After a failed Exchange 2007 installation or reinstallation ofexchange 2007 server (RTM) you will see duplicate security objects created under Microsoft exchange security groups.
[ ADUC - Microsoft Exchange security Groups]
Below are the steps you need to follow to identify the proper security groups associated and which one to delete.
- Exchange 2007 make use of other-well-knownobjects attirbute to identify these secerity groups. Other well known objects contains a list of containers by GUID and DN (Distinguished name).
- Windows servers use groups to control access to security objects such as NTFS files and folders, registry keys and Active Directory objects. Exchange 2003 uses groups to control access to public folders and user mailboxes as well as to act as distribution lists.
Default groups.
- Exchange Organization Administrators
- Exchange Public Folder Administrators
- Exchange Recipient Administrators
- Exchange Servers
- Exchange View-Only Administrators
- ExchangeLegacyInterop
- when installation is failied and you reinstall exchange 2007 again, duplicate groups will appear with suffix 1 added.
-Follow below steps to delete the duplicte groups.
-install windows support tools.
- run- > ldp.exe
- connect to DC and enter the credentials .
- Select view menu - select configuration container
- navigate through containers .
- Double click on exchange organization ,on the right hand pane search for "OtherwellknownObjects"
- note the groups associated with otherwellknown objects.
- You can safely delete the groups which are not associated with "other wellknownobjects".
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment