RE: Dredded 9548

  • From: "Zoran Marjanovic" <Zoran.Marjanovic@xxxxxxxxxxxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Mon, 7 Nov 2005 15:29:31 +0100

 
Devon,

I use a vb script for disabling users where I solved that issue.
After you allow SELF account access to ASSOCIATED_EXTERNAL_ACCOUNT, the mailbox 
is open and 
you should set delivery restrictions. Instead of each time defining user(s) who 
are to be disabled, you may use array
DisableUsers to ease the procedure. Collect users who are members of a specific 
group, or located in a specific OU or ... 
The script removes all permissions assigned to the SELF account over the 
mailbox and adds them again including associated external account. 
If you have more questions, shoot...

'Constants:
Const ADS_PROPERTY_APPEND = 3
Const ACE_MB_FULL_ACCESS = &H1
Const ACE_MB_READ_PERMISSIONS = &H20000
Const ACE_MB_ASSOCIATED_EXTERNAL_ACCOUNT = &H4

'Assign Allow permission to SELF account for Associated External Account ACE
  Set objACE = CreateObject("AccessControlEntry")
  Set objUser = GetObject("LDAP://user(s)")

  'Get the Mailbox Security Descriptor
  Set objMailbox = objUser
  Set objMailboxSD = objUser.MailboxRights
  Set objDACL = objMailboxSD.DiscretionaryAcl

  'Fill in the new ACE
  objACE.Trustee = "NT AUTHORITY\SELF"
  objACE.AccessMask = ACE_MB_FULL_ACCESS Xor ACE_MB_READ_PERMISSIONS Xor 
ACE_MB_ASSOCIATED_EXTERNAL_ACCOUNT
  objACE.AceType = ADS_ACETYPE_ACCESS_ALLOWED
  objACE.AceFlags = 2 ' object and subcontainers

  'Add and save changes
  objDACL.AddAce objACE
  objMailboxSD.DiscretionaryAcl = objDACL
  objMailbox.MailboxRights = objMailboxSD
  objUser.SetInfo

  
  'Set Message Delivery Restrictions
  Set objACE = CreateObject("AccessControlEntry")
  Set objUser = GetObject("LDAP://user(s)")

  'Add "somebody" as the only valid e-mail sender
  objUser.Putex ADS_PROPERTY_APPEND, "dLMemSubmitPerms", 
Array("CN=sender,OU=ou,DC=your_domain,DC=extension")
  objUser.SetInfo
 
'HTH :-)
 
____________________________________________
Zoran Marjanovic 
System Administrator 
 

-----Original Message-----
From: Harding, Devon [mailto:dharding@xxxxxxxxxxxxxxxx] 
Sent: Friday, November 04, 2005 8:59 PM
To: [ExchangeList]
Subject: [exchangelist] Dredded 9548

http://www.MSExchange.org/

How can I prevent the Event ID error 9548 from happening?  I normally use NoMas 
to fix em, but I want to prevent them from happening.

Devon Harding
Windows Systems Engineer
Southern Wine & Spirits - BSG
954-602-2469


-----------------------------------------
__________________________________
This message and any attachments are solely for the intended recipient and may 
contain confidential or privileged information.  If you are not the intended 
recipient, any disclosure, copying, use or distribution of the information 
included in the message and any attachments is prohibited.  If you have 
received this communication in error, please notify us by reply e-mail and 
immediately and permanently delete this message and any attachments.  Thank You.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this MSExchange.org Discussion List as: 
zoran.marjanovic@xxxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx


Other related posts: