Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 572
  • Last Modified:

Lost send as permissions to mailboxes after moving mailboxes to a new Exchange 2000 server

Here is my scenario...  I have a single Exchange 2000 Enterprise Server in my Active Directory.  The database was getting too big, so I added another server and moved a large portion of the users to this newer, faster server.  I used the Exchange Tasks Wizard to move the mailboxes.  All of this went extremely well, with one exception.  People lost their abililty to "send as" in mailboxes that they used to be able to do this.  For example, the facilities people had their own personal mailbox and a facilities mailbox in their Outlook client and used to be able to reply as "facilities" to emails received in that box.  This no longer works after these mailboxes were moved.

Additional info:  Server 1 is running Win2k Advanced Server with SP2 and Exchange 2000 Enterprise with SP2.   Server 2 is running Win2k Advanced Server with SP3 and Exchange 2000 Enterprise with SP3.  Anyone with Domain Admin rights still can "send as" but regular users lost the ability after the move.
0
maddog63
Asked:
maddog63
  • 7
  • 6
1 Solution
 
David WilhoitSenior Consultant, ExchangeCommented:
Is either server a DC?
Second, why did you change SP levels between the 2 servers? I don't think it caused this, but now, you need to go over and upgrade the other server to SP3 for both OS and Exchange. MS doesn't recommend running mixed SP levels in production.

Third, they can still login to their mailboxes, and can send mail, or no? Are you saying that they lost delegated perms?

D
0
 
maddog63Author Commented:
First, let me thank you for your rapid response!  I greatly appreciate it!

Neither server is a DC.  The reason for the SP disparity between servers is the first server has been in production for a very long time and we haven't had the opportunity to update it.  The new server is current because we just built it.  The users can still send and receive mail just fine if they are using their own mailbox.  For example, our Registrar, we'll call her Mary can send and receive from her personal email box with no problems.  She also has the Registrar's mailbox in her Outlook.  On the Active Directory, she has full mailbox rights for the Registrar's mailbox. When her email box and the Registrar's box were on the First server, she could send mail as the "registrar".  Once I moved both mailboxes to the new server, her's works fine and she can send and receive.  She gets Registrar email and can move it and delete it, but she can't send mails as Registrar.  She gets an error stating she doesn't have permission to send as Registrar. (paraphrased)
0
 
David WilhoitSenior Consultant, ExchangeCommented:
Interesting. did you ever grant delegate perms on the registrar mailbox, that gave her the send as rights? Or did you just give her "send as" on that object?

If you look at the Outlook options, on the registrar mailbox, does she still show in the delegates? Just trying to figure out what actually got "lost"

D
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
David WilhoitSenior Consultant, ExchangeCommented:
"On the Active Directory, she has full mailbox rights for the Registrar's mailbox."

Does she still have this, when you look at the AD object?

D
0
 
maddog63Author Commented:
First, let me thank you for your rapid response!  I greatly appreciate it!

Neither server is a DC.  The reason for the SP disparity between servers is the first server has been in production for a very long time and we haven't had the opportunity to update it.  The new server is current because we just built it.  The users can still send and receive mail just fine if they are using their own mailbox.  For example, our Registrar, we'll call her Mary can send and receive from her personal email box with no problems.  She also has the Registrar's mailbox in her Outlook.  On the Active Directory, she has full mailbox rights for the Registrar's mailbox. When her email box and the Registrar's box were on the First server, she could send mail as the "registrar".  Once I moved both mailboxes to the new server, her's works fine and she can send and receive.  She gets Registrar email and can move it and delete it, but she can't send mails as Registrar.  She gets an error stating she doesn't have permission to send as Registrar. (paraphrased)
0
 
maddog63Author Commented:
Interestingly enough, we never did enable "Send on Behalf" under delivery options, we simply went into the Exchange ADvanced tab and under mailbox rights gave the person full mailbox access and read permissions.  This has always worked until we moved the mailboxes.  Incidently, she still has those rights.  I have tried removing them and re-enabling them to see if it fixes it, as well as removing it from her Outlook and re-adding it and it still doesn't work. Very odd problem.  My understanding is that all rights are set on the Active Directory and those are all correct and haven't changed.  Only the mailbox location has changed and the Active Directory object is pointing to the proper private store that has the mailboxes.
0
 
David WilhoitSenior Consultant, ExchangeCommented:
Do you know how to perform an LDP dump on a user object? If so, you should compare a user object from the old server with a userobject from the new server, and see if there are subtle differences. You'd need to install the Windows support tools to run ldp.exe.

D
0
 
maddog63Author Commented:
I will give it a try and see what happens.  Thanks for the info!  I will let you know what we find.
0
 
maddog63Author Commented:
I will give it a try and see what happens.  Thanks for the info!  I will let you know what we find.
0
 
maddog63Author Commented:
Here is a possible problem point, if someone could clear this up...  We are running Exchange 2000 Enterprise on both of the servers.  Do we need to have ADC installed?  We don't as far as I know.  Do you need ADC if you only have 1 Exchange 2000 server?
0
 
David WilhoitSenior Consultant, ExchangeCommented:
you only need the ADC when you're connecting a 5.5 site to Active Directory, not necessary in your situation.

D
0
 
maddog63Author Commented:
Great thanks!  I appreciate all of your help.  You have been great!
0
 
David WilhoitSenior Consultant, ExchangeCommented:
you're welcome!
0

Featured Post

[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 7
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now