cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Permissions not Syncronizing

Go to solution
John_Huber
Level 4

‎03-18-2011 03:03 PM

Upgraded from EV8 to 9.01. EV 8 was in place and running using exchange 2003  mailbox archiving  Migrated from exchange 2003 to 2010.  EV 9.01 was managing mailbox archiving on 2003 and 2010.  All was fine until we shut down the 2003 server.  All mailbox permissions were lost including automatic.  User could not access there own mailbox. Only explicit permissions survived.  Disabled mailboxes at the time of the migration show their old permissions that were in place prior to the move.  Did some reading the consultant did not set the registry value for doing the migration.  Set that value and ran provisioning and mailbox sync tasks with no luck.  New mailboxes are not getting and permissions applied either.  Tried many different setting, to many to name.  Any and all comments, thoughts  are welcome

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
John_Huber
Level 4

‎03-24-2011 01:38 PM

Thanks to all who offered some help it was greatly appreciated.  I had to go into SQL and delete the ExchangeMailboxEntryId for all the mailboxes except journal boxes, reprovision and sync.  The archive permissions were repopulated to the archives and life was good.  I did the changes in SQL under the direction of a Symantec engineer.  It was a very straight forward procedure in SQL, but my comfort level in SQL is very low. 

View solution in original post

0 Kudos
8 REPLIES 8

Go to solution
JesusWept3
Level 6
Partner Accredited Certified

‎03-18-2011 03:22 PM

Any chance of getting a trace of AgentClientBroker and then havin you manually sync a couple of users with the "include folder hierarchy and permissions" checked? So you would do the following 1. Log on to the EVServer as the EVAdmin account 2. Open a command prompt and CD to your EV install dir 3. Type "dtrace" and press enter 4. Type "set AgentClientBroker v" and press enter 5. Type "log C:\permissionsSync.txt" and press enter 6. Open your Vault Admin Console 7. Expand out Enterprise Vault Servers -> yourEVServer -> Tasks 8. Right click your exchange servers mailbox archiving task 9. Go to Properties and then the Synchronization tab 10. Choose to select users 11. Check the "include folder hierarchy and permissions" box 12. Press the synchronize button 13. Select two or three affected users and press the ok button 14. Wait for the dialog to come back and say the users were synchronized 15. Go back to the Dtrace 16. Type "exit" and press enter Zip up the log and then upload it here if you can Also after that goes through, check the permissions again and make sure they haven't populated and also look at the event viewer to see if any errors were logged when synchronizing
https://www.linkedin.com/in/alex-allen-turl-07370146
0 Kudos

Go to solution
John_Huber
Level 4

‎03-18-2011 04:17 PM

Attached the file.  I looked through and saw the sync errors for a missing security descriptor.  Hope you now the fix.  Those are the errors that stood out to me. I have checked every log I can find.  There are no sync errors in the event log.  There are no real errors to speak of.. Ran the deployment tool it was all green.

Thanks for the help.  I am about to run from the room screeming never to be seen again.

0 Kudos

Go to solution
KarlW
Level 6
Employee

‎03-20-2011 02:17 PM

Hi,

From the trace I can spot something to try.  From the trace you appear to have Exchange System Administrator installed and the advanced policy set to synchronize Inherited rights turned on.

Please could you turn off the inherited permissions policy setting and try the synchronize again?

Regards

Karl

0 Kudos

Go to solution
John_Huber
Level 4

‎03-21-2011 07:10 AM

Tried it twice for good measure.

thanks

0 Kudos

Go to solution
John_Huber
Level 4

‎03-21-2011 07:39 AM

I will do a compare to see if any changes.

0 Kudos

Go to solution
KarlW
Level 6
Employee

‎03-21-2011 07:41 AM

Might be worth restarting the Task Controller service - the policy should update on the fly but just in case it isn't it!

-Karl

0 Kudos

Go to solution
JesusWept3
Level 6
Partner Accredited Certified

‎03-21-2011 11:38 AM

Found this technote that suggests removing ESM completely

http://www.symantec.com/business/support/index?page=content&id=TECH153019&key=50996&actp=LIST

https://www.linkedin.com/in/alex-allen-turl-07370146
0 Kudos

Go to solution
John_Huber
Level 4

‎03-24-2011 01:38 PM

Thanks to all who offered some help it was greatly appreciated.  I had to go into SQL and delete the ExchangeMailboxEntryId for all the mailboxes except journal boxes, reprovision and sync.  The archive permissions were repopulated to the archives and life was good.  I did the changes in SQL under the direction of a Symantec engineer.  It was a very straight forward procedure in SQL, but my comfort level in SQL is very low. 

0 Kudos