08-09-2007 07:54 AM
02-01-2008 03:39 AM
02-01-2008 06:24 AM
02-01-2008 07:34 AM
02-07-2008 10:55 AM
03-24-2008 06:24 PM
07-22-2008 08:29 AM
I just upgraded and environment to 2007SP3 and now having these same exact issues. Was there a fix for them that we can run? Was support able to get the issue resolved? Just wanted to check before opening another support case.
Thanks!
07-22-2008 12:39 PM
07-22-2008 12:52 PM
Root cause: Quest exchange migration wizard software causing known issue
Troubleshooting steps taken to resolve the problem:reviewed technote from Symantec
Documented solution link if applicable: http://seer.entsupport.symantec.com/docs/302543.htm
Quest Software has acknowledged this issue and provided Update 20080321 which is available from http://support.quest.com to address this issue.
07-22-2008 01:03 PM
Symantec Support just gotus this article a few minutes ago and we are going to try this fix. This was the tool that was used to migrate the old Exch 5.5 environment to 2000. Running the ADModify utility that is discussed here: http://seer.entsupport.symantec.com/docs/288235.htm does in fact show multiple entries for for SELF for the older mailboxes.
I'll repost after we run the Quest utility.
07-23-2008 12:36 PM
Weeehaw. A solution after 29 posts... record! ;)
07-24-2008 05:49 AM
Solved!
We had this problem and what we found was that there were orphan permissions on various mailboxes. It could be SELF permission problem too, but also if someone is deleted from AD and their SID is left with permissions on the mailbox (or subfolder). EV can't resolve the permissions when it does the Sync, because the account not longer exists in AD. For us this was complicated by the fact that if there were delegated permissions so you can get an orphan SID on a sub-folder too (but you don't see those under mailbox rights).
The good news is that there is a 'fix' depending on your circumstance. The Microsoft PFDAVAdmin tool can innumerate permissions on mailboxes and show where a SID has permissions, rather than a user.
You need to be careful because if you have AD trusts in place (or unique domain permissioning) as you may show a SID rather than an account simply because you are running PFDAVADMIN with an account that can't resolve all of the permissions. PFDAVAdmin can also fix the DACL for you (yipee!).
What we found was it was either the Inbox or Calendar since these are often what get delegated in Outlook.
Also, the MS tool 'NoMAS.exe" can be used to fix the mailbox SELF issue (master account SID), but does not fix the problem with orphan SID's on subfolders (delegation). They both can cause the task to crash. It's out on the web for download.
http://www.msexchange.org/articles/NoMAS-Tool.html
08-05-2008 04:56 PM
Microsoft Technet on script to clear SIDHistory
http://support.microsoft.com/?id=295758) and then manually removing the duplicate SELF account with the Exchance console that refered to the old domain. This allows archiving to occur. The concern is that removing the SID history will break other applications and network resources that still require access to the old domain. Is there any other way to resolve this issue withour removing the SID history?
08-05-2008 11:39 PM
Hi there
AFAIK you only have to get rid ofthe "SELF", you do not need to delete the historySID
/Michel
09-25-2009 01:55 AM