Exchange 2003 to Exchange 2010 upgrade fails with public folder ACL permissions issue

I have seen a few instances now where upgrading from Exchange 2003 to Exchange 2010 will give an error of:

Access control list (ACL) inheritance is blocked for the Public Folder tree object (CN=Public Folders,CN=Folder Hierarchies,CN=first administrative group,CN=Administrative Groups,CN=<Your domain>,CN=Microsoft Exchange, CN=Services, CN=Configuration, DC=<your domain>, DC=<your domain suffix>). Re-enable the inheritance and restart setup

The easiest way I have discovered to fix this is through ADSIEdit .

Open ADSIEdit.msc, Select the Configuration partition then drill down the tree through this path
  • Service
  • Microsoft Exchange
  • Your Exchange organization
  • Administrative groups
  • First Administrative Group 
  • Select Folder Hierarchies 
You should now see CN=Public Folders in the right hand pane. Right click and go to properties then the security tab of both the Folder Hierarchies folder and the CN=Public Folders item. In the security tab click the advanced button and make sure"Allow inheritable permissions" is checked for both of them. After this is done retry your install.

No comments:

Post a Comment