Hi We are facing a very strange issue while sending on behlf of a global security group, below is the description 3 Users (user1, User2 & User3) assigned Send As permission on group SAPTeam, 2 of them are members of this group and user3 is a member of Domain Administrators. SAPTeam itself is a member of Administrators group. 1st 2 users are unable to send on behalf of the group and the 3rd user can. Also all these 3 accounts are disappearing after adding to SCL, it's fine as per article (http://support.microsoft.com/kb/318180/en-us). How can we troubleshoot the issue? Regards LMS

Hi Even the normal user account which I added got disappeard in some hours time!!!

HI Any idea??

We find out the root cause. The ACL inheritance & user permission is disappearing because SAP group is a member of Administrators group(domain level), because of this if the ACL is different, the ACL on the user/group object is overwritten to reflect the security settings of the AdminSDHolder object (and ACL inheritance is disabled). This process protects these accounts from being modified by unauthorized users if the accounts are moved to a container or organizational unit where a malicious user has been delegated administrative credentials to modify user accounts. Also while sending on behalf of the account (user or group) we should use the exact display name in From filed(mail address eg sap@mydoamin.com won't work). Regards Lal