Hi...
since upgrading to CU12 my favorite error "This access control list is not in canonical form" is back again.
Deleting the deny rule for the exchange sub system doesnt helped this time.
any ideas about this?
i googled a lot, but cant identify what is not "canonical"...
Thanks for any help!
Patrick
attached our "customer" OU.
On root level i see only two deny rules (exchange windows permissions + exchange servers).
Check if Exchange subsystem has any deny rules on the customer OU. If they do remove it and it will work
Hi,
there are no deny rules for the exchange subsystem nor in the root of the ad domain.
The only to two deny rules at root level were "Exchange Windows Permissions" and "Exchange Server".
Both added with CU12
i also deleted this two rules at root level and everyhing is working again.
But this should not be a final solution, its more a bad workaround.
i will investigate this with the next CU 13 further..
The issue will be fixed in the next release without the need to remove the deny permissions. There is already a pull request for this issue: https://github.com/FuseCP/SolidCP/issues/2
Best regards
Bogdan
