Edge Transport Setup Fails With DSACLs Error

  • Article

Microsoft Exchange Server 2007 will reach end of support on April 11, 2017. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.

 

This topic provides information about how to troubleshoot Microsoft Exchange Server 2007 Setup if Setup fails with the following error:

Active Directory Application Mode (ADAM) process dsacls.exe failed with error code 58 when setting the access control list (ACL) on OU=MSExchangeGateway.

The ExchangeSetup.log file also includes the following warning:

Process dsacls.exe has finished with exit code 58.

This issue occurs when there is a permissions issue on the target drive for the installation. It usually occurs when both the EVERYONE and USERS groups are incorrectly removed from the security settings of the target drive.

Resolution

To resolve the problem, restore the default permissions of the EVERYONE and USERS groups to the target drive for the installation.

Before You Begin

To perform this procedure, the account you use must have membership in the local Administrators group. For more information about permissions, delegating roles, and the rights that are required to administer Exchange 2007, see Permission Considerations.

Procedure

To restore default permissions of the EVERYONE and USERS groups

  1. Right-click the target drive, and then click Properties.

  2. On the Security tab, click Advanced, and then use the following table to add the corresponding permissions to the accounts.

    Name Type Permission Apply

    Users (Local Machine\Users)

    Allow

    Traverse Folder

    Execute File

    List Folder

    Read Data

    Read Attributes

    Read Extended Attributes

    Read Permissions

    This folder, subfolders and files

    Users (Local Machine\Users)

    Allow

    Create Folders

    Append Data

    This folder, and subfolders

    Users (Local Machine\Users)

    Allow

    Create Files

    Write Data

    Subfolders only

    Everyone

    Allow

    Traverse Folder

    Execute File

    List Folder

    Read Data

    Read Attributes

    Read Extended Attributes

    Read Permissions

    This folder, subfolders and files

Before you restart Exchange Server 2007 Setup, you may need to run the following command from the C:\Windows\ADAM folder to uninstall the Microsoft Exchange ADAM service:

adamuninstall.exe /force /i:MSExchange

If there is drive on the system that has the correct permissions, you can run the following Windows PowerShell command to copy the permissions:

get-acl <good drive> | set-acl <bad drive>