Forum Discussion

StefanPh's avatar
StefanPh
Level 3
13 years ago

Public Folder has no Permissions

Hi!

 

We startet with PF-Archiving a few Weeks ago on EV 10 and used one single PF and its subfolders to get the proof, that it is working. At the beginning everyone was happy. The folder showed up in the Archive Explorer for everyone who had granted permissions on the original PF. After a while the PF did not show up any more in Archive Explorer. I checked the Archive in the console and then there was no single permission on that PF in EV anymore. The rights on the original folder in Exchange have not been touched and are still the same.

 

Running a DTRACE a see the following:

 

74571 10:39:14.139  [3176] (PublicFolderTask) <11652> EV:L {CFolderHelper::GetFolderSettings:#1109} Synchronising folder permissions for folder [Interne Systeme]
74572 10:39:14.139  [3176] (PublicFolderTask) <11652> EV:M CSynchHelper::SFP(Interne Systeme) - Opening PR_ACL_TABLE
74573 10:39:14.171  [3176] (PublicFolderTask) <11652> EV:M CSynchHelper::SFP(Interne Systeme) - Anonymous permissions exist on this folder
74574 10:39:14.171  [3176] (PublicFolderTask) <11652> EV:M CSynchHelper::SFP(Interne Systeme) - add permissions to dacl
74575 10:39:14.171  [3176] (PublicFolderTask) <11652> EV:M CSynchHelper::SFP(Interne Systeme) - Setting ANONYMOUS permissions to Security Descriptor, Grant Mask = 0x00000002
74576 10:39:14.171  [3176] (PublicFolderTask) <11652> EV:M CSynchHelper::SFP(Interne Systeme) - Set the dacl in the security descriptor
74577 10:39:14.171  [3176] (PublicFolderTask) <11652> EV:M CSynchHelper::SFP(Interne Systeme) - Not updating security descriptor in the database as it hasn't changed

 

I can see no errors and I don't know why the rights are no longer synchronized correctly. Even when i change the rights on the original PF, the messages from DTRACE look the same. It seems that EV is not able to get the original rights anymore.

 

Any help is very welcome and thanks in advance!

 

  • Have you checked the replica schedule and that the correct public folder database is set for the mailbox DB of the system mailbox?  If there are multiple replicas for this folder have you left enough time for the replication to occur before synchronizing?

    It may also be worthwhile getting a folder permission dump from Exchange 2010 management shell (get-publicfolderclientpermission) to check this corresponds with Outlook.

    It could also be a folder higher in the tree has lost its permissions, any break in the permission chain means  the lower folders won't be visible in Archive Explorer.

    Thanks

    Karl