Are the Exchange Admins in a protected group? This sounds like the SDProp process doing its thing:
Repeated attempted changes tp DACL since update to CU19 and Hafnium patch
Hi all, since the update to the above, I've noticed that every hour, changes are attempted to the DACL for exchange admins to deny exchange trusted subsystem access to those objects. Would anybody know if this is as i suspect, a process that runs since the patch to assist in keeping things 'safe' ?
Thanks
Will
2 answers
Sort by: Most helpful
-
-
Xzsssss 8,861 Reputation points Microsoft Vendor
2021-03-12T05:41:07.687+00:00 Hi @Will T ,
Agree with Andy. This is more likely to be expected. You could check it with changing AdminSDProtectFrequency.
Regards,
Lou
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.