Hello We are running Exchange 2003 SP2 in one of our site/affiliate, and recently Exchange view only admin holders have start complaning that they cannot access mailbox right tab in user account property, they receive below shown error: https://skydrive.live.com/#!/?cid=cee05e12fe28fae6&sc=photos&uc=1&id=CEE05E12FE28FAE6%21171!cid=CEE05E12FE28FAE6&id=CEE05E12FE28FAE6%21188&sc=photos I have checked permission for them with reference to below article, permissions on Exchange database level are good and on AD OU too: http://anewmessagehasarrived.blogspot.com/2008/07/grant-permission-to-change-permission.html Not able to think through what could be cause of issue, At top I can recall that we recreated the edb file for disk space issues but Database object in itself wasnt recreated. Any thoughts in this direction?Ajay Kundnani MCTS - Exchange 2007, 2010

Hi, Can the Org Admin access the mailbox tab? You can turn on diagnostic loggings for mailbox access and it should provide a little more details on the issue.

Hi Ajay, Recreating the edb file will result in holding the user configuration with the empty email contents for every one on that database. For this issue.. Can you remove the view only admin permission and reassign it in System Manager. I hope you know how to delegate a user with exchange view only administrator permission.

Sure thing. I have already turned up logging on access control and yes I know how to use delegation wizard. Just to confirm - you want me to remove the problematic admin account from exchange view only admin role and re-add it back? OR remove view only admin as a whole?Ajay Kundnani MCTS - Exchange 2007, 2010

Update: I enabled logging, however it didnt really generate any event that says an Admin is trying to change mailbox rights, it generated events for mailbox access/shared mailbox folder access and other related events. I added one of admin account reporting issue explicitly on mailbox server security under ESM - providing full control but issue remains same. (Allow inheritance was checked) so just confirming if it was equivalent of removing view only admin permission and re-adding? as I added admin account fresh under security. Does permission changes on information store needs info store service restart perhaps? (thinking out loud)Ajay Kundnani MCTS - Exchange 2007, 2010

Remove Only the admin account from View only group and re add the account back.

Thanks for participation guys. Issue is resolved, and above posts were helpful for me pointing in right direction. 1. I confirmed with problematic admin if more team members in her team are facing same issue - YES. 2. Found common factor in problematic user accounts they were facing challenge with - SAME MAILBOX STORAGE GROUP 2. I checked the group they were part of and what groups that group was part of and apparently one of my team member appended DENY grop for that group on certain mail stores so they cant create new mailboxes (wasnt aware of this change) 4. Removed that group from all DENY groups and Monday issue resolved. Thanks once again - you guys pointed in right direction.Ajay Kundnani MCTS - Exchange 2007, 2010