cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1349
Views
4
Helpful
11
Replies

Permision Wizard Failure.

wrightmp
Level 1
Level 1

Hi, we have run latest version of permission wizard and get the following 2 errors. (Unity 4.04)

Deleted Objects rights: xu.ad.ga.com/Deleted Objects.

FAILED granting List contents rights FAILED granting Read Properties rights

I have spoken to the AD/Exchange guys at the company and they cannot find this "Deleted Objects" folder anywhere.

Can anyone shed some light on this?

Thanks Mark

11 Replies 11

lindborg
Cisco Employee
Cisco Employee

It's a hidden container that's used to get triggers when you delete an object in AD - this is used so Unity knows when you delete an AD account and we can use that trigger to then remove their subscriber properties in our SQL database, thus preventing "stranded" subscribers in our DB.

If you're running PW as a full domain admin, it should have rights to this container - if you're running as something less than a full domain admin you likely don't have access to it.

Thankyou very much.

Will Unity remain stable without these rights?

Had the same issue today with an account that is an Exchange admin and Domain Admin. Everything ran well, except the 'Deleted Objects' container. Turns out the account was not part of the "Enterprise Admins" group. Adding the account to that group fixed it.

I am logged in as UnityInstall which is a Domain Admin, Enterprise Admin and an Exchange Full Administrator.

I am an MCSE and Exchange administrator, have searched both extensively, and have not found where it is failing.

Does anyone have any ideas?

i had the same issue while logged in with an Enterprise Admin...waited 20min (no other changes) and re-ran the wizard successfully.

hope this helps.

Running the PermissionsWizard a second time worked for me as well.

Thanks.

Hi All,

We are getting this error with Permissions Wizard 5.0(1) on a Unity 7.0(2) integration with Exchange 2003. Has anyone else found the fix to successfully run the PW.

The Failure we have is on the UnityDirSvc Account on the Deleted Objects container with the errors:

FAILED granting LIST CONTENTS rights

FAILED granting READ PROPERTIES rights

We have tried running the PW as domain admins and enterprise admins with the same result.

Any help appreciated.

Thanks

Lee.

Hi -

I have occasionally seen this error running the Unity permissions wizard for multiple domains.  I have never seen it be a problem before and therefore ignore it. Your Unity enabled users will not be impacted by this error.

Ginger

Thanks Ginger,

I raised a TAC case and your advice was confirmed - that these warnings can be ignored.

Cheers

Lee.

Cheers Lee!  Glad to help :-)

Ginger