Exchange 2010: Send As Permission for group mailbox...
Our helpdesk has a shared mailbox used for users to submit issues. Up until a week ago, all of the helpdesk techs could send-as the shared mailbox.
Now when they attempt to send as the shared mailbox via Outlook they get the error "You do not have the permission to send the message on behalf of the specified user.". When I attempt to manage send as permission via EMC (using an account
with Domain Admin privileges) I've found that the list of users who can send as is blank. When I attempt to add send as permissions via EMC I get the error below:
domain\username
Failed
Error:
Active Directory operation failed on DC1.xxxxxx.local. This error is not retriable. Additional information: Access is denied.
Active directory response: 00000005: SecErr: DSID-031521E1, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
The user has insufficient access rights.
Click here for help... http://technet.microsoft.com/en-US/library/ms.exch.err.default(EXCHG.140).aspx?v=14.3.195.1&t=exchgf1&e=ms.exch.err.Ex6AE46B
Exchange Management Shell command attempted:
Add-ADPermission -Identity 'CN=account,DC=xxxxxx,DC=local'
-User 'domain\username' -ExtendedRights 'Send-as'
Elapsed Time: 00:00:00
Anyone have any advice to fix this issue?
Thanks in advance for your help.
I got this sorted. Here's the fix:
On the problem account: Open up active directory > Select the target user account > properties > Security Tab > advanced button. If
you cannot see the Security tab you have to go to view > advanced features
On the Permissions tab put a check mark in Allow inheritable permissions from
the parent and click ok
Similar Messages
-
Exchange 2013 send as permission not allowed
We have a Exchange 2013 server and Outlook 2010 clients. I have set full permission on other mailboxes with Powershell and in the ECP I set Send As permission for this user. But when I start Outlook 2010, go to the mailbox of one of the users and try to
send an email as this user, the Outlook gives the error that send as is not allowed. What could the problem be?Hi,
Please log in the Exchange Admin Center in Exchange 2013 to check whether the permissions are configured properly:
1. Access ECP URL in IE to logon EAC as an administrator.
2. Click recipients > Mailbox.
3. Double-click the userA which is set full access permission and send as permission.
4. In the User Mailbox window, click mailbox delegation to check whether the userB is listed under Send As and Full Access permission.
If the permission is configured correctly, please try removing the permission and re-add it to check whether the issue persists.
Thanks,
Winnie Liang
TechNet Community Support -
Dear all,
I am having problems with exchange 2010 sending emails through a postfix smarthost server which disconnects the sessions. I also use a sendmail as a smarthost
server which is working just fine but I have to switch to postfix and cannot do this as long as the encryption does not work.
Here is the log file of the postfix server:
Jan 4 14:18:59 server7 postfix/smtpd[1659]: initializing the server-side TLS engine
Jan 4 14:18:59 server7 postfix/smtpd[1659]: connect from server1.mydomain.com[192.168.20.10]
Jan 4 14:18:59 server7 postfix/smtpd[1659]: setting up TLS connection from server1.mydomain.com[192.168.20.10]
Jan 4 14:18:59 server7 postfix/smtpd[1659]: server1.mydomain.com[192.168.20.10]: TLS cipher list "aNULL:-aNULL:ALL:+RC4:@STRENGTH"
Jan 4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:before/accept initialization
Jan 4 14:18:59 server7 postfix/smtpd[1659]: read from 7F4823FA5210 [7F4823FAB1B0] (11 bytes => -1 (0xFFFFFFFFFFFFFFFF))
Jan 4 14:18:59 server7 postfix/smtpd[1659]: read from 7F4823FA5210 [7F4823FAB1B0] (11 bytes => 11 (0xB))
Jan 4 14:18:59 server7 postfix/smtpd[1659]: 0000 16 03 01 00 5a 01 00 00|56 03 01 ....Z... V..
Jan 4 14:18:59 server7 postfix/smtpd[1659]: read from 7F4823FA5210 [7F4823FAB1BE] (84 bytes => 84 (0x54))
Jan 4 14:18:59 server7 postfix/smtpd[1659]: 0000 54 a9 3d b9 0d 5e 8b 64|7c 6b b5 21 f2 93 e7 84 T.=..^.d |k.!....
