Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Public folder contacts can not be resolved in Exchange Server 2000

Posted on 2004-09-14
Medium Priority
Last Modified: 2008-02-01
We use distribution lists located in the public folders of Exchange 2000.  Sometime over the last two weeks, most of the names in these distribution lists can't be used any more.  In Outlook, when you click on a name in a distro list, you get an error that the contact may have moved or been deleted.  You can see all the names and their email addresses in the list, but you can't send email to them.  In IIS, when you try to browse the contact list through OWA, you get an error message that says "names in the list cannot be resolved, and you must delete the unresolved names to send mail to this distro list."  

I don't want to have to print up and recreate these lists manually, as there are a couple thousand names in 50 or so lists.

Any ideas?
Question by:jerminate
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 12

Accepted Solution

BNettles73 earned 1000 total points
ID: 12058270

Check out this article ... (KB 297801)

Troubleshooting Check Name Errors

To troubleshoot this issue, follow these steps.

Note In this procedure, the "user account" is the Active Directory user account whose name cannot be resolved, the "administrator account" is any account in the Domain admins group, and "user" refers to the user whose account you are logged on as.

Verify that the Active Directory account that you use either to create the client profile or to log on to the mailbox has been mailbox-enabled.

Verify that the account that you use to log on to the workstation or the account for which you enter credentials in the Outlook Enter password dialog box is mailbox-enabled. If this account is not mailbox-enabled, the account cannot check names.

To make this account mailbox-enabled, start the Active Directory Users and Computers snap-in, right-click the user account, click Exchange Tasks, and then click Create mailbox.
Verify that the user can use the Active Directory account to view sibling objects in the Users container (or in the Active Directory organizational unit that contains the user account). To do so:

Start Ldp.exe, and then type the user credentials of the account that is not resolving to bind to port 389 of a domain controller (type the user credentials in the following format: domain/user/password).
Find the user in the User container or its parent organizational unit.
The user must be able to find themselves in their organizational unit while they are bound to the domain controller with their credentials. If Ldp.exe reports that there are "no children" in the organizational unit, the computer may not have the appropriate permissions.

To resolve this issue:
Start the Active Directory Users and Computers snap-in, click View, and then make sure that Advanced Features is checked.
Right-click Users, click the Security tab, and then click the Authenticated Users group.
Verify that Read permissions are assigned to either the Users container or to the organizational unit where the accounts are located.
Verify that the user account has been stamped by the Recipient Update Service after you mailbox-enable the user account. To do so, start Ldp.exe, use the user credentials to bind, and then verify that the following attributes have been populated to the account:
showInAddressBook ()
If these attributes are populated, the Recipient Update Service has stamped this user account. If these attributes have not been populated, troubleshoot the Recipient Update Service and the recipient policies to determine why the attributes have not been stamped.
Verify that the user can see both the Global Address List objects that are listed in the showInAddressBook attribute and the members of the Global Address List using Ldp.exe. To do so:

Open the showInAddressBook attribute for the user (see step 3), copy the distinguished name values for the Global Address List objects, and then paste these values to a Microsoft Notepad file.
Start Ldp.exe, and then use the user credentials of the account that is not resolving to bind to port 389 of a domain controller
On the View menu, click Tree.
Paste the distinguished name of one of the Global Address List objects in the Base Dn box.
Double-click the Global Address List object that is displayed.

The user should be able to see themselves as child objects.
If Ldp.exe reports that there are "no children," the Global Address List object may not have the appropriate permissions. A user must be able to see at least one Global Address List object and its members. To resolve this issue, start Exchange System Manager, and then make sure that the user has permissions to view the Global Address List object's members. Make sure that the Authenticated Users group has List Content permissions.

Note If you enter an incorrect distinguished name, Ldp.exe reports that there are "no children." Make sure that you enter the correct distinguished name.
Verify that the user can see themselves and their attributes in the global catalog. To do so, start Ldp.exe, and then use the user's credentials to bind to the global catalog on port 3268. If the user or the following attributes are not visible, you may be experiencing a replication latency or a property promotion problem.

For additional information about replication latency or a property promotion problems, click the article number below to view the article in the Microsoft Knowledge Base:
248717 How to Modify Attributes That Replicate to the Global Catalog

Log on as an administrator, and then verify that there are no duplicates in the addressBookRoots attribute of the Microsoft Exchange object under Domain,cn=Configuration,cn=Services.

You cannot specify both a parent container and a child of that parent as an address book root. For example, if you enter All Address Lists as an address book root, it has to be the only address book root. all your other address lists are listed under All Address Lists; if you enter both the parent object and child objects that exist under this parent object, you enter the child objects more than once. When you do so, Check Names and all other Global Address List and NSPI operations do not succeed.
Verify that Microsoft Exchange Server 5.5 is not installed on the global catalog server.
If the user who is checking names is an administrator who is checking names for another user, confirm that the administrator account that is being used is mailbox-enabled.

The administrator account and the user that is being checked must be members of a common Global Address List. (The showInAddressBook attribute for both users must contain one common Global Address List object.) In addition, the common Global Address List object must be the administrator's Global Address List.

Other articles -
Clients Cannot Browse the Global Address List After You Apply the Q299687 Windows 2000 Security Hotfix
LVL 12

Expert Comment

ID: 12058324

Also, make sure the RUS is running and configured properly -

If you create a new distribution list does it work?
Is email flowing in your Org as it should be?
Are there any events in the application logs?

Are your distribution lists expanding on any server in the Org, or do you use an expansion server?
    Have you tried specifying either and testing?

Author Comment

ID: 12064073
Thank you for all of your input - in reality the solution was much easier than I had thought.  I just opened each distribution list and clicked on the "Update List" button, which resolved all the contacts.

I'm still not sure what caused the problem, but I think it may have had something to do with upgrading our main mailing list user to Outlook 2003, then back to Outlook XP.

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you an Exchange administrator employed with an organization? And, have you encountered a corrupt Exchange database due to which you are not able to open its EDB file. This article will explain all the steps to repair corrupt Exchange database.
The core idea of this article is to make you acquainted with the best way in which you can export Exchange mailbox to PST format.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question