Inside of Exchange System Manager on a Standard Server 2003 system, a public folder has a ACCOUNT UNKNOWN user account(user icon ghosted out with a question mark attached to it) listed as a user in the security permissions tab.When trying to remove this user account, a security warning pops up stating ( You cannot remove "Account Unknown (S-1-5-21-......" because this object is inheriting permissions from its parent. To remove "Account Unknown" you must prevent this object from inheriting permissions. Turn off the option for inheriting permissions, and then try removing "Account Unknown " again. I see after the advanced button is pressed where this feature can be removed by de-selecting the check mark in the box. At this point, a security message comes up giving the option to copy, remove, or cancel. This portion I really don't understand. I need to choose one. Here is the description of each: Copy- to copy the permission entries that were previously appied from the parent to this object, click copy remove- to remove the permission entries that were previously appied from the parent and keep only those permissions explicitly defined here, click remove. and then cancel, which is the one I'm sticking with for now until I have a better understanding. I fear that by removing the inheritance, I will have to re-alocate all the permissions of the sub-folders and create a bad situation in my enviornment. What do I do to get rid of this unknown user account and resume with business as usual?

What type of permissions you are talking about? is it AdministrativePermissions or Client permissions? if you are seeing that the account is inherited then you should go level above until you find the account not inherited and then can remove from there. it will remove from children as well. Thanks.Vishal Ramnani | MCITP - Exchange 2007 | MCSE Messaging | MCTS - Win 2008 Config

Use ADSI Edit to browse down through the Exchange configuration settings in the Forest Config container. The DN will be something like cn=<orgname>,CN=Microsoft Exchange,CN=Services,CN=Configuration,<forest root DN>. Once you find where the ACE for the unknown SID was applied, you can remove it Vinod |CCNA|MCSE 2003 +Messaging|MCTS|ITIL V3|