Hello: Have a customer running Exchange 2003 (Verison 6.5.7638.1 ) on Windows 2003 SP2. During the reboot of thier server, they got the error “Invalid Security Id” and it reset the security on the BackOfficeStorage. Users can access Exchange via Outlook, but the web users (about 200+) can't access thier mailbox via OWA. Microsoft remoted in when this happened last time and fixed the permisions on the \\.\BackOfficeStorage\MBX directories but didn't tell the customer what the ACLs should be. Domain Administrators can access the mailboxes via OWA and can list the directories via the command prompt. I dumped the permisions using xcacls for a mailbox, but unfortunatley, I don't have access to a E2K3 box to compare: C:\Program Files\Support Tools>xcacls \\.\backofficestorage\someschool.k12.xx.us\mbx\testacc | more \\.\backofficestorage\someschool.k12.xx.us\mbx\testacc SOLANCO\testacc:(OI)(CI)F someschool\Exchange Domain Servers:(OI)(CI)F <Account domain not found>(OI)(CI)F <Account domain not found>(OI)(CI)(IO)F <Account domain not found>(OI)(CI)F <Account domain not found>(OI)(CI)(IO)F <Account domain not found>(OI)(CI)(IO)F <Account domain not found>(OI)(CI)(IO)F <Account domain not found>(OI)(CI)F <Account domain not found>(OI)(CI)(IO)F Someschool\TTCEMJ-84EF8E29A342:(OI)(CI)F SOmeschool\TTCEMJ-84EF8E29A342:(OI)(CI)(IO)F <Account domain not found>(OI)(CI)F <Account domain not found>(OI)(CI)(IO)F <Account domain not found>(OI)(CI)F <Account domain not found>(OI)(CI)(IO)F <Account domain not found>(OI)(CI)(IO)F <Account domain not found>(OI)(CI)(IO)F <Account domain not found>(OI)(CI)(IO)F SOmeschool\Domain Admins:(OI)(CI)F SOmeschool\Enterprise Admins:(OI)(CI)N SOmeschool\Exchange Services:(OI)(CI)F SOmeschool\EXCHANGE$:(OI)(CI)F SOmeschool\ExMerge:(OI)(CI)F SOmeschool\BlackBerryServ:(OI)(CI)F NT AUTHORITY\ANONYMOUS LOGON:(OI)(IO)(DENY)(special access:) STANDARD_RIGHTS_ALL DELETE READ_CONTROL WRITE_DAC WRITE_OWNER SYNCHRONIZE STANDARD_RIGHTS_REQUIRED FILE_GENERIC_READ FILE_GENERIC_WRITE FILE_GENERIC_EXECUTE FILE_READ_DATA FILE_WRITE_DATA FILE_APPEND_DATA FILE_READ_EA FILE_WRITE_EA FILE_EXECUTE FILE_READ_ATTRIBUTES FILE_WRITE_ATTRIBUTES NT AUTHORITY\ANONYMOUS LOGON:(CI)(DENY)(special access:) STANDARD_RIGHTS_ALL DELETE READ_CONTROL WRITE_DAC WRITE_OWNER SYNCHRONIZE STANDARD_RIGHTS_REQUIRED FILE_GENERIC_READ FILE_GENERIC_WRITE FILE_GENERIC_EXECUTE FILE_READ_DATA FILE_WRITE_DATA FILE_APPEND_DATA FILE_READ_EA FILE_WRITE_EA FILE_EXECUTE FILE_READ_ATTRIBUTES FILE_WRITE_ATTRIBUTES C:\Program Files\Support Tools>