Skip to Main Content
Exchange Server Cookbook
book

Exchange Server Cookbook

by Paul Robichaux, Missy Koslosky, Devin L. Ganger
June 2005
Intermediate to advanced content levelIntermediate to advanced
464 pages
13h 2m
English
O'Reilly Media, Inc.
Content preview from Exchange Server Cookbook

3.9. Checking Which Account or Group Has Been Assigned Permissions During ForestPrep

Problem

Exchange ForestPrep was run at the time that the AD forest was first implemented and you now need to know which account or group has been granted Exchange Full Administrator permissions.

Solution

Using graphical user interface

  1. Open ADSI Edit (ADSIEdit.msc)

  2. Browse to the Exchange Organization container object:

    CN=<orgName>, CN=Microsoft Exchange,CN=Services,CN=Configuration, <ForestDN>

    Note that if Exchange Server 2003 ForestPrep (as opposed to Exchange 2000) has been run, you may see a GUID here instead of a friendly name. For example:

    CN={335A1087-5131-4D45-BE3E-3C6C7F76F5EC},CN=Microsoft Exchange,
    CN=Services,CN=Configuration,DC=company,DC=com
  3. Right-click on the organization object and select Properties.

  4. Click the Security tab, then click the Advanced button. Look for an account or group that has the permissions shown in Table 3-1.

Table 3-1. Permissions granted by forestprep

Type

Permission

Inherited from

Apply to

Deny

Receive As

<not inherited>

This object and all child objects

Deny

Send As

<not inherited>

This object and all child objects

Allow

Full Control

CN=Microsoft Exchange, CN=Services, CN=Configuration, < ForestDN >

This object and all child objects

Using a command-line interface

Find the Exchange organization name using the following command:

> dsquery * forestroot "CN=Microsoft Exchange,CN=Services,CN=Configuration, 
<ForestDN>" -scope subtree -filter "(objectclass=msExchOrganizationContainer)"

For example, ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Microsoft® Exchange Server 2010: Best Practices

Microsoft® Exchange Server 2010: Best Practices

Siegfried Jagott, Joel Stidley
Microsoft® Exchange Server 2003 Unleashed

Microsoft® Exchange Server 2003 Unleashed

Rand H. Morimoto - MCSE, Joe R. Coca, CISSP Kenton Gardinier - MCSE MCSA, MCSA Michael Noel - MCSE+I
Microsoft® Exchange Server 2013 Unleashed

Microsoft® Exchange Server 2013 Unleashed

Rand Morimoto, Michael Noel, Guy Yardeni, Chris Amaris, Andrew Abbate

Publisher Resources

ISBN: 0596007175Errata Page