Re: Disabling "In-coming email" on a list
- From: "C Kelley" <na@xxxxxx>
- Date: Fri, 14 Sep 2007 10:34:06 -0500
Ok I have the audit info below. The first two events are on creation of the
email object, and the last one is the failure event when trying to delete
the same object. It's saying the access it needs is "Delete Tree" but again
the WSSAdmin has full write access to the OU=WSS so I'm not sure what more
access I can give. Hope this helps.
++++++++++++++++++++++++++
Success on creating email address zzz
++++++++++++++++++++++++++
Event Type: Success Audit
Event Source: Security
Event Category: Directory Service Access
Event ID: 566
Date: 9/14/2007
Time: 10:20:35 AM
User: DOMAIN\WSSAdmin
Computer: DC-SRV1
Description:
Object Operation:
Object Server: DS
Operation Type: Object Access
Object Type: organizationalUnit
Object Name: OU=WSS,DC=domain,DC=local
Handle ID: -
Primary User Name: DC-SRV1$
Primary Domain: DOMAIN
Primary Logon ID: (0x0,0x3E7)
Client User Name: WSSAdmin
Client Domain: DOMAIN
Client Logon ID: (0x0,0x5A63310)
Accesses: Create Child
Properties:
Create Child
contact
Additional Info: CN=zzz,OU=WSS,DC=domain,DC=local
Additional Info2: CN=zzz,OU=WSS,DC=domain,DC=local
Access Mask: 0x1
Event Type: Success Audit
Event Source: Security
Event Category: Directory Service Access
Event ID: 566
Date: 9/14/2007
Time: 10:20:38 AM
User: NT AUTHORITY\SYSTEM
Computer: DC-SRV1
Description:
Object Operation:
Object Server: DS
Operation Type: Object Access
Object Type: contact
Object Name: CN=zzz,OU=WSS,DC=domain,DC=local
Handle ID: -
Primary User Name: DC-SRV1$
Primary Domain: DOMAIN
Primary Logon ID: (0x0,0x3E7)
Client User Name: DC-SRV1$
Client Domain: DOMAIN
Client Logon ID: (0x0,0x5A32D09)
Accesses: Write Property
Properties:
Write Property
contact
Public Information
showInAddressBook
textEncodedORAddress
proxyAddresses
msExchPoliciesIncluded
legacyExchangeDN
msExchALObjectVersion
Additional Info:
Additional Info2:
Access Mask: 0x20
++++++++++++++++++++++++++
Failure on delete email address zzz
++++++++++++++++++++++++++
Event Type: Failure Audit
Event Source: Security
Event Category: Directory Service Access
Event ID: 566
Date: 9/14/2007
Time: 10:21:46 AM
User: DOMAIN\WSSAdmin
Computer: DC-SRV1
Description:
Object Operation:
Object Server: DS
Operation Type: Object Access
Object Type: contact
Object Name: CN=zzz,OU=WSS,DC=domain,DC=local
Handle ID: -
Primary User Name: DC-SRV1$
Primary Domain: DOMAIN
Primary Logon ID: (0x0,0x3E7)
Client User Name: WSSAdmin
Client Domain: DOMAIN
Client Logon ID: (0x0,0x5A66833)
Accesses: Delete Tree
Properties:
---
contact
Additional Info:
Additional Info2:
Access Mask: 0x40
"Wei Lu [MSFT]" <weilu@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:Sex7gmp9HHA.360@xxxxxxxxxxxxxxxxxxxxxxxxx
Hello Kelley,
I would like to suggest you follow this KB to audit which account the WSS
use to manage the OU.
http://support.microsoft.com/?id=814595
Sincerely,
Wei Lu
Microsoft Online Community Support
==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================
This posting is provided "AS IS" with no warranties, and confers no
rights.
.
- Follow-Ups:
- Re: Disabling "In-coming email" on a list
- From: Wei Lu [MSFT]
- Re: Disabling "In-coming email" on a list
- References:
- Re: Disabling "In-coming email" on a list
- From: C Kelley
- Re: Disabling "In-coming email" on a list
- From: Wei Lu [MSFT]
- Re: Disabling "In-coming email" on a list
- From: C Kelley
- Re: Disabling "In-coming email" on a list
- From: Wei Lu [MSFT]
- Re: Disabling "In-coming email" on a list
- From: C Kelley
- Re: Disabling "In-coming email" on a list
- From: Wei Lu [MSFT]
- Re: Disabling "In-coming email" on a list
- Prev by Date: Change to AD Creation mode?
- Next by Date: RE: Ever growing OWSTIMER.EXE
- Previous by thread: Re: Disabling "In-coming email" on a list
- Next by thread: Re: Disabling "In-coming email" on a list
- Index(es):
Relevant Pages
|
