Exchange Server User Permissions in Active Directory Object

Posted on 2004-11-22
Last Modified: 2010-08-05
We have exchange 5.5/ Winnt  running in co-existence with exchange 2003/ Windows 2000.

In active directory users and computers, user properties / Exchange Advance Tab shows a button called mailbox rights. If you click on this, the following is showing up as the default

Anonymous Login  - Read Permissions
mailbox user - Full permissions
Everyone - Read permissions

other than that, there is Domain Admins, Enterprise Admins, Exchange Domain Server, Exchange Administrator. Since these are all set as default. Do I need to deny permissions to

Anonymous, and everyone.

Currently when using Outlook express, emails intended for userA is going to the maibox of userB. But this only happens when Outlook Express is used as the mail client.

Any ideas, or can you direct me to a location where additional information on this might be available.
Question by:Christian_Agard
    LVL 24

    Expert Comment

    If you deny permissions to Anonymous and Everyone then no one will be able to get their mail.  A deny is explicit.

    As for Outlook Express, it can have separate accounts to pull information from, but it will deliver these messages to teh same .pst file.  If you own Exchange then you should have a license to utilize Outlook.  I would consider moving from Outlook Express to Outlook.  Outlook handles corporate mail scenarios much better than Outlook Express and allows you to easily configure separate profiles.

    LVL 1

    Author Comment

    Unfortunately we have some users that need to use outlook express. Is there any other work around?
    LVL 24

    Expert Comment

    From within Outlook Express....
        Remove UserB's account from User A's Outlook Express (default on opening).

    From within Outlook Express
    Manage Identities.

    From here you can create a new identity for UserB.  You can then assign UserB's accounts to that identity.

    Let me know if that works for you or does not work for you.
    LVL 1

    Author Comment

    Thanks. This is where I problem is happening.

    I am logged on to the computer as USERA.

    I have no accounts or profiles in outlook express.
    I create a new account,  I enter the username for USERB and the PASSWORD for USERB.

    There are no other profiles other than the one or USERB

    I do a send and receive and I get emails being downloaded for userA.
    It should have checked for emails for USERB only, not USERA.

    Any ideas on this?
    LVL 24

    Accepted Solution

    Don't create a new account...this is why you are getting the messages delivered to the wrong location.  If you have the Main Identity configured for UserA and UserB then you will get both their e-mail in the Inbox.  Reconfigure the Tools...Accounts for UserA in the Main Identity...or create a new identity for User A.
    Remove UserB's information in the Main Identity.

    In Outlook Express.  (trust me when I say that Outlook is much cleaner in handling this)
    Go into File...Identities and create the new identity for User B
    Switch to that Identity (File...Switch...) for UserB
    From that identity you will want to configure the information for User B.  Do not configure UserA's information here.

    Now, you will have a problem in so far as User B's e-mail will still be in user A's account.  It is not easy to export the e-mail without Outlook, so you will probably have to re-forward the messages.

    LVL 1

    Author Comment

    ok I just took another computer... me on this....Brand new computer.
    Logged on as SAM
    Create outlook express profile for SAM
    Checked Email, and I received email for MARIA.

    I am wondering is there is some type of permissions issue when Outlook Express is used. Everything works fine in Outlook, but these two users need to use Outlook Express.

    My domain is running exchange 5.5 and exchange2003 in co-existence. Things worked fine, until I moved them to the exchange 2003 mail server.

    If I go to Exchange 5.5 / Servers / and select the Exchange 2003 server, I see that SAM has under the windows NT account the following NT ATHORITY\SYSTEM.

    However if I double click on SAM, I would see the Primary Windows NT account as DOMAINNAME/sam.

    My problem is when using OUTLOOK EXPRESS (pop) the emails for MARIA etc is ending up in SAM's mailbox.

    Could the NT ATHORITY\SYSTEM stuff somehow setup this mailbox as a collection box or something of that nature. Is there a way to fix this?

    I know I can remove the user, but I wont know if this is happening to other mailboxes etc. Any ideas.
    LVL 1

    Author Comment

    OK it turns out that I only get this problem if Secure Password Authentication is selected. So I'll just un-check that.

    LVL 24

    Expert Comment

    I was on the road and just checked on this question.  SPA was part of the answer?  Interesting, to say the least.  Is it all working now?

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Why spend so long doing email signature updates?

    Do you spend loads of your time carrying out email signature updates? Not very interesting are they? Don’t let signature updates get you down. Let Exclaimer Cloud - Signatures for Office 365 make managing email signatures a breeze.

    Set up iPhone and iPad email signatures to always send in high-quality HTML with this step-by step guide.
    Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
    The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
    This video discusses moving either the default database or any database to a new volume.

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now