Jan 4 14:18:59 server7 postfix/smtpd[1659]: 0010 17 ea 33 d7 e5 13 f2 75|3a 87 38 32 01 85 82 5b ..3....u :.82...[
Jan 4 14:18:59 server7 postfix/smtpd[1659]: 0020 00 00 18 00 2f 00 35 00|05 00 0a c0 13 c0 14 c0 ..../.5. ........
Jan 4 14:18:59 server7 postfix/smtpd[1659]: 0030 09 c0 0a 00 32 00 38 00|13 00 04 01 00 00 15 ff ....2.8. ........
Jan 4 14:18:59 server7 postfix/smtpd[1659]: 0040 01 00 01 00 00 0a 00 06|00 04 00 17 00 18 00 0b ........ ........
Jan 4 14:18:59 server7 postfix/smtpd[1659]: 0050 00 02 01 ...
Jan 4 14:18:59 server7 postfix/smtpd[1659]: 0053 - <SPACES/NULLS>
Jan 4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:SSLv3 read client hello A
Jan 4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:SSLv3 write server hello A
Jan 4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:SSLv3 write certificate A
Jan 4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:SSLv3 write key exchange A
Jan 4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:SSLv3 write server done A
Jan 4 14:18:59 server7 postfix/smtpd[1659]: write to 7F4823FA5210 [7F4823FB8B70] (1911 bytes => 1911 (0x777))
Jan 4 14:18:59 server7 postfix/smtpd[1659]: 0774 - <SPACES/NULLS>
Jan 4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:SSLv3 flush data
Jan 4 14:18:59 server7 postfix/smtpd[1659]: read from 7F4823FA5210 [7F4823FAC803] (5 bytes => 0 (0x0))
Jan 4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:failed in SSLv3 read client certificate A
Jan 4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept error from server1.mydomain.com[192.168.20.10]: lost connection
Jan 4 14:18:59 server7 postfix/smtpd[1659]: lost connection after STARTTLS from server1.mydomain.com[192.168.20.10]
Jan 4 14:18:59 server7 postfix/smtpd[1659]: disconnect from server1.mydomain.com[192.168.20.10]
I
have read in the post at https://social.technet.microsoft.com/Forums/exchange/en-US/6db38364-cb08-45c0-b159-3ddf30ef0b3e/exchange-2010-send-connector-uses-ssltls-and-cannot-connect-to-smarthost-how-to-deactivate-ssl?forum=exchange2010
how to deactivate the SSL encryption, but this is of course a security flaw, if I am not mistaken. I would like to encrypt the connection between the servers for obvious security
reasons but I have come to a standstill...
My Exchange server certificate is configured
as follows:
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAcc
ule, System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKe
essRule}
CertificateDomains : {server1, server1.solid-con.com}
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=server1
NotAfter : 22/01/2017 13:18:02
NotBefore : 22/01/2012 13:18:02
PublicKeySize : 2048
RootCAType : None
SerialNumber : 6925D91285B649BD4D5E4297F1A48471
Services : IMAP, POP, IIS, SMTP
Status : Valid
Subject : CN=server1
Thumbprint : 939A37173BF84E352CEDC74F7D9A3D71F498A005
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAcc
ule, System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {WMSvc-SERVER1}
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=WMSvc-SERVER1
NotAfter : 19/01/2022 12:56:44
NotBefore : 22/01/2012 12:56:44
PublicKeySize : 2048
RootCAType : Registry
SerialNumber : 1DB8711F7ADC5CB54196468EF2FF5D21
Services : None
Status : Valid
Subject : CN=WMSvc-SERVER1
Thumbprint : 191D86BDE274510453D58DDB91D253DABBCF05F1
And My Default Send Connector is configured as follows:
AddressSpaces : {SMTP:*;1}
AuthenticationCredential : System.Management.Automation.PSCredential
Comment :
ConnectedDomains : {}
ConnectionInactivityTimeOut : 00:10:00
DNSRoutingEnabled : False
DomainSecureEnabled : False
Enabled : True
ErrorPolicies : Default
ForceHELO : False
Fqdn :
HomeMTA : Microsoft MTA
HomeMtaServerId : SERVER1
Identity : Internet
IgnoreSTARTTLS : False
IsScopedConnector : False
IsSmtpConnector : True
LinkedReceiveConnector :
MaxMessageSize : unlimited
Name : Internet
Port : 25
ProtocolLoggingLevel : None
RequireOorg : False
RequireTLS : False
SmartHostAuthMechanism : None
SmartHosts : {server7.mydomain.com, server6.mydomain.com}
SmartHostsString : server7.mydomain.com,server6.mydomain.com
SmtpMaxMessagesPerConnection : 20
SourceIPAddress : 0.0.0.0
SourceRoutingGroup : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers : {SERVER1}
TlsAuthLevel :
TlsDomain :
UseExternalDNSServersEnabled : False
Any help would be greatly appreciated as I am
stuck...
LucaHi Allen,
Thank you very much for your reply.
The Postfix TLS Manager is enabled in master.cf
tlsmgr unix - - n 1000? 1 tlsmgr
and running
server7:/etc/postfix # ps -efa|grep tls
postfix 11967 11863 0 11:21 ? 00:00:00
tlsmgr -l -t unix -u
Every other (Linux/UNIX) server has no problem e.g.:
Jan 5 11:28:36 server7 postfix/smtpd[12215]: connect from server2.mydomain.com[192.168.20.20]
Jan 5 11:28:36 server7 postfix/smtpd[12215]: Anonymous TLS connection established from server2.mydomain.com[192.168.20.20]: TLSv1 with cipher DHE-DSS-AES256-SHA (256/256 bits)
Jan 5 11:28:36 server7 postfix/smtpd[12215]: B5502946AB0: client=server2.mydomain.com[192.168.20.20]
Jan 5 11:28:36 server7 postfix/cleanup[12221]: B5502946AB0: message-id=<[email protected]>
Jan 5 11:28:36 server7 postfix/qmgr[12200]: B5502946AB0: from=<[email protected]>, size=1026, nrcpt=1 (queue active)
Jan 5 11:28:36 server7 postfix/smtpd[12215]: disconnect from server2.mydomain.com[192.168.20.20]
Jan 5 11:28:37 server7 postfix/smtpd[12225]: connect from localhost[127.0.0.1]
Jan 5 11:28:37 server7 postfix/smtpd[12225]: 4076A946AB1: client=localhost[127.0.0.1]
Jan 5 11:28:37 server7 postfix/cleanup[12221]: 4076A946AB1: message-id=<[email protected]>
Jan 5 11:28:37 server7 postfix/qmgr[12200]: 4076A946AB1: from=<[email protected]>, size=1778, nrcpt=1 (queue active)
Jan 5 11:28:37 server7 postfix/smtpd[12225]: disconnect from localhost[127.0.0.1]
Jan 5 11:28:37 server7 postfix/smtp[12222]: B5502946AB0: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.54, delays=0.05/0.01/0.01/0.47, dsn=2.0.0, status=sent
(250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 4076A946AB1)
Jan 5 11:28:37 server7 postfix/qmgr[12200]: B5502946AB0: removed
Jan 5 11:28:37 server7 postfix/cleanup[12221]: 4401F946AB0: message-id=<[email protected]>
Jan 5 11:28:37 server7 postfix/qmgr[12200]: 4401F946AB0: from=<[email protected]>, size=1920, nrcpt=1 (queue active)
Jan 5 11:28:37 server7 postfix/local[12226]: 4076A946AB1: to=<[email protected]>, relay=local, delay=0.02, delays=0/0.01/0/0, dsn=2.0.0, status=sent (forwarded as 4401F946AB0)
Jan 5 11:28:37 server7 postfix/qmgr[12200]: 4076A946AB1: removed
Jan 5 11:28:37 server7 postfix/smtp[12227]: Untrusted TLS connection established to 192.168.20.10[192.168.20.10]:25: TLSv1 with cipher AES128-SHA (128/128 bits)
Jan 5 11:28:37 server7 postfix/smtp[12227]: 4401F946AB0: to=<[email protected]>, orig_to=<[email protected]>, relay=192.168.20.10[192.168.20.10]:25,
delay=0.29, delays=0/0.01/0.02/0.25, dsn=2.6.0, status=sent (250 2.6.0 <[email protected]> [InternalId=619] Queued
mail for delivery)
Jan 5 11:28:37 server7 postfix/qmgr[12200]: 4401F946AB0: removed
and if you take a look at the lines in bold you will see that mails can be delivered over TLS to that very Exchange server (the mailboxes are on that server)...
To summarise:
exchange --> postfix with TLS = session disconnected (and everything seems to be initiated by the exchange server -if I read the logs correctly)
postfix --> exchange with TLS = works
any further hints?
