Exchange Server User Permissions in Active Directory Object

We have exchange 5.5/ Winnt  running in co-existence with exchange 2003/ Windows 2000.

In active directory users and computers, user properties / Exchange Advance Tab shows a button called mailbox rights. If you click on this, the following is showing up as the default

Anonymous Login  - Read Permissions
mailbox user - Full permissions
Everyone - Read permissions

other than that, there is Domain Admins, Enterprise Admins, Exchange Domain Server, Exchange Administrator. Since these are all set as default. Do I need to deny permissions to

Anonymous, and everyone.

Currently when using Outlook express, emails intended for userA is going to the maibox of userB. But this only happens when Outlook Express is used as the mail client.

Any ideas, or can you direct me to a location where additional information on this might be available.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

If you deny permissions to Anonymous and Everyone then no one will be able to get their mail.  A deny is explicit.

As for Outlook Express, it can have separate accounts to pull information from, but it will deliver these messages to teh same .pst file.  If you own Exchange then you should have a license to utilize Outlook.  I would consider moving from Outlook Express to Outlook.  Outlook handles corporate mail scenarios much better than Outlook Express and allows you to easily configure separate profiles.

Christian_AgardAuthor Commented:
Unfortunately we have some users that need to use outlook express. Is there any other work around?
From within Outlook Express....
    Remove UserB's account from User A's Outlook Express (default on opening).

From within Outlook Express
Manage Identities.

From here you can create a new identity for UserB.  You can then assign UserB's accounts to that identity.

Let me know if that works for you or does not work for you.
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Christian_AgardAuthor Commented:
Thanks. This is where I problem is happening.

I am logged on to the computer as USERA.

I have no accounts or profiles in outlook express.
I create a new account,  I enter the username for USERB and the PASSWORD for USERB.

There are no other profiles other than the one or USERB

I do a send and receive and I get emails being downloaded for userA.
It should have checked for emails for USERB only, not USERA.

Any ideas on this?
Don't create a new account...this is why you are getting the messages delivered to the wrong location.  If you have the Main Identity configured for UserA and UserB then you will get both their e-mail in the Inbox.  Reconfigure the Tools...Accounts for UserA in the Main Identity...or create a new identity for User A.
Remove UserB's information in the Main Identity.

In Outlook Express.  (trust me when I say that Outlook is much cleaner in handling this)
Go into File...Identities and create the new identity for User B
Switch to that Identity (File...Switch...) for UserB
From that identity you will want to configure the information for User B.  Do not configure UserA's information here.

Now, you will have a problem in so far as User B's e-mail will still be in user A's account.  It is not easy to export the e-mail without Outlook, so you will probably have to re-forward the messages.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Christian_AgardAuthor Commented:
ok I just took another computer... me on this....Brand new computer.
Logged on as SAM
Create outlook express profile for SAM
Checked Email, and I received email for MARIA.

I am wondering is there is some type of permissions issue when Outlook Express is used. Everything works fine in Outlook, but these two users need to use Outlook Express.

My domain is running exchange 5.5 and exchange2003 in co-existence. Things worked fine, until I moved them to the exchange 2003 mail server.

If I go to Exchange 5.5 / Servers / and select the Exchange 2003 server, I see that SAM has under the windows NT account the following NT ATHORITY\SYSTEM.

However if I double click on SAM, I would see the Primary Windows NT account as DOMAINNAME/sam.

My problem is when using OUTLOOK EXPRESS (pop) the emails for MARIA etc is ending up in SAM's mailbox.

Could the NT ATHORITY\SYSTEM stuff somehow setup this mailbox as a collection box or something of that nature. Is there a way to fix this?

I know I can remove the user, but I wont know if this is happening to other mailboxes etc. Any ideas.
Christian_AgardAuthor Commented:
OK it turns out that I only get this problem if Secure Password Authentication is selected. So I'll just un-check that.

I was on the road and just checked on this question.  SPA was part of the answer?  Interesting, to say the least.  Is it all working now?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.