cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

dsacls command not working

Go to solution
Jim_Hellewell
Level 4
Partner

‎02-02-2015 05:52 AM

Hi all,

We have Windows Server 2003 Domain Controllers, the Forest Functional level is also 2003; we have deployed Exchange 2010, and EV 10.0.4 into production. before we turn on Journal archiving and use Discovery Accelerator in production, we are trying to test it first in our labs.

As one of the pre-requistites for DA, we are running the following dsacls command:-

dsacls "CN=Deleted Objects,DC=domain,DC=com" /takeownership

this generates the following error "Parameter /takeownership was unexpected"

My questions are:-

1) Do we really need to issue this command (we get a warning about it later in the istallation process) ?

2) Any ideas what is wrong with the command.. is it to do with the Domain Controllers being on Windows Server 2003 ?

Any help is much apreciated

regards

Jim

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
TonySterling
Moderator
Moderator
Partner    VIP    Accredited Certified

‎02-02-2015 07:34 AM

Have you seen this?

Assigning the required Active Directory permissions to the Custodian Manager synchronization account

Article:HOWTO107877  |  Created: 2015-01-09  |  Updated: 2015-01-09  |  Article URL http://www.symantec.com/docs/HOWTO107877

It needs the permissions on the Deleted Objects container for this reason:

Without these permissions, it is not possible to deactivate any custodians and custodian groups whose Active Directory details have been moved to the Deleted Objects container.

For the Windows 2003 part of you question, I would refer to this: http://support.microsoft.com/kb/281146

View solution in original post

0 Kudos
1 REPLY 1

Go to solution
TonySterling
Moderator
Moderator
Partner    VIP    Accredited Certified

‎02-02-2015 07:34 AM

Have you seen this?

Assigning the required Active Directory permissions to the Custodian Manager synchronization account

Article:HOWTO107877  |  Created: 2015-01-09  |  Updated: 2015-01-09  |  Article URL http://www.symantec.com/docs/HOWTO107877

It needs the permissions on the Deleted Objects container for this reason:

Without these permissions, it is not possible to deactivate any custodians and custodian groups whose Active Directory details have been moved to the Deleted Objects container.

For the Windows 2003 part of you question, I would refer to this: http://support.microsoft.com/kb/281146

0 Kudos