Secure Messaging with MicrosoftВ® Exchange Server 2003 (Pro-Other)

2017-07-07 02:10:07

Permissions listed in this section are set on objects in various locations, as indicated in the title of each table.

Table B-16: Permissions Set on the Deleted Items Container (cn=Deleted Items, cn=Configuration,dc= domain )
Account	Allow/ Deny	Inherit	Right	Notes
During forestprep
Designated admin account	Allow	Yes	Read PermissionsList ContentsRead All PropertiesModify PermissionsACTRL_DS_LIST_OBJECT	Exchange administrators must be able to add other administrators or servers to the ACL of the Deleted Items container
During server installation
Exchange Domain Servers	Allow	Yes	List Contents	The ds2mib service must be able to tell when a directory object has been deleted, so it needs to scan the dumpster

Table B-17: Permissions Set on the Active Directory Connector Object (cn=Active Directory Connector,cn=Exchange Settings,cn= server ,cn=Servers,cn= site ,cn=sites,cn=Configuration, )
Account	Allow/ Deny	Inherit	Right	Notes
During ADC setup
Exchange services	Allow	Yes	Full Control	The ADC must be able to alter its own configuration
Authenticated Users	Allow	Yes	List ContentsRead All PropertiesRead Permissions

Категории

Search