Forum Discussion

KimengIt's avatar
KimengIt
Level 4
14 years ago
Solved

EV archive explorer permission issue

Hi,

I have Exchange 2010, and EV 9 installed on Windows 2008 R2.  User B's archive box was assigned the read permission to user A, when I removed the read premission for user A, suppost that User A cannot read the B's archive box anymore. I did refresh the archive explorer, run the provisioning task, reassign the premission for B's archive box. But User A still able to read the User B's archive box in archive explorer. Is there anyone can help? Thanks

  • I found the reason. Due to User B's exchange emailbox granted the read permission to User A, so User A can use the archive explorer read User B's archive. It's just limited to shared folder, not all of the archive folder. Just remove the read permission on User B's exchange emailbox and everything return normal. Thanks

  • Actually it's the synchronization and archiving task that will take across the permissions Try going to the properties of the archiving task and go to the synchronization tab, check folder hierarchy and permissions and then synch the user you removed the permissions from After that load up AE and then right click the folder list on the left and hit refresh, do not press the I'd refresh button or hit f5, has to be right click then refresh If that fails then you may need to wait a while as permissions get cached on the server for up to 24 hours
  • Thanks for reply.

    Althought, I run the synchronization with hierarchy and permissions for both Users and right click refresh in User A's AE, user A still can access User B's Archive box.

    Maybe I need to wait for 24 hours,

  • After 24 hours, user A still can access User B's Archive box. Do you have any idea ?Thanks

  • How is User A getting permission to User B's archive?  Are the permission granted in Exchange or directly to the archive?

    You could check the Deny box for User A on Users B's archive.  A manually selected Deny will override the Grant for the permission.

  • The permission granted to User A was in EV console. Currently, User B's archive only contain User B itself full permission. If I manually selected Deny for User A, then User A is unable to read the archive. Just wonder why User B's archive have not grant the read permission to User A and User A can read his archive.

  • I found the reason. Due to User B's exchange emailbox granted the read permission to User A, so User A can use the archive explorer read User B's archive. It's just limited to shared folder, not all of the archive folder. Just remove the read permission on User B's exchange emailbox and everything return normal. Thanks