Re: Active Directory security settings disappearing

• Previous message: Marc Scheuner: "Re: Novell NDS- Edirectory to AD conversion"
• In reply to: Joe \(thrillerIT\): "Re: Active Directory security settings disappearing"
• Next in thread: Joe Richards [MVP]: "Re: Active Directory security settings disappearing"
• Messages sorted by: [ date ] [ thread ]

Date: Fri, 16 Jul 2004 08:37:51 +0100

Did you check this article

http://support.microsoft.com/default.aspx?scid=kb;en-us;817433

noting that the group membership can be nested? We have seen permission
resets
on users who have previously been members of protected groups, the ldifde
query in the article should find them.

Lee Flight

"Joe (thrillerIT)" <anonymous@discussions.microsoft.com> wrote in message
news:2dc9f01c46aaf$48d6e340$a401280a@phx.gbl...
> Joe,
>
> Thanks for the respond. None of the AD accounts belong to
> the groups mentioned in the article. Any more suggestions?
> (All suggestions and ideas are GREATLY appreciated)
>
> Thanks in advance,
>
> Joe (thrillerIT)
>
>
>
>>-----Original Message-----
>>Do a google search for AdminSDHolder.
>>
>> joe
>>
>>--
>>Joe Richards Microsoft MVP Windows Server Directory
> Services
>>www.joeware.net
>>
>>
>>
>>Joe (thrillerIT) wrote:
>>> Hello Everyone:
>>>
>>> During these last couple of days, we have been
>>> experiencing issues with certain security settings
> within
>>> AD.
>>>
>>> Issue:
>>> I go to "Person A's" profile in the ADUC snap-in and
>>> add "Person B" with certain permissions within "Person
>>> A's" security tab. I wait about 40min - 2hrs
> and "Person
>>> B" and the permission applied are gone. It seems as if
>>> somehow the permissions are reverting during
> replication.
>>>
>>> Troubleshooting steps taken:
>>> 1) We re-added the "Person B" with appropriate
> permissions
>>> from 4 different domain controllers on 4 different
>>> occasions. They were all reverted back to its original
>>> state after 2 hours.
>>> 2) Modified "Person C's" profile and added "Person D"
> with
>>> certain permissions within "Person C's" security tab.
>>> After 2 hours the security permissions were STILL
> there.
>>> It did not revert.
>>>
>>> It seems that the issue FOR NOW is isolated to one
>>> particular user. Unfortunately, recreating "Person A's"
>>> account is NOT an option. Has anyone ever experienced
> this
>>> type of behavior in AD? Any possible ideas or
> suggestions
>>> to resolve this issue would be greatly appreciated?
>>>
>>> Please Note: The security permission being added
>>> to "Person B" under "Person A's" AD account are the
> SAVE
>>> AS and RECIEVE AS for Exchange 2003.
>>>
>>> Thanks in advance,
>>>
>>> Joe (thrillerIT)
>>.
>>

• Previous message: Marc Scheuner: "Re: Novell NDS- Edirectory to AD conversion"
• In reply to: Joe \(thrillerIT\): "Re: Active Directory security settings disappearing"
• Next in thread: Joe Richards [MVP]: "Re: Active Directory security settings disappearing"
• Messages sorted by: [ date ] [ thread ]