This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 96%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWS%3C/text%3E%3C/svg%3E)
We are running Exchange 2013 on prem. Someone was mucking around in AD yesterday and apparently did a "reset default permissions" on the root of AD. All Exchange permissions have now been removed so we can no longer make any changes to any accounts from exchange. Before we open a ticket with Microsoft, is there any easier way to restore the default exchange permissions on AD?
@Walter Salvatore
I am writing here to confirm with you that do you recover the permission now?
If the suggestion below helps, please be free to accept it as an answer for helping more people.
Here is the doc listing what perms are set when you run setup/PrepareAD
YOu can walk through and ensure its set correctly.
I would especially focus on and make sure the Exchange Trusted Subsystem has full access down the objects
Opened a ticket with Microsoft, but as of this time have still not heard from anyone so we will be closing the ticket and asking for a refund.
We where able to restore the permissions with the help of a group on reddit.
Copied the Exchange install media to the Exchange server (C:\Temp\Exchange) and ran the following command at an elevated command prompt.
C:\temp\exchange\Setup.exe /PrepareAD /OrganizationName:"OurOrgName" /IAcceptExchangeServerLicenseTerms
This fixed the issue.
Yea, that was the point of my answer :)
Thanks for your updating and sharing, I have helped you convert this reply to an answer. You could accept it as answer, it could help other users find this solution quickly.