Thank you very much in advance,
Luca -
Exchange 2007 - Send As Permission
Hello, I have Exchange Server 2007 installed on my Windows Server 2008 system and am using an ASP.NET web application to send an e-mail message when certain events occur. My problem is that I have everything set up and functioning properly, the e-mail message is sent with the designated e-mail address and I receive the e-mail message with no problems. In order to do this, I have a generic e-mail address that I created for my domain and granted that generic e-mail address "Send As" permission for a different domain e-mail address and use the generic e-mail address in my ASP.NET web application for security purposes.
My problem is the "Send As" permission seems to disappear very frequently. It seems that I need to go into the Exchange Management Console and grant this Send As permission every time my server is rebooted, or even after going into Exchange Management Console to "Look around" and see what I have set up. Does anybody know if there is a way to make the grant of Send As permission permanent so I don't have to constantly re-grant it? I have applied SP1 to Exchange Server 2007 and am always sure to apply the most recent patches, etc. as soon as they are released.
Thanks in advance!
TimDear customer:
Thanks for Bala’s reply. He is right.
Active Directory uses a protection mechanism to make sure that ACLs are set correctly for members of sensitive groups. The mechanism runs one time an hour on the PDC operations master. The operations master compares the ACL on the user accounts that are members of protected groups against the ACL on the following object:
CN=adminSDHolder,CN=System,DC=<MyDomain>,DC=<Com>
Note "DC=<MyDomain>,DC=<Com>" represents the distinguished name (DN) of your domain.
If the ACL is different, the ACL on the user object is overwritten to reflect the security settings of the adminSDHolder object (and ACL inheritance is disabled). This process protects these accounts from being modified by unauthorized users if the accounts are moved to a container or organizational unit where a malicious user has been delegated administrative credentials to modify user accounts. Be aware that when a user is removed from the administrative group, the process is not reversed and must be manually changed.
The following list describes the protected groups in Windows Server 2003 and in Windows 2000 after you apply the 327825 hotfix or you install Windows 2000 Service Pack 4:
• Administrators
• Account Operators
• Server Operators
• Print Operators
• Backup Operators
• Domain Admins
• Schema Admins
• Enterprise Admins
• Cert Publishers
Additionally the following users are also considered protected:
• Administrator
• Krbtgt
So first, please check whether the user that you grant “sends as” permission for it belongs to the above group. If so, open ADSIEDIT.msc, Check"Allow inheritable permissions from the parent to propagate to this object and all child objects. Include these with entries explicitly defined here" option on the adminSDHolder. And replicates all the DC, and grant “send as” permission for the user again via EMC, check whether the “send as” work fine.
For more information about adminSDHolder, please refer to “MORE INFORMATION” section in the following article:
Delegated permissions are not available and inheritance is automatically disabled
http://support.microsoft.com/kb/817433/en-us
Additionally, for more information about Exchange 2007 Permissions, please refer to the following documents:
Exchange 2007 Permissions: Frequently Asked Questions
http://technet.microsoft.com/en-us/library/bb310792.aspx
Hope it helps. If you have any question, please feel free to let me know.
Rock Wang - MSFT -
Outlook/exchange 2010 "cannot expand folder" on shared mailbox
exchange 2010. outlook 2010 (and outlook 2013).
change user mailbox 'mailbox1' to a shared mailbox with powershell:
set-mailbox mailbox1 -type shared
verify the mailbox appears as shared in exchange console.
grant Full Access Permission to mailbox1 to Group1 AD group.
member of Group1 adds mailbox1 as an additional mailbox to his outlook exchange account.
when he clicks on mailbox1, outlook says "cannot expand folder. (was this information helpful?)"
member of ad group logs out of windows and logs back in repeatedly.
but when he clicks on mailbox1, outlook says "cannot expand folder. (was this information helpful?)"
edit: if I specifically grant full access permission to the user, he can open the mailbox in outlook. I want to grant the permission to a group, not to individual users.Hi,
I can give a security group full access permission to a shared mailbox in my Exchange 2010 environment. And all group members can add the shared mailbox as an additional mailbox in Outlook.
Please make sure the full access permission has been assigned to Group1 and the problematic user is a member of this group. Then remove the additional mailbox and restart Outlook, re-add the shared mailbox as an additional mailbox to have a try. If the issue
persists in Outlook, please try to open the shared mailbox in OWA to check whether the user can access it.
