user 'Everyone' denied access on ONE folder 1

[dforney]

W2K SBS

I have run into a user folder on M:\ (Exchange) that has the user account 'everyone' denied all access. There seems to be nothing I can do to change it. In the Advanced portion of the window, the user 'everyone' is greyed out, marked as inheriting permissions from parent object. None of the boxes are check marked for this and all the folders up the tree has user 'everyone' set to read access. Using system manager, user 'everyone' is set for read access or full access in all of the Objects I can find relating to Exchange.

Logging in as the user does not help, System will no allow administrator to take ownership (or any other user).

Any thoughts?
Thanks

 

[jtb]

hmmm... may be the result of some hacker or disgruntled employee... look into getting a security scan done...

you'll need to go up a level or two and "take ownership" and "block inheritance" somewhere along the way...

Check your Site, Domain, and Org GPOs, too...

JTB
Have Certs, Will Travel
"A knight without armour in a [cyber] land."

 

[dforney]

Thanks JTB, Not quite there. Throughout ADUC and Exchange - the permissions and ownerships are right on. I ran a global change of ownership to the correct accounts.

Security is tight and clean. Likely, 'someone' changed 'something' when some employee's were monkeying with shareing calendars without shareing everything in their client.

If it helps any, any attempt to change to the permissions and applying the alterations results in a "Security" Windows Message <Red X>"Unable to save permission changes on [acct] The Network request is not supported". This message (nor any of this trouble) occurs on anything else on this same level.

D

 

[jtb]

I knew I should have been studying harder during those exchange classes... encryption allowed?

JTB
Have Certs, Will Travel
&quot;A knight without armour in a [cyber] land.&quot;

 

[dforney]

Me too.

Allowed, not used.

 

[jtb]

maybe encryption within Exchange keeps some folders inaccessible? Maybe the user in question has/had a 3rd party tool?

Possibly related links

http://support.microsoft.com/?kbid=330752

http://www.securiteam.com/windowsntfocus/5GP0C0U6AU.html

***

http://www.securityfocus.com/infocus/1578

http://pstowa.chw.edu/owahelp.html

http://www.uwsp.edu/it/news/modjan2802.htm

JTB
Have Certs, Will Travel
&quot;A knight without armour in a [cyber] land.&quot;

 

[Davetoo]

You should not mess with the Exchange M:\ drive. It is a virtual drive that Exchange uses.

I'm Certifiable, not certified.
It just means my answers are from experience, not a book.

 

[tmt7734]

I 2nd what lander said. Having a user folder on the exchange m: is bad bad bad.

 

[dforney]

Lander/TMT - Alas - that is why such a thing is not allowed, nor did that occur. The file in question is the users exchange folder.. standard as all. All other attempts to remove the 'Everyone - Deny' WITHOUT going into M: have failed.. so NOW I am into the M:.

I am fully aware of the M: drive and it's funtion.

 

[Davetoo]

You should examine the users credentials via the ADUC, set the view to Advanced so you can see all the proper menus.

I'm Certifiable, not certified.
It just means my answers are from experience, not a book.

 

[GlenJohnson]

Check out
How the M drive came about Nifty reading, even if it doesn't help.

Glen A. Johnson
If you're from Northern Illinois/Southern Wisconsin feel free to join the Tek-Tips in Chicago, Illinois Forum.

TTinChicago
Johnson Computers

 

[dforney]

LANDER! That was exactly the positively precise spot I missed! I went through there at least 20 times and waltzed right past that. AHHH - Brainless Mondays - the tradition continues!

Mucho Gracias

 

[Davetoo]

Glad to help.

I'm Certifiable, not certified.
It just means my answers are from experience, not a book.