Cannot migrate public folder permissions. (NETIQKB49182)

  • 7749182
  • 02-Feb-2007
  • 17-Apr-2008

Resolution

fact
Exchange Migrator 2.x

symptom
Cannot migrate public folder permissions.

symptom
Public folders do not retain manually set permissions.

symptom
Duplicate entries in EmDevLog.txt when ACE's are being configured on public folders.

cause

The Specify Migration Options wizard option is set to merge the Windows 2000 account with a target that has the same SamAccountName, so Exchange Migrator merges all mailboxes associated with the same Primary Windows NT account onto a single Active Directory user account. 



fix

To resolve the issue:

  1. In Exchange Migrator, undo the mailbox migration of all mailboxes associated with the same Primary NT Account.
  2. In the Exchange version of Active Directory Users and Computers, right-click the Active Directory account > Exchange Tasks and select Remove Exchange Attributes.
  3. In Exchange Systems Manager, expand the Admin Group > Servername > Mailbox Store.
  4. Delete the mailbox.
  5. In the Specify Migration Options wizard, select Merge the account with a target that has the same SamAccountName to re-migrate the mailbox that correlates with the account in Active Directory, the account that was stripped of Exchange Attributes and mailbox information in step 3.
  6. Run the Synchronize and Update Migrated Public Folders command selecting the public folder whose permissions would not migrate and verify that permissions for the mailbox are listed.
  7. In the Specify Migration Options wizard, select Create a new Windows 2000 account for the migrated mailbox and re-migrate all of the mailboxes that were incorrectly associated with Active Directory account initially. The replication might take some time.
  8. Once the replication is complete, verify the new user account and mailbox was created for all mailboxes that were re-migrated. 
  9. Verify that the target GAL represents all accounts.
  10. Run the Synchronize and Update Migrated Public Folders command selecting the public folder whose permissions would not migrate and verify that permissions are shown on the public folder in the target organization.
  11. Re-apply all necessary permissions to mailboxes using the Mailbox Rights button on the Exchange Advanced tab of Active Directory users in ADUC.


note
To get a list of all Exchange 5.5 mailboxes that have duplicate Primary Windows NT Account associations, populate the Exchange Migrator project with Exchange 5.5 mailboxes then run the Mailbox by NT Account report listed under the Migration Reports > Exchange Organization State Reports > Mailbox > Mailbox by NT Account.

Additional Information

Formerly known as NETIQKB49182