Thanks,
Winnie Liang
TechNet Community Support -
Our company moved from on-premises Exchange 2003 to Office365 and only have 4 Exchange 2003 servers on-prem that we use for Routing email from application servers to Office365. We need to migrate these servers to Exchange 2010 then to Exchange 2013 and
only route email only. Is it possible to upgrade to Exchange 2010 by installing the transport Hub & Mailbox server options only? Our OAB and EWS services come from the CAS servers located on Office365 so we should not need a CAS server to set up Transport
rules or route mail would we? Any assistance with this would be greatly appreciated! - Thanks, DWB
DaveSince it is not internet facing we will not have to worry about configuring an Internet Domain Name when installing the first server, correct? in my planning I was going to
install the Exchange 2010 CAS/Mailbox/Transport Hub roles on one server, then upgrade it to Exchange 2013. Once this is completed I'll then install the 2 mailbox role servers in one Datacenter, and 3 more in our DRP DC. If something happens to the
primary Datacenter I would want it to fail over to the other site. For this I would have to install another CAS/mailbox server in the secondary DC. Would this plan sound about right? Since we moved to Office365 in 2010 I have not had a chance to deal with
actual servers except for the Exchange 2003 servers we still have on-premises. Each of these are located in 4 Regional offices along with single Windows 2008 R2 servers using only the IIS SMTP service for routing mail from on-prem application servers
and print/scanners which email back to the users. The plan is to move to a routing system which will provide both MTA and redundancy if one has an issue.
Dave -
Checking Executable Permission for Group
Hi All,
Is there a command to check if a file has executable permission for group? I am aware that it can be checked looking at permissions using "ls". But, if the same functionality is implemented in a shell script, is there a command to achieve this? For example, "find" commad with "-perm" option...
Thanks in advanceThere are several ways to accomplish the task if you want to check a specific file.
For instance:
$ touch testfile1
$ touch testfile2
$ chmod 740 testfile1
$ chmod 750 testfile2
$ ls -l testfile?
-rwxr-----. 1 dude dude 0 May 13 11:51 testfile1
-rwxr-x---. 1 dude dude 0 May 13 11:51 testfile2
$ [ $(ls -l testfile1 | cut -c 7 | grep x ) ] && echo "yes" || echo "no"
no
$ [ $(ls -l testfile2 | cut -c 7 | grep x ) ] && echo "yes" || echo "no"
yes -
Exchange 2010 - Selecting display names for users with multiple mailboxes
Hi all,
This isn't so much of a problem, but more of a "What is the best way to handle this" sort of thing.
I have a client with Exchange 2010 and multiple domains. Because they must be able to send as each domain, I have them setup with individual accounts/mailboxes for each domain. We're at a point that they have three domains which means three accounts per
user and three listings in the GAL. Their original accounts shows up as Smith, John. The second domain added shows up as First last. I'm at a loss what to use for the third. They want each account to show up in the GAL so that other users can send account
specific stuff to them if needed, but I'm trying to figure out how to keep this relatively organized and not make the name on outbound emails too convoluted.
Any suggestions on a format I can use that will make these accounts stand out from each other in the GAL, but not be a hot mess on the recipient end either?Smith, John (Company A)
Smith, John (Company B)
Smith, John (Company C)
Ed Crowley MVP "There are seldom good technological solutions to behavioral problems." -
Exchange 2010 Send As Permissions Dropping
We are finding send as rights are dropping even though they are still appearing in the send As Rights Permissions box. This has been happeneing intermittently for a few weeks now, has anyone experienced something similar?
ThanksHi,
As per the information and details provided by you, Send As permission is Dropping in Exchange 2010.
Please follow these steps to setup Send As Permission in Exchange Server2010: -
In Exchange 2010, Click on Start>
Programs> Microsoft Exchange> and then click
Active Directory Users and Computers.
In the View menu, click on the
Advanced Features.
Expend Users, then right click the Mailbox Owner object where you want to grant the permission, and then click
Properties.
Click on the Security tab, and then click on
Advanced.
In the Access Control Setting for Mailbox Owner dialog box, click on Add.
In the Select User, Computer, or Group dialog box, click the user account or the group that you want to grant Send As permission to and then click
OK.
In the Permission entry for Mailbox Owner dialog box, click
This Object Only in the Apply onto list.
In the Permission list, locate
Send As, and then click to select the Allow check box.
