Link to home
Start Free TrialLog in
Avatar of DVation191
DVation191

asked on

Open User's Mailbox after Disabling Account in AD

We had an employee leave the company so we disabled the account and the computer in AD. Although I have full permissions to all mailboxes, when I tried to add the employees mailbox to outlook, it let me. But then when I tried to expand the mailbox in Outlook it tells me "The set of folders could not be opened".

I thought this had to do with the account being disabled, so I re-enabled both accounts (the computer and the user) in AD. The same thing happens. Why can't I open this users mailbox?
Avatar of ikm7176
ikm7176
Flag of Saudi Arabia image

Avatar of DVation191
DVation191

ASKER

I read through it...and it makes sense. But my account is in the permissions as having full access. And before disabling the account I was able to open the mailbox no problem. I still don't know what is wrong. What is in that article you think I should be trying?
SOLUTION
Avatar of Jamie McKillop
Jamie McKillop
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
> "From the list of "group or user names:" select SELF. Click "Allow" beside "Associated external account". "
I checked off "allow" and waited ten minutes then tried to reconnect to the mailbox and got the same error.

> " Fix this by adding the self object manually. "
The SELF object is indeed there.

> "Note: Any modification of permissions may take up to two hours before it gets activated. This is because you must wait for the DSAccess cache to be refreshed, which, by default, is done every two hours!"
This is only only DC on which exchange runs but I'll wait the two hours just to be sure.

> "The problem is that you have a disabled user account, which in turn tells Exchange that there is no primary owner of this mailbox."
Ok I understand...I re-enabled the account and made the modifcation to SELF permissions, now I'll wait two hours to try again.

> "When you later on want to Enable Account, you must also remember to remove the AEA permission for the SELF object; otherwise Exchange will see two owners of this mailbox: the enabled account and the one with AEA permission. Note: You may think that the ADUC should be smart enough to grant and remove the AEA permission automatically, but it doesn’t! You must do this manually!"
Oh crap...ok so if AEA has allow permissions, the account needs to be disabled...if the account is enabled, AEA has to be removed from the permissions???





SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Ah, finally it worked! Sorry for the confusion...just glad I got it worked out...thanks guys.