Re: Creating Contacts in OU

It's not possible to create a mailbox-enabled user account
(non-programmatically) without having Exchange Mgmt Tools (in addition to
Windows Server admin tools - aka adminpak.msi) installed on a Windows
client/server. If the user wants to do this from his/her client workstation,
you should install both.

In addition to the AD permissions you delegated on the OU, you will need to
delegate at least Exchange View Only Admin rights to the user.

Permissions:
Mail-enabling Contact Objects
http://www.microsoft.com/technet/prodtechnol/exchange/guides/E2k3ADPerm/9b35165a-0c9d-4aa2-aa55-a17b2138b665.mspx
--
Bharat Suneja
MCSE, MCT
www.zenprise.com
blog: www.suneja.com/blog
-----------------------------------------


"skip" <skip@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:ACFE6792-51A5-491B-8717-A2E169A7DC3E@xxxxxxxxxxxxxxxx
> Hi all
>
> I need to give the rights to a user so they can create email contacts. I
> created an OU delegated full control over the OU to the user. I installed
> the
> admin tools on the users machine. The user can create a user account with
> a
> mailbox in the OU, but when he tries to create a contact, it fails. When I
> look at the security log on the server (exchange and AD are on the same
> Box
> sp2 for exchange sp1 for windows) i see event. Do i need to install the
> Exchange admin tools on this guys machine? not sure why the user can
> create
> user accounts with mailboxes but cant create contacts with external email
> addresses?
>
> Event Type: Failure Audit
> Event Source: Security
> Event Category: Object Access
> Event ID: 560
> Date: 1/30/2006
> Time: 5:44:43 PM
> User: INSURANCESKILLS\Brad
> Computer: THEBEAST
> Description:
> Object Open:
> Object Server: SC Manager
> Object Type: SC_MANAGER OBJECT
> Object Name: ServicesActive
> Handle ID: -
> Operation ID: {0,826668285}
> Process ID: 668
> Image File Name: C:\WINDOWS\system32\services.exe
> Primary User Name: THEBEAST$
> Primary Domain: INSURANCESKILLS
> Primary Logon ID: (0x0,0x3E7)
> Client User Name: Brad
> Client Domain: INSURANCESKILLS
> Client Logon ID: (0x0,0x31228C4D)
> Accesses: Connect to service controller
> Enumerate services
>
> Privileges: -
> Restricted Sid Count: 0
> Access Mask: 0x5
>
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
>


.

Relevant Pages

  • Re: One user having messages stuck in Local Delivery
    ... user accounts and new client PC accounts, even if you keep all the naming ... is a retail install of SBS that I am troubleshooting not one from MSDN ... tomorrow morning another mailbox or two will start failing. ... and then I added them in my exchange connection in outlook and manually ...
    (microsoft.public.windows.server.sbs)
  • Re: Client connect with SBS 2003
    ... access Exchange, whatnot, but they cannot join a domain. ... setup on the server I am prompted to install 4 items to the client ... (client os service packs, IE 6, Outlook 2003, Shared Fax Client). ... Network Config Wizard, RWW, Info & Help) so I know I can connect ...
    (microsoft.public.windows.server.sbs)
  • Re: Deploying DST
    ... MVP - Exchange ... "(In which case, when/if rebasing appointments, ... If your clients are set to automatically download and install updates, ... client in our office. ...
    (microsoft.public.exchange.admin)
  • Programming environment
    ... Currently I'm programming client programs ... Did you set up an Exchange ... I can install for more than one time? ...
    (microsoft.public.win32.programmer.messaging)
  • Re: Installing ESM.MSC on a workstation
    ... and went to install, however I had the following error (once I selected the ... need windows 2000 adminitsration tools" ... Admin tools from this machine. ... >>there is an install via the Exchange program directory but I am hitting ...
    (microsoft.public.exchange2000.admin)