Click OK three times to close the dialog boxes.
I hope this information will be helpful for you.
Thanks and regards
Ashish@S
Ashish@V -
Exchange 2010: Sender address rejected: Access denied
hi friends
i have been recently experiencing an issue with one of my customer which i send email i get bounce message while i can receive their emails with no issue. i have exchange 2010 installed and im using Anti spam device too. my domain is ok.com
i try to send from OWA as well but i get the same result.
Delivery has failed to these recipients or groups:
[email protected] A problem occurred during the delivery of this
message to this e-mail address. Try sending this message again. If the problem continues, please contact your helpdesk.
Diagnostic information for administrators:
Generating server: antispamServer.ok.com
[email protected] #< #5.0.0 X-Spam-&-Virus-Firewall; host mail.abc.com[22.22.22.12] said: 554
5.7.1 <btv1==14869c83b8f==[email protected]: Sender address rejected: Access denied (in reply to RCPT TO command)> #SMTP#
Original message headers:
any idea?
thankshi
when i disable the antispam device i get this error
smtp5.relay.iad3a.emailsrvr.com rejected your message to the following e-mail addresses:
[email protected]
smtp5.relay.iad3a.emailsrvr.com gave this error: <[email protected]>: Sender address rejected: Access denied
Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept e-mail from certain senders, or another
restriction may be preventing delivery. -
Hi - I'm getting the following error when trying to add send as permission in Exchange 2010 - can anyone advise why this error is occurring? It is advising of insufficient rights but I can't see how this mailbox is different from others that allow the permission
Thanks Jus
Summary: 1 item(s). 0 succeeded, 1 failed.
Elapsed time: 00:00:00
DOMAIN\user
Failed
Error:
Active Directory operation failed on (server) This error is not retriable. Additional information: Access is denied.
Active directory response: 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
The user has insufficient access rights.
Click here for help...
Exchange Management Shell command attempted:
Add-ADPermission -Identity 'CN=Recruitment Perth Festival,OU=Resource Accounts,OU=PIAF Users,DC=piaf,DC=network' -User 'PIAF\jblackwell' -ExtendedRights 'Send-as'
Elapsed Time: 00:00:00Hi,
From the error description, the account you use don't have sufficient permission. I recommend you follow the steps below for troubleshooting:
Open ADUC -> double click the problematic user account -> click Security -> click Advanced, check if "Allow inheritable permissions from the parent to propagate to this object and all child objects. Include these with entries explicitly defined
here." is checked. If no, please check it. I see some people have the same issue, they check it and then the issue is resolved.
Also, you can use the following cmdlet to grant a user send as permission.
Add-ADPermission "xxx" -User "xxx.xxx\xxx" -Extendedrights "Send As"
Hope it helps.
If you need further assistance, please feel free to let me know.
Best regards,
Amy
Amy Wang
TechNet Community Support -
Outlook 2010 Exchange 2010 Read Receipt Request for all emails cannot be switched OFF.
I have a strange situation with an Outlook 2010 client using Exchange 2010. The user has Outlook configured so that Under Options/Mail/Tracking - that "Read receipt confirming the recipient has viewed the message" is turned off. Yet everytime she
sends a message, the option to request pops up on the recipient's outlook.
I have tried to toggle the option on and off to no avail. I can switch the Delivery Receipt request on and off and it is no issue.
Can anyone tell me what attribute in ADSIEdit or Exchange is that seems to be stuck ON?Hi,
I believe you would like to block this only for the user and not for your ORG... ??
Although, you can block this for your entire ORG.
what happens is that the Read receipt contains a "Disposition-Notification-To"
If we get rid of this header we can restrict the receiver to get that prompt.
we can create a Transport rule either for the entire org or for that specific user by making an adjustment in the "exception tab"
for more info refer this blog.
http://blogs.technet.com/b/exchange/archive/2011/02/23/3412028.aspx
Thanks & Regards
John Chris -
Exchange 2010 - Send Connector High Availability
Hi All,
I performed a successful migration a few years back from a single node Exchange 2003 server to a two node Exchange 2010 organisation with a DAG and Kemp load balanced CAS array. The solution works well and when we simulate a site failure
I am able to get the second node to handle all mail functions.
