Unable to change ACL of system and public folders

Unable to change ACL of system and public folders (Full Version)

All Forums >> [Microsoft Exchange 2003] >> Migration

Message

kd78728 -> Unable to change ACL of system and public folders (6.Oct.2005 1:44:43 PM)
I posted this in the 5.5 forum with no luck yet, so I'm posting here also... I've inherited a highly mis-managed Exchange 5.5 (on NT4) that I am upgrading to Exchange 2003, having major problems with the public folders and the system folders. I've gone through the Exchange 2003 deployment tools without hitch, the new 2003 server is up and running and mailboxes are moved over. I was unable to move the public or system folders, pfmigrate reports zero public and system folders on the source 5.5 server. All 3 of the connectors in the ADC are setup fine, but the Ex2003 even log is full of event ID 9551 - An error occurred while upgrading the ACL on folder.... The apparent problem: I ran the IS/DS consistency check on the 5.5 server and found that the system folders (top level and all its sub-folders) as well as just the top-level public folder (but not any of its sub-folders) are all missing an owner in the ACL. The consistency check seems unable to correct this. I cannot even look at the properties of any of these folders (except the sub-folders of the public folder) to change the ACL, the "properties" option it grayed on on the menu. I have tried this with the admin account as well as all other admin-level accounts with no success, all accounts have service account admin roles at the root level. I can only guess that an admin account was used to install some of this, and was deleted along the way. How do I get back into the ACL of all these folders on the Exchange 5.5 server and get access back? Thanks for your assistance, KD

Potzy -> RE: Unable to change ACL of system and public folders (6.Oct.2005 5:03:47 PM)
When you say the properites option is grey'd out. Are you trying to access the properties page from within the Microsoft Exchange adminstrator console? Or out of Outlook? Can you try logging in as the exchange service and change the ACL? You can find the Exchange service by either going into the properties of the organization and looking at the permissions, look for an account that has Service account admin. Or look at the exchange services and see what account is used to start up those services. Let me know what you find.

kd78728 -> RE: Unable to change ACL of system and public folders (6.Oct.2005 8:12:54 PM)
Hi Potzy, thanks for your reply. I did this using the Exchange Administrator right on the 5.5 box, and I've tried it using several different admin-level accounts, as well as one one used for Exchange's service account. In all cases, the "Properties" option is grayed out for the folders I've mentioned, not allowing me to reach the ACL. Another attempt at pfmigrate today reported the same: zero folders for both PF and SF.

Potzy -> RE: Unable to change ACL of system and public folders (7.Oct.2005 10:27:04 AM)
How many Exchange servers do you have in your organization? From the Exchange 5.5 admin console go down through your site and Exchange 5.5 server. Go into the properties of the public folder information store. On the instances tab, are all of your public folders (not including system folders) located under "Folders in this information store" column? If they are not try moving one over there and see if PFmigrate locates it.

kd78728 -> RE: Unable to change ACL of system and public folders (7.Oct.2005 1:34:52 PM)
There are only 2 Exchange servers physically on the network and showing in the site, the 5.5 and the new 2003. On the old Exchange 5.5 server, looking on the "instances" tab I see almost all of the public folders listed on the right side under "Folders on this IS". There are another bunch on the left side I don't recognize: Default exchangeV1 globalevents (2 copies of this one) internal (2 copies of this one) microsoft Offline Address book /o=.... OWAScratchPAD{hex number....} OWAScratchPAD{another hex number....} schema-root StoreEvents{hex number....} StoreEvents{another hex number....} Test1 Test1 is a test folder I once created halfway during the mailbox migrations. There are also 4 other mysterious folders: EventConfig_AGAMEMNON EventConfig_ATROPOS EventConfig_KRONOS2 EventConfig_TARGET AGAMENON and ATROPOS were Win2000 domain controllers that have long been properly demoted and removed from the network, and replaced with 2 new DCs. KRONOS2 was a test Exchange 5.5 server that long ago was added to the site for test purposes and then removed. I don't know what TARGET is. I added "Test1" to the right side, and after some elapsed time pfmigrate still reports zero folders.

Potzy -> RE: Unable to change ACL of system and public folders (7.Oct.2005 2:35:12 PM)
Can you access these folders from outlook? Can you view the permissions of the folders from outlook? Are there any errors or warnings in the event viewer (application log) on the Exchange server? Are there any error messages on the server running the active directory connector?

kd78728 -> RE: Unable to change ACL of system and public folders (7.Oct.2005 4:39:39 PM)
Yes each individual public folder can be accessed from Outlook, as well as their permissions. However using Exchange Administrator, I cannot access the properties of the top-most "Public Folders" folder underneath "Folders". The "Test1" folder is also accessible from Outlook. None of the other folders I listed before are accessible from Outlook. None of the system folders can be accessed, nor their properties. There are no event viewer errors on either of the servers.

Potzy -> RE: Unable to change ACL of system and public folders (11.Oct.2005 5:14:05 PM)
When you try and access the public folders from within the Exchange System Manager for 2003 do you get an error message? If you are trying to access the properties of the "public folders" and "System Folders" folders under "folders" then they would be Greyed out. I believe that is default. I can't access mine either. But all of the folders Underneath those 2 folders you should be able to get into the properties.

kd78728 -> RE: Unable to change ACL of system and public folders (13.Oct.2005 1:06:22 PM)
Okay so then that makes sense for the top-level folders. I do have access to properties and ACL of all public sub-folders and there's no problem there. I can't get to the ACL of the system sub-folders. My biggest issue is that pfmigrate is not creating replicas on the Exchange2003 server as part of the plan to migrate the folders there and decomission the 5.5 box. Each time pfmigrate reports this on either PF or SF: Analysis of 0 folders with replica on 'KRONOS' completed. 0 folders without replica on 'PVMAIL1'. 0 folders with replicas on both servers. KRONOS is the source 5.5 server, and PVMAIL1 is the target 2003 server.

Potzy -> RE: Unable to change ACL of system and public folders (14.Oct.2005 9:40:29 AM)
When you open up the Exchange System managment tools and go to Administrative group/folders/public folders do you get an error message like...? The requested operation is forbidden. ID no: c1030af1

kd78728 -> RE: Unable to change ACL of system and public folders (14.Oct.2005 3:24:11 PM)
On the new 2003 server using the 2003 Exchange System Manager, I go to Administratove Groups, [group name], Folders, Public Folders. No error messages come up, but, there is nothing listed, my folders are missing. Then I look at its properties, general tab, and listed there under "Public stores associated to the folder tree" are the new 2003 server, the old 5.5 server, and a new 5.5 server I setup a few days ago just to test folder replication between the 5.5 servers (which seems to be working). On the old 5.5 server using the Exchange 5.5 Administrator, from the root I go to Folders, Public Folders, then I see all of my public folders and no error message. Then I go from the root to [site name], [5.5 server], Public Folder Resources, and I seeall of my public folders again.

RobCash -> RE: Unable to change ACL of system and public folders (13.Jan.2006 6:53:41 PM)
I am getting the error you were talking about. I'm in the same situation, admin that didn't have a clue, got fired, and now I'm cleaning up the mess. They went from 5.5 to 2003 on this box, and I've just installed a new Exchange cluster, and am getting ready to wipe exchange off of the DC... =( The problem is, I can't get the System folders, or public folders to replicated. When I click them in Exchange System Manager, I get an error when I click the Folder Properties. First I got 80090325, then I started getting C1030af1, and I just got 88090308. Anyone have any ideas? Thanks in advance.

Page: [1]