exchangefreaks.com Forum Index
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

AD/Exchange: "SELF" is not displayed!

 
Post new topic   Reply to topic    exchangefreaks.com Forum Index -> MS Exchange Applications
Author Message
Tyampoo



Joined: 07 Feb 2008
Posts: 2
PostPosted: Thu Feb 07, 2008 12:56 pm    Post subject: AD/Exchange: "SELF" is not displayed! Reply with quote
This is what I did:
If Not flag Then 'SELF is not found
Set ace = CreateObject ("AccessControlEntry")
ace.Trustee = "SELF"
ace.AccessMask = RIGHT_DS_SEND_AS Or RIGHT_DS_READ Or
RIGHT_DS_TAKE_OWNERSHIP Or RIGHT_DS_MAILBOX_OWNER
ace.AceType = ADS_ACETYPE_ACCESS_ALLOWED
ace.AceFlags = ADS_ACEFLAG_INHERIT_ACE
dacl.AddAce ace

'set back information
oSecurityDescriptor.DiscretionaryAcl = dacl
UserObject.Put "msExchMailboxSecurityDescriptor", oSecurityDescriptor
UserObject.SetInfo
WScript.Echo "Done"
End If

Situation:
If I run the script again for same user it shows that "SELF" is added.

Problem:
If I go thru GUI, "SELF" is not shown for the user.

Any suggestion/help is appreciated.

Thanks.
--
Tyampoo

Archived from group: microsoft>public>exchange>applications
Back to top
View user's profile Send private message
John Fullbright



Joined: 05 Aug 2007
Posts: 365
PostPosted: Thu Feb 07, 2008 9:21 pm    Post subject: Re: AD/Exchange: "SELF" is not displayed! Reply with quote
What is eactly is it you're trying to do? SELF is a sort of programmatic
shortcut. A placeholder as it were that is placed on a mail enabled object
when it's created. After the first access, permissions are propagated and
it get's replaced bu the actual user object. I don't understand why you
would want to stick self back on mailboxes that have already been instanced.


"Tyampoo" wrote in message @microsoft.com...
> This is what I did:
> If Not flag Then 'SELF is not found
> Set ace = CreateObject ("AccessControlEntry")
> ace.Trustee = "SELF"
> ace.AccessMask = RIGHT_DS_SEND_AS Or RIGHT_DS_READ Or
> RIGHT_DS_TAKE_OWNERSHIP Or RIGHT_DS_MAILBOX_OWNER
> ace.AceType = ADS_ACETYPE_ACCESS_ALLOWED
> ace.AceFlags = ADS_ACEFLAG_INHERIT_ACE
> dacl.AddAce ace
>
> 'set back information
> oSecurityDescriptor.DiscretionaryAcl = dacl
> UserObject.Put "msExchMailboxSecurityDescriptor", oSecurityDescriptor
> UserObject.SetInfo
> WScript.Echo "Done"
> End If
>
> Situation:
> If I run the script again for same user it shows that "SELF" is added.
>
> Problem:
> If I go thru GUI, "SELF" is not shown for the user.
>
> Any suggestion/help is appreciated.
>
> Thanks.
> --
> Tyampoo
Back to top
View user's profile Send private message
Tyampoo



Joined: 07 Feb 2008
Posts: 2
PostPosted: Fri Feb 08, 2008 11:42 am    Post subject: Re: AD/Exchange: "SELF" is not displayed! Reply with quote
For some reason, for some user there ain't SELF so I have to check that it is
present and set AccessMask to 131079. I also tried to put "NT
AUTHORITY\SELF"; if I check programatically it shows but it does not show in
GUI.
--
Tyampoo


"John Fullbright" wrote:

> What is eactly is it you're trying to do? SELF is a sort of programmatic
> shortcut. A placeholder as it were that is placed on a mail enabled object
> when it's created. After the first access, permissions are propagated and
> it get's replaced bu the actual user object. I don't understand why you
> would want to stick self back on mailboxes that have already been instanced.
>
>
> "Tyampoo" wrote in message
> @microsoft.com...
> > This is what I did:
> > If Not flag Then 'SELF is not found
> > Set ace = CreateObject ("AccessControlEntry")
> > ace.Trustee = "SELF"
> > ace.AccessMask = RIGHT_DS_SEND_AS Or RIGHT_DS_READ Or
> > RIGHT_DS_TAKE_OWNERSHIP Or RIGHT_DS_MAILBOX_OWNER
> > ace.AceType = ADS_ACETYPE_ACCESS_ALLOWED
> > ace.AceFlags = ADS_ACEFLAG_INHERIT_ACE
> > dacl.AddAce ace
> >
> > 'set back information
> > oSecurityDescriptor.DiscretionaryAcl = dacl
> > UserObject.Put "msExchMailboxSecurityDescriptor", oSecurityDescriptor
> > UserObject.SetInfo
> > WScript.Echo "Done"
> > End If
> >
> > Situation:
> > If I run the script again for same user it shows that "SELF" is added.
> >
> > Problem:
> > If I go thru GUI, "SELF" is not shown for the user.
> >
> > Any suggestion/help is appreciated.
> >
> > Thanks.
> > --
> > Tyampoo
>
>
>
Back to top
View user's profile Send private message
John Fullbright