The one problem I have though is that I have to manually disable the send connector on the primary server in order for the one on the secondary server to be in use. I should explain that I have two send connectors as I do not want the secondary server
to be used unless the primary server is down or the route is unavailable. I realise that Exchange 2010 does not know whether the SMTP route is down or not so will just continue trying to use the send connector from the primary server (until I tell it
not to by disabling it).
My question is how do I get this to happen automatically? Does anyone else have an example of how this could be done or use a PowerShell script to achieve this? I guess a script could check the route and disable the send connector on the primary
server if necessary, but how would one do this?
Any help greatly appreciated.
RobHi,
According to your description, your secondary send connector cannot be automatically used when the first one is down. If I misunderstand your meaning, please feel free to let me know.
If yes, I’d like to confirm if the settings of the secondary one is same with the first one and we can check the connectivity logs including diagnostic information for Healthy Server Selector.
For more information, you can refer to the following article:
http://technet.microsoft.com/en-us/library/ff634392(v=exchg.141).aspx
Thanks,
Angela Shi
TechNet Community Support -
Exchange 2010 SP1 - Export to PST, Remove Mailbox
I'm looking for a PowerShell script that will allow me to use Exchange 2010 SP1 to export a mailbox to PST and then when finished, delete the user and mailbox. I typically do this process manually about 6 months after an employee leaves the company (allowing
for live access to the mailbox and message forwarding to their supervisor).
Ideally, the script would take input for a mailbox ID, and then export the file to a file of the mailbox name (Prompt: jdoe -> New-MailboxExportRequest -Mailbox jdoe -FilePath \\server\path\jdoe.pst). After the export is complete, it would schedule the
mailbox for complete removal and remove the completed mailbox export request. The prompt and export process should be simple enough, but I suspect the difficulty will come with monitoring for the completed request before acting on the removal.
Thanks for any help provided! :)Thanks for the guidance!
I think I was able to come up with something that will do the trick nicely:
$Name = Read-Host "Please enter a mailbox to archive"
New-MailboxExportRequest -Mailbox $Name -FilePath \\Exchange\C$\ExchangeExports\$Name.pst
while ((Get-MailboxExportRequest -Mailbox $Name | Where {$_.Status -eq "Queued" -or $_.Status -eq "InProgress"}))
sleep 60
Get-MailboxExportRequest -Mailbox $Name | Remove-MailboxExportRequest -Confirm:$false
Remove-Mailbox -Identity $Name -Confirm:$false
Hopefully it may help others. -
Hi Guy's,
we run Exchange 2013 + Outlook 2010
as i was investigating an Outlook Sync Error, for a secondary mailbox, i figured out that the Mailbox has more than 500 Folders and that i can see the Evnet ID 9646 (Mapi session exceeded the maximum of 500 objects) on the Exchange Server.
Now i found a fix for Exchange 2010 but not for Ex2013, is the old fix for EX2010 still valid?:
Navigate to HKLM > System > CurrentControlSet > Services > MSExchangeIS > ParametersSystem. Create a new key in ParametersSystem named
MaxObjsPerMapiSession. In MaxObjsPerMapiSession, create a DWORD named
objtFolder with a decimal value of 600. Create a second DWORD named
objtFolderView
anyone an idea on this?
regards
StefanOK
i seems that fix is still working and you don't even need to reboot.
Also solved the sync Problems of secondary Mailbox.
regards
Stefan
Maybe you are looking for
-
Selection-screen in the output of the program
Hi, I want to print the selection criteria ( or Values ) in the output of the program on the RIGHT HAND SIDE OF THE HEADER. I am doing code through ALV and I want to include the respective code in 'TOP_OF_PAGE' If there are no values in the selecti
-
Is it possible to schedule a room by sending an ics file?
I'm working on a third party service that creates events and invites a group of participants / rooms to attend those events. I do this by creating .ics files (iCalendar file format) and mailing them (from an outside account) to the participants. This
-
ANN: New product launch at the IFRA! Schedule a meeting with The Saints.
New solutions for Adobe Digital Publishing Suite Cut production costs - promote product sales - increase brand loyaltyMeet The Saints at the IFRA Create a store that's more than a storeThe key behind successful stores is that it is fun to go in, brow
-
i erased my mac then i tried to download the os x mavericks, wich i had before ; however, i got this Could not find installation information for this machine.
-
We're moving towards developing J2EE applications. However, since not every single release of Oracle Application Server contains the Oracle Forms and Reports services, I'm concern about report generation of complex reports. I know Oracle has somethin