Re: Cannot remove ACE on object



On Thu, 30 Oct 2008 06:25:25 -0400, Andy David {MVP}
<adavid@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

On Wed, 29 Oct 2008 22:32:55 -0700, "Fraser Shortt" <fshortt@xxxxxxx>
wrote:

Hi James,

Thanks for the quick response.

Yes, I am seeing the deleted user's SID when I click on the existing user's
mailbox then click on manage full access permissions on the right.

Any ideas how to remove this?

Via ADUC

I think thats a bug. I seem to recall this issue.



Thanks in advance,
Fraser


"Jamestechman" <jamestechman@xxxxxxxxx> wrote in message
news:7b9e4ebe-90e2-4e95-b36e-dbd00943b94b@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Are you actually seeing this user SID in the user's mailbox in EMC?
Highlight the mailbox; manage full access permission on right pane? If
not; sounds like you're running into:

Accepting or denying a meeting request causes a "5.1.1" non-delivery
report in Exchange Server
http://support.microsoft.com/kb/312433



James Chong (MVP)
MCITP | EMA; MCSE | M+, S+,
Security+, Project+, ITIL
msexchangetips.blogspot.com

On Oct 29, 11:22 am, "Fraser Shortt" <fsho...@xxxxxxx> wrote:
Hi everyone,

I'm trying to remove Full Access rights for a deleted AD user from an
existing user's mailbox... Exchange 2007 SP1. When I try to do so, I
receive the following error message:

---------------------------------------------------------------
Summary: 1 item(s). 0 succeeded, 1 failed.
Elapsed time: 00:00:00

SID-BLAH-BLAH-BLAH-BLAH
Failed

Error:
Cannot remove ACE on object
"CN=XXX,OU=XXX,OU=XXX,OU=XXX,DC=XXX,DC=XXX,DC=XXX" for account
"SID-BLAH-BLAH-BLAH-BLAH" because it is not present.

Exchange Management Shell command attempted:
Remove-MailboxPermission -Identity
'CN=XXX,OU=XXX,OU=XXX,OU=XXX,DC=XXX,DC=XXX,DC=XXX' -User
'SID-BLAH-BLAH-BLAH-BLAH' -InheritanceType 'All' -AccessRights
'FullAccess'

Elapsed Time: 00:00:00
---------------------------------------------------------------

It's really causing headaches for users sending emails to or creating
appointments for the existing user. They continually receive bounce back
messages... an example of this:

---------------------------------------------------------------
Your message did not reach some or all of the intended recipients.

Subject: XXX
Sent: XXX

The following recipient(s) cannot be reached:

IMCEAEX-_O=XXX+2E+20XXX_OU=XXX_cn=Recipients_cn=...@xxxxxxx on
10/28/2008 7:46 AM
The e-mail account does not exist at the organization this
message was sent to. Check the e-mail address, or contact the recipient
directly to find out the correct address.
<XXX.XXX.XXX.com #5.1.1 smtp;550 5.1.1
RESOLVER.ADR.ExRecipNotFound; not found>
---------------------------------------------------------------

Any ideas how I can remove the old user?

Thanks in advance,
Fraser

.



Relevant Pages

  • Re: Cannot remove ACE on object
    ... mailbox then click on manage full access permissions on the right. ... Are you actually seeing this user SID in the user's mailbox in EMC? ... Exchange 2007 SP1. ...
    (microsoft.public.exchange.admin)
  • Re: Cannot remove ACE on object
    ... mailbox then click on manage full access permissions on the right. ... Are you actually seeing this user SID in the user's mailbox in EMC? ... Exchange 2007 SP1. ...
    (microsoft.public.exchange.admin)
  • Re: reconnect to mailbox after Disabling user?
    ... The reason that it works is that Exchange DB is defragging and doing its ... management and it recaches the SID number of the user, but what I want is it ... >>I was wondering if there is a easier way then to recycle the Exchange ... >>Services to renable a mailbox after a users mailbox has been disabled for ...
    (microsoft.public.exchange2000.admin)
  • Re: reconnect to mailbox after Disabling user?
    ... The reason that it works is that Exchange DB is defragging and doing its ... management and it recaches the SID number of the user, but what I want is it ... >>I was wondering if there is a easier way then to recycle the Exchange ... >>Services to renable a mailbox after a users mailbox has been disabled for ...
    (microsoft.public.exchange.connectivity)
  • Re: reconnect to mailbox after Disabling user?
    ... The reason that it works is that Exchange DB is defragging and doing its ... management and it recaches the SID number of the user, but what I want is it ... >>I was wondering if there is a easier way then to recycle the Exchange ... >>Services to renable a mailbox after a users mailbox has been disabled for ...
    (microsoft.public.exchange.admin)