Joined: 05 Aug 2007
Posts: 365
PostPosted: Fri Feb 08, 2008 3:43 pm    Post subject: Re: AD/Exchange: "SELF" is not displayed! Reply with quote
"For some reason, for some user there ain't SELF "

http://support.microsoft.com/kb/272153/en-us
http://support.microsoft.com/kb/304935/en-us

1. It's not a problem as long as the actual security descriptor for the
user has rights.
2. The process you are attempting to use only works if you set the
attribute before the mailbox is created.


"Tyampoo" wrote in message @microsoft.com...
> For some reason, for some user there ain't SELF so I have to check that it
> is
> present and set AccessMask to 131079. I also tried to put "NT
> AUTHORITY\SELF"; if I check programatically it shows but it does not show
> in
> GUI.
> --
> Tyampoo
>
>
> "John Fullbright" wrote:
>
>> What is eactly is it you're trying to do? SELF is a sort of programmatic
>> shortcut. A placeholder as it were that is placed on a mail enabled
>> object
>> when it's created. After the first access, permissions are propagated
>> and
>> it get's replaced bu the actual user object. I don't understand why you
>> would want to stick self back on mailboxes that have already been
>> instanced.
>>
>>
>> "Tyampoo" wrote in message
>> @microsoft.com...
>> > This is what I did:
>> > If Not flag Then 'SELF is not found
>> > Set ace = CreateObject ("AccessControlEntry")
>> > ace.Trustee = "SELF"
>> > ace.AccessMask = RIGHT_DS_SEND_AS Or RIGHT_DS_READ Or
>> > RIGHT_DS_TAKE_OWNERSHIP Or RIGHT_DS_MAILBOX_OWNER
>> > ace.AceType = ADS_ACETYPE_ACCESS_ALLOWED
>> > ace.AceFlags = ADS_ACEFLAG_INHERIT_ACE
>> > dacl.AddAce ace
>> >
>> > 'set back information
>> > oSecurityDescriptor.DiscretionaryAcl = dacl
>> > UserObject.Put "msExchMailboxSecurityDescriptor", oSecurityDescriptor
>> > UserObject.SetInfo
>> > WScript.Echo "Done"
>> > End If
>> >
>> > Situation:
>> > If I run the script again for same user it shows that "SELF" is added.
>> >
>> > Problem:
>> > If I go thru GUI, "SELF" is not shown for the user.
>> >
>> > Any suggestion/help is appreciated.
>> >
>> > Thanks.
>> > --
>> > Tyampoo
>>
>>
>>
Back to top
View user's profile Send private message
Display posts from previous:   
Related Topics:
Treo mobile phones and Exchange email syncing (Exchange 2003 Hi, Has anyone else had problems with Treo mobile phones (the Windows Mobile 5.0 based models like the 750) and Exchange Sync with Exchange 2003 SP2? When you sync email from the phone the email headers are all over the place. Normally email headers are s

Help with Exchange 5.5 IS Hi all, I appreciate if anyone could help me shed some light on the application log error EventID: 0 Source:ESE97 Category: Performance Description: MSExchangeIS [944] Unexpected Win32 error: 0x57.. I've been getting every second in my Exchange mail serve

AV for Exchange Hello, I'm looking to buy an AV for exchage in our office. I've heard about 2 products TrendMicro- Scanmail and Sybari- Antigen. I just wanted to find out from the people who are using them and how they feel about product and would they recommend them. Is

Exchange IM I am utilizing MS Exchange IM within the corporate environment. For the most part, it works without issue. However, there are a few clients who can send IM but cannot receive. Has anyone else experienced this problem? Very strange. All cli

exchange After about ten years of ignoring the issue, it has become apparent that I should not remain totally ignorant as to what, pray tell is "exchange". Could someone tell a complete novice what is "exchange" all about? I have only the vaguest idea. Could some
Post new topic   Reply to topic    exchangefreaks.com Forum Index -> MS Exchange Applications All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group