We help IT Professionals succeed at work.

Unable to open default email folders, you do not have permissions to log on.

MOXpertsEx asked
Last Modified: 2011-08-18

Not sure whether this is an Outlook problem or an Exchange 5.5 problem but I will ask anyway.

I have recently created a mailbox for a new employee using Exchange 5.5 with all the config of existing users. When I log on to the network using the newly created account and try to open their Outlook mailbox I get the following error message;

> Unable to open your default email folders, you do not have permission to log on.

>Would you like to open a default file system folder instead.

I have the choice of selecting yes or cancel, if I click cancel Outlook shuts down completely but if I click yes then my Windows Explorer tree appears in the left column where the folder list normally is. This includes all mapped network drives!!

Any ideas? I think this might be more of a network permission problem rather than an Exchange one but any suggestions are more than welcome.

Thanks for your time,

Watch Question

This one is on us!
(Get your first solution completely free - no credit card required)

The mailbox is a domain resource like any other domain resources (printers, shares). Since the account logs onto the domain okay, the problem is not with the domain account or contacting a GC (if you're on an AD network). Check the properties in Exchange Administrator for the account and ensure the correct account is listed at the bottom of the General page. Then hit the Permissions tab (doens't show by default. Do Options:Tools:Permission and check first two boxes) and see that the account is listed here.

I'm assuming that all other accounts work fine from this one PC and that the network in general and Exchange specifically is overall working as expected. If that is the case and the above is as described then you the logic tree fails - that usually means a piece of information is missing.
This one is on us!
(Get your first solution completely free - no credit card required)


Hi Guys,

Sorry I dont think I explanied enough info to you.

We are using a Citrix Metaframe with roaming profiles so in theory a user should be able to log onto any machine, PC or Terminal and access their email through their "Citrix Desktop".

I am now slightly confused on where or whether I should be carrying out the above tasks.

danich - I have checked all you said above and all looks fine!

jcfrietman & guldbamse - The user I am creating this account for has worked at the company for a number of years but has never needed access to email, I am now trying to create a mailbox for him. He works from a winterm terminal with very high restrictions against his account therefore he does not have the ability to alter any system configurations on the terminal.

Sorry for any confusion....
Just to make sure:
The mailbox you created must be mapped to the users NT-account! I guess it goes without saying, just checking!!

Is it MetaFrame XP? Windows NT , 2000 or 2003?

How is the Outlook profile created?

/Br Guldbamse


We are running Windows Server 2000 with Windows 2000 workstations

Citrix Program Neighbourhood version 6.2

We use a batch file which creates a new user on the NT Server which then creates RProfiles and is replicated accordingly. Not all users need mailboxes so we did not write the maiilbox setup into the batch file so this has to be done manually.

On Exchange we create a new mailbox, map it to the users 'Primary NT Account' and then set up DL, Permissions, AV etc depending on the users needs. The user I am trying to create the mailbox for needs matching permissions to a current employee so I have created the new mailbox and copied the permission, DL etc exactly, the only thing which is different is the 'Primary NT Account'.


You really need to go back to basics.  Make sure he can log onto Outlook, not using a Citrix connection, but a standard connection (Control Panel > Outlook.)

Once you have established that you can access his mail (not via Citrix) then try and trouble shoot the Citrix one.

Try my suggestion above and make you can view mail.  You will then be able to have a look at Citrix.

You explanation regarding setting up the account is fine and it should work.



I have tried to access Outlook locally by;

Control Panel --> Mail --> Show Profiles --> Add --> added the user using the 'wizard'

I then made sure that 'When starting Microsoft Outlook, use this profile' was set to the users mailbox.

Still no good, I get the same error message as stated above.

Im increasing the points on this I think.
sorry to insist on this one, but when you click on Check Name, can you use your login details (not the users).
If the name underlines, then it is a problem with the log on.  If it does not then its a problem with the account.

Change the Logon Network Security to NONE.  
We need to establish where the problem lies




I have sorted it guys, It wasn't an Exchange problem after all.

The permission on his roaming profile must have been changed by someone?? They basically did not allow him access to the folders in his roaming profile which contain all the config for his Outlook account. Should have been the first thing I checked really, at least I will know for the future.

I think it is fair to share the points.

Thanks for your time!

Just as a note, I was getting this message for awhile, and it was not fixed using the solution above. However, I did come up with a solution. You right-click the Outlook icon (on your desktop or wherever), go to Properties, click "Microsoft Exchange Server" and change the mailbox name to the new user's mailbox. Then click the Delivery tab and where it says "Deliver New Mail to the Following Location" change it to the new user's inbox name.

Another thing you may encounter (as I did), that didn't work right away (as it has worked fine on another user's computer with the same situation) on one user's computer but other signs pointed to a communication/connection problem between the server and that computer. I finally stumbled upon something that suggested uninstalling and reinstalling TCP/IP - which worked! =)
can u tell me the path of "the Advance tab and change the Logon Network Security to NONE. "

Opening a four-year-old thread to ask a somewhat-related question in order to avoid spending points to ask your own question? Cheap.

The location you seek is obvious; just root around in the client a bit.

I was unable to get it to work by creating a new profile. However, after deleteing the Profile and Registry Keys (Local Profiles) I was able to add a new profile and get it to work. Just an FYI.
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.