Re: Unable to add mailbox

This is a regular exchange 2003 install, and no, I have not lately done a dr
setup.
They have not been able to read or see any emails sent to them (so have
nothing to reply to), but when I look at their mailbox in the First Storage
Group/Mailboxes, they have a small number of items and size. I can see
AGarvey in the GAL, but not the MKelley, but this is intentional, i
configured MKelley to not be visible on the Gal. But when I send AGarvey a
test message, even though I selected her from the gal, i get the non
deliverable message.

I checked the properties, and both @braintree.cmc and @corcoranmgmt.com have
the responsible for mail delivery checked. Users are added and deleted
fairly regularly due to turnover, but this is the first this has happened.

This email server has been up since early 2006, I did add a 2003 dc in
december, and another backup dc in Feb (which was the old mail server, but I
completely wiped and reinstalled os, etc after demoting that server) and
moved the roles to the new dc, since in the next week or so I plan on
demoting the original and first dc running 2000 server.

"Steve Antonio [MSFT]" wrote:

As far as the "This object only" that is correct.

Is this an SBS server, or have you recently done a /disasterrecovery
setup? These are hapening with new messages and not just replies,
correct?

One other thing...open up the ESM, expand Recpients and then Recipient
Policies. Openthe properties of the Recipient policy that stamps users
with @corcoranmgmt.com. Find that addres within the recipient policy
and select properties. Make sure the "This Exchange Organization is
responsible for all mail delivery to this address" box is checked.

Also, I can't remember if you mentioned this before or not...can you
see these users in the GAL?


On Wed, 25 Apr 2007 12:38:01 -0700, ces
<ces@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

Back again. I checked both the ou's (each user is in a different ou). The
Authenticated User has Read and Special Permissions, the under advanced, the
inheritable permissions is checked, and includes List Contents, Read All
Properties, and Read Permissions. I did an effective permissions on one of
them and that looks good also. The advanced Tab, even though there is a
check in inherited, says to Apply to this objec only. But I don't play
around with default permissions for system accounts, but we did have a second
person as admin up until a month ago.

Thanks again.

"Steve Antonio [MSFT]" wrote:

OK, the LDP dump looks fine. So it appears to be permissions related.
If you look at the OU that the user belongs to (Management).
Right-click the OU and select properties. Go to the Security tab, then
click the "Advanced" button. Makre sure the inheritable permissions
box is checked.

If so, make sure that box is checked on the user's account as well.

Then verify that "Authenticated Users" has the following permissions:

SPECIAL ACCESS
READ PERMISSONS
LIST CONTENTS
READ PROPERTY

On Wed, 25 Apr 2007 11:16:00 -0700, ces
<ces@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

The users can send with no errors, but they are not received by the recipient
(I tested sending to my hotmail account). When I send from my domain
account, with delivery notification, I get an error:
The following recipient(s) could not be reached:

Andrea Garvey on 4/25/2007 1:50 PM
The e-mail account does not exist at the organization this
message was sent to. Check the e-mail address, or contact the recipient
directly to find out the correct address.
<mail.corcoranmgmt.com #5.1.1>



"Steve Antonio [MSFT]" wrote:

It does seem that the RUS is stamping them, but something else may be
going on here. Does the user show any errors when trying to send or
receive?

Also, could you perform and LDP dump on one of the problem users, just
to make sure all the proper attribs are there?

Windows 2003 Support Tools
start/run ldp.exe
1. Connection/Connect - type in the name of a DC, leave port at 389
2. Connection/Bind - type in username, password and domain of a domain
admin
3. View/Tree - leave blank
4. On the left panel, expand the domain and locate the user.
5. Once located, hit CTRL-N to clear the right panel
6. Double click the user, the attribs now show up on the right
7. Connection/Save (save as ldp.txt)
8. Copy the details here.

Thanks,

Steve

On Wed, 25 Apr 2007 08:44:05 -0700, ces
<ces@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

Hope this helps.

Steve Antonio, CISSP
Microsoft Exchange Support

Hope this helps.

Steve Antonio, CISSP
Microsoft Exchange Support

.