Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Can't Access Exchange Mailbox

Posted on 2003-03-25
23
Medium Priority
?
1,668 Views
Last Modified: 2012-06-21
I have one user that is having trouble accessing their mailbox.  I created an outlook exchange profile and when they try to access their mailbox I get the following error:

Unable to display the folder. Microsoft Outlook could not access the specified folder location. The attempt to log on to the Microsoft Exchange Server computer has failed. (SERVER NAME)

I can set up this users mailbox on another pc and log on as administrator and I can access this mailbox with no problems.

Another thing is the application event log on the exchange server is filling up with the following two errors everytime the user tries to access their mailbox:

Event Type:     Error
Event Source:     MSExchangeIS Mailbox Store
Event Category:     Logons
Event ID:     1022
Date:          3/25/2003
Time:          11:51:21 AM
User:          N/A
Computer:     --------
Description:
Logon Failure on database "First Storage Group\Mailbox Store (SERVER NAME)" - Windows 2000 account DOMAIN\user; mailbox /o=domain/ou=First Administrative Group/cn=Recipients/cn=user35655086.
Error: -2147467259

And this is the second error that appears:

Event Type:     Error
Event Source:     MSExchangeIS
Event Category:     General
Event ID:     9562
Date:          3/25/2003
Time:          11:51:21 AM
User:          N/A
Computer:     -------
Description:
Failed to read attribute msExchUserAccountControl from Active Directory for /o=domain/ou=First Administrative Group/cn=Recipients/cn=user.

I have checked the permissions on this mailbox and the user has full control permission.

What is not configured properly for this user to be able to access their own mailbox?




0
Comment
Question by:mquinn0908
  • 11
  • 6
  • 3
  • +3
23 Comments
 
LVL 7

Expert Comment

by:dansoto
ID: 8204607
Is this an account with admin priveleges?
0
 
LVL 7

Expert Comment

by:dansoto
ID: 8204621
Also.. the domain may not be completely updated with the new account info (multiple DC's?).  Try forcing an update with the Recipient Update Service.  Info for using this and manually forcing the update is located here...

http://www.msexchange.org/tutorials/MF017.html

Let me know if this helps,

Dan Soto
New Orleans, LA
0
 
LVL 24

Expert Comment

by:David Wilhoit
ID: 8204692
On mailbox rights, add the user object "self" to the perms, give it full mailbox access. It may already be ther, but I've seen it get lost before.

D
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 

Author Comment

by:mquinn0908
ID: 8204929
This account does have admin priveleges.  Also, I have forced an update with the recipient update service and still no success.  As far as the rights are concerned both the user and self have full control on the mailbox.
0
 
LVL 7

Expert Comment

by:dansoto
ID: 8205214
Next step... use RUS (recipient update service) to rebuild instead of restart (from the same way as before).  Depending on the size of the domain it can take upwards of 15 mins or so.

Believe it or not admin accounts can be restricted by inherited rights.  This could be happening.

Let us know what happens after the rebuild.

Dan Soto
0
 

Author Comment

by:mquinn0908
ID: 8205348
I ran the RUS and choose rebuild...no success.

How can I find out if inherited rights are causing the problem?

Also, I am getting the following in the application log:

Event Type:     Error
Event Source:     MSExchangeIS Public Store
Event Category:     Logons
Event ID:     1024
Date:          3/25/2003
Time:          10:10:34 AM
User:          N/A
Computer:     --------
Description:
domain\user was unable to log on as domain\user to the Public Folder Store "First Storage Group\Public Folder Store (SERVER NAME)".

 
0
 

Author Comment

by:mquinn0908
ID: 8205509
One more thing...I can log on as an administrator and access this mail box and I added this user to the administrators group and they still can not log on as themself.
0
 
LVL 7

Expert Comment

by:dansoto
ID: 8205528
Question first:

Is this a mixed 5.5 / 2000 environment?

The attribute in question is "msExchUserAccountControl" which should be set to "0" for mail enabled objects (users, public folders).  The problem though is

a) RUS should have set this properly
b) The only way I know to get to this attribute is through ADSI Edit which is only available on the resource kit....further reading....  

http://www.exchangeadmin.com/Articles/Index.cfm?ArticleID=8901

Warning though... ADSI Edit for the lay person is pretty intensive and should be used with the same precautions as Regedit.


Maybe you can give a little more detail about your current Exchange environment.


Dan Soto
0
 

Author Comment

by:mquinn0908
ID: 8205579
No this is not a mixed environment, all servers including exchange are 2000.

In our environment we have two domains and only in one of them is an exchange server.  We have a very simple setup for about 30 users and this is the only user that is experiencing this problem.
0
 

Author Comment

by:mquinn0908
ID: 8205745
This account does have admin priveleges.  Also, I have forced an update with the recipient update service and still no success.  As far as the rights are concerned both the user and self have full control on the mailbox.
0
 

Author Comment

by:mquinn0908
ID: 8205844
I used the ADSI edit utility and browsed to the user in question and the value that is set for the msExchUserAccountControl is 0.
0
 
LVL 24

Expert Comment

by:David Wilhoit
ID: 8205937
Just kill the account, and rebuild it. Would it really take that long to rebuild his security? If not, just delete his account, not his mailbox.

Alternately,you can remove all mail attributes, and then  re-apply them, see if that fixes it. Get an ldp dump of the user object before you do it, and compare it to the object after you re-apply the mail attributes.

D
0
 

Author Comment

by:mquinn0908
ID: 8205938
I used the ADSI edit utility and browsed to the user in question and the value that is set for the msExchUserAccountControl is 0.
0
 

Author Comment

by:mquinn0908
ID: 8206015
how do I get an ldp dump of the user object?
0
 
LVL 7

Expert Comment

by:dansoto
ID: 8206023
I guess I thought killing the account was already done in this case.  I'm just reading too many EE messages today:-)

I would be curious to find out if subsequent new users have would have the same issue.

 -ds-
0
 

Author Comment

by:mquinn0908
ID: 8206031
It won't allow me to delete just the account.  When I try to delete it a box pops up saying that the selected object has other associated objects and there is a check next to mark each selected exchange mailbox for deletion and it won't allow me to remove the check mark.
0
 

Author Comment

by:mquinn0908
ID: 8206185
I have already tried to delete the users account and mailbox and then I recreated them and still the problem exists.

I created a new user and signed on as that person, created an outlook profile, and logged into the new mailbox and was able to send and receive with no problem.  I gave the new user access to the problem mailbox and was able to access it.  But once I sign off as the new user and back into the problem users profile I can not access the mailbox.

When I try to access the mailbox I get the following from outlook:

Unable to open your default e-mail folders.  The attempt to log on to the Microsoft Exchange Server computer has failed.

So I am able to add new users with no problems and I have killed the problem account and recreated it and the problem still exists.  This is weird.
0
 
LVL 24

Expert Comment

by:David Wilhoit
ID: 8206894
Unless you purged the mailbox after the delete, then you never created a new mailbox, just reconnected the user to the old one. By default, all mailboxes are retained 30 days after deletion.

D
0
 
LVL 26

Expert Comment

by:Vahik
ID: 8207468
hi there

 I saw on top u said when u log on from a different PC u are able to log in .... in that case remove or repair the outlook see u still have the same problem and also the user in question does  he also have internet mail set up on that outlook?
0
 

Author Comment

by:mquinn0908
ID: 8210357
Well after digging around I found out where the problem was.  We have two domains and the user log on from one of our domains is tied to the mailbox in the other domain.  In other words I give permission to a user in the first domain to access a mailbox in the exchange domain.  I deleted that user from the first domain and recreated it and then tied it to the mailbox and everything works as it should.


Also, just a note that I did purge the mailbox after I deleted the user and I also tried a repair on outlook and the problem still existed because it was a problem with the user profile from the other domain and not the one in the exchange domain.

Thanks everyone for your help.
0
 
LVL 7

Expert Comment

by:dansoto
ID: 8210724
I guess this would have fallen under my earlier statement of .. "Maybe you can give a little more detail about your current Exchange environment."  :-)

At least you figured out.  Good job.


- dan soto -
0
 
LVL 20

Expert Comment

by:What90
ID: 10896448
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I will leave the following recommendation for this question in the Cleanup topic area:
   PAQ/  Refund

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

What90
EE Cleanup Volunteer
0
 

Accepted Solution

by:
ee_ai_construct earned 0 total points
ID: 10935873
PAQed, with points refunded (250)

ee_ai_construct - (re-order part number #xm34)
Community Support Moderator
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I will demonstrate that how to do a PST migration from Exchange Server to Office 365. This method allows importing one single PST, or multiple PST's at once.
In this post, we will learn to set up the Group Naming policy and will see how it is going to impact the Display Name and the Email addresses of the Group.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question