Exchange System Manager, follow these steps:
      1. Click Start, click Run, type regedit32.exe in the Open box, and then click OK to start Registry Editor.
      2. Locate the following registry key:

        HKEY_CURRENT_USER\Software\Microsoft\Exchange\EXAdmin

      3. On the Edit menu, click Add Value, and then add the following registry value:

        Value Name: ShowSecurityPage
        Data Type: REG_DWORD
        Radix: Binary
        Data: 1

      4. Quit Registry Editor.
    2. Start Exchange System Manager, and then on the Security tab, modify permissions. To do this, follow these steps:
      1. Click Start, point to Programs, point to Microsoft Exchange, and then click System Manager.
      2. Expand ServerName, expand StorageGroupName, right-click Public Folder Store, and then click Properties.
      3. Click the Security tab, and then in the Name box, click Everyone.
      4. In the Permissions box, click to clear all Deny check boxes that are selected.
      5. Click OK.
      6. Right-click the public folder store, and then click Mount store.
  • === Method 2 ===

    Use the Dsacls tool that is included in Windows Support Tools to determine how the permissions are configured, and then remove the assigned Deny permission. To do this, follow these steps:

    1. Click Start, click Run, type cmd, and then click OK.
    2. Type the following command, and then press ENTER:

      DSACLS "CN=Public Folders,CN=Folder Hierarchies,CN=Administrative_Group_Name,CN=Administrative Groups,CN=ORGANIZATION_Name,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=Root_DOMAIN" >c:\PfPerms.txt

      Note In this command, replace CN=ORGANIZATION_Name with the name of the Exchange organization, replace Administrative_Group_Name with the name of the administrative group where the public folder tree is located, and replace Root_DOMAIN with your forest root domain (dc=microsoft,dc=com). Finally, replace C:\PerfPerms.txt with an appropriate name and location.
    3. This command produces an output file that lists the accounts that have been set to Deny. You must open the C:\PfPerms.txt output file and determine whether the Everyone access control list (ACL) has been set to Deny. To do this, right-click the output file, click Open With, and then click WordPad.
    4. Locate "DENY EVERYONE" in the text file.
    5. After you locate the DENY EVERYONE permissions, follow these steps to remove them:
      1. Click Start, click Run, type cmd, and then click OK.
      2. Type the following command, and then press ENTER:

        DSACLS "CN=Public Folders,CN=Folder Hierarchies,CN=Administrative_Group_Name,CN=Administrative Groups,CN=ORGANIZATION_Name,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=Root_DOMAIN" /I:T /R EVERYONE


MORE INFORMATION

For more information about the Dsacls tool, click the following article number to view the article in the Microsoft Knowledge Base:

281146 How to use Dsacls.exe in Windows 2000



Additional query words: XADM

Keywords: kbprb KB823017



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/823017&oldid=333339
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki