EvilPeppard
asked on
Grant a single account access to all mailboxes in Exchange 2003
I have followed several different articles on this, but still cannot seem to figure out how to open another user's mailbox, like i used to be able to do in Exchange 5.5.
From Microsoft. http://support.microsoft.com/default.aspx?scid=kb;en-us;821897
I have followed the instrucitons, but not sure what I need to do next. At the top level of the Site Properties, I edited the security settings (after making the registry change to allow viewing of the Security Tab) and removed the Deny Receive As and Send As for the Enterprise Admins Group. My user account is part of the Enterprise Admins Group. \
I then drilled down to the mailbox stores and see my changes did propagate down, but I still cannot open other user's email boxes. I have gone into my Outlook (Outlook 2003) and done File\Open\Other User's Folder and I get "Unable to display the folder. The folder could not be found".
I have tried creating a new profile, while logged in as both myslef and another Exchange Administrator account and all that happens is, I keep getting propted for a username and password while trying to connect to the Exchange server (like I would if I wasn't logged into the domain). I supply the correct credentials, even making sure I preceed the username with the domain, i.e. domain\username and the correct password, and it just keeps popping back up like it is still waiting for me to enter the password.
Any suggestions would be greatly appreciated. We have some issues at work where the CEO is suspicious of another worker breaking confidentiality rules and wants their email checked (which is allowed via the email policy they signed).
Thanks in advance.
From Microsoft. http://support.microsoft.com/default.aspx?scid=kb;en-us;821897
I have followed the instrucitons, but not sure what I need to do next. At the top level of the Site Properties, I edited the security settings (after making the registry change to allow viewing of the Security Tab) and removed the Deny Receive As and Send As for the Enterprise Admins Group. My user account is part of the Enterprise Admins Group. \
I then drilled down to the mailbox stores and see my changes did propagate down, but I still cannot open other user's email boxes. I have gone into my Outlook (Outlook 2003) and done File\Open\Other User's Folder and I get "Unable to display the folder. The folder could not be found".
I have tried creating a new profile, while logged in as both myslef and another Exchange Administrator account and all that happens is, I keep getting propted for a username and password while trying to connect to the Exchange server (like I would if I wasn't logged into the domain). I supply the correct credentials, even making sure I preceed the username with the domain, i.e. domain\username and the correct password, and it just keeps popping back up like it is still waiting for me to enter the password.
Any suggestions would be greatly appreciated. We have some issues at work where the CEO is suspicious of another worker breaking confidentiality rules and wants their email checked (which is allowed via the email policy they signed).
Thanks in advance.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Well, I am running Exchange 2003 with SP1 installed and I don't feel comfortable getting a hotfix just to try and correct this problem.
I really don't understand what the issue is. As I stated earlier:
I have tried creating a new profile, while logged in as both myslef and another Exchange Administrator account and all that happens is, I keep getting propted for a username and password while trying to connect to the Exchange server (like I would if I wasn't logged into the domain). I supply the correct credentials, even making sure I preceed the username with the domain, i.e. domain\username and the correct password, and it just keeps popping back up like it is still waiting for me to enter the password.
Frustrating...any other ideas? What should be happening? Should I be able to create a brand new profile for the user and open it? Should I be able to be logged into my email and choose open another user's folder and it work? Thanks for any more feedback.
I really don't understand what the issue is. As I stated earlier:
I have tried creating a new profile, while logged in as both myslef and another Exchange Administrator account and all that happens is, I keep getting propted for a username and password while trying to connect to the Exchange server (like I would if I wasn't logged into the domain). I supply the correct credentials, even making sure I preceed the username with the domain, i.e. domain\username and the correct password, and it just keeps popping back up like it is still waiting for me to enter the password.
Frustrating...any other ideas? What should be happening? Should I be able to create a brand new profile for the user and open it? Should I be able to be logged into my email and choose open another user's folder and it work? Thanks for any more feedback.
The hotfix addresses the issue you have raised at the top. If you have granted that user the relevant permissions at the mailbox store level and are still experiencing problems, you could try granting that user specific rights to the mailbox he intends to monitor via AD users and computers.
If neither of these fix it, then the hotfix is most likely you rnext step.
If neither of these fix it, then the hotfix is most likely you rnext step.
ASKER
I have added my username at the store level. I am also part of the Domain Admins group and the Enterprise Admins group. I thought I read something about, even if I add my account, and I am part of the Enterprise Admins group (which denies receive as and send as by default), those settings will override my individual user rights I just added.
Do you think that is still the case, even if I remove the "deny" receive as and send as for the Enterprise Admins? Also, after I make a change, do I have to restart teh Exchange Services or reboot the server, or do I just need to wait for the "normal" Active Directory replication time?
Once I want to try it, what do I do? Do I log into a computer as myself, create a new profile with the user I want to attach to, then open Outlook using the profile I just created for that user?
Thanks again for all the feedback.
Do you think that is still the case, even if I remove the "deny" receive as and send as for the Enterprise Admins? Also, after I make a change, do I have to restart teh Exchange Services or reboot the server, or do I just need to wait for the "normal" Active Directory replication time?
Once I want to try it, what do I do? Do I log into a computer as myself, create a new profile with the user I want to attach to, then open Outlook using the profile I just created for that user?
Thanks again for all the feedback.
Trust me, if adding your account at the mailbox store level hasn't granted you access to other mailboxes contained in that mailbox store, you have a problem.
You should not need to reboot your Exchange server - in my case the permissions to effect immediately.
You should not need to reboot your Exchange server - in my case the permissions to effect immediately.
ASKER
Ok, thanks...do I do the following?:
Once I want to try it, what do I do? Do I log into a computer as myself, create a new profile with the user I want to attach to, then open Outlook using the profile I just created for that user?
Once I want to try it, what do I do? Do I log into a computer as myself, create a new profile with the user I want to attach to, then open Outlook using the profile I just created for that user?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Just tried it and I'm still getting the damn error:
"Unable to display the folder. The Inbox folder could not be found".
I'm not in a huge hurry to call Microsoft, so I guess I'll wait for a while. Maybe this will be resolved in Exchange SP2.
"Unable to display the folder. The Inbox folder could not be found".
I'm not in a huge hurry to call Microsoft, so I guess I'll wait for a while. Maybe this will be resolved in Exchange SP2.
what version of outlook are you using and how long ago did you create the new mailbox?
ASKER
I am currently running Outlook 2003 from Office 2003 Pro.
I have tried it in both "cached" and on a different laptop in "non-cached" mode. I cannot open another user's mailbox, nor create a profile using their information and open the profile directly. When I try opening the profile directly, while Outlook is trying to open it, I start getting a Windows login prompt box. I put every variable of credentials in that box, but it just keeps popping backup with the password field blank.
I have tried it in both "cached" and on a different laptop in "non-cached" mode. I cannot open another user's mailbox, nor create a profile using their information and open the profile directly. When I try opening the profile directly, while Outlook is trying to open it, I start getting a Windows login prompt box. I put every variable of credentials in that box, but it just keeps popping backup with the password field blank.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Well, I got this to finally work. It ends up, I was having problems with my domain controller. LDAP was not working properly. I added a new unit and demoted the problem one and now I can open other user's mailboxes just fine.....talk about an elusive problem! Took me 2 weeks to figure out and prove I had a problem controller.
Thanks for all the replies.
Thanks for all the replies.
http://support.microsoft.com/?id=885924