search

microsoft / CSS-Exchange

Exchange Server support tools and scripts
MIT License
1.21k stars 332 forks source link

SourceSideValidations SDS related requirements added #2039

Closed lusassl-msft closed 3 months ago

lusassl-msft commented 3 months ago

Issue: ./SourceSideValidations.ps1 -RemoveInvalidPermissions will fail to run if it was executed on an Exchange Server that has the management tools installed but no other Exchange Server role.

Reason / Fix: In -RemoveInvalidPermission, we pipe the invalid permissions to Remove-PublicFolderClientPermission precisely because there is no other way to remove invalid permissions. You cannot specify them by user, because the user is an orphaned SID. Specifying that as the -User parameter causes us to try to look up the SID to validate the parameter, which fails, so the cmdlet does not succeed. Thus, ForEach-Object will not work here.

Piping the bad permission to Remove-PublicFolderClientPermission is the only way to get it to treat that orphaned object as valid input.

SourceSideValidations.ps1 will need to be run from a Mailbox role going forward, at least if you need to use the -RemoveInvalidPermissions switch.

lusassl-msft commented 3 months ago

Closing this PR since this issue was fixed via:

PR #1930 and PR #1924