Solved

Need to track down Outlook 2003 Delegate and remove

Posted on 2007-11-28
12
1,152 Views
Last Modified: 2012-05-05
Hello,

We had a user who left the company. She made herself a mailbox delegate in Outlook 2003 for several managers. When people were receiving NDR's with this person's name, we were able to connect her mailbox back to her account and remove her as a delegate from these managers. This happened several months ago and we considered the matter closed.

Today we just received word that someone sent out a meeting notice and got an NDR for this person again. The mailbox was deleted a while ago. I have three questions:

How do I track down where she may be listed as a delegate?
How do I get rid of her as a delegate if her mailbox is gone?
Finally, is there anyway to prevent something like this from happening in the future?

All clients are Outlook 2003, backend is Exchange 2003 SP2. Thanks!
0
Comment
Question by:lucado01
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
  • +2
12 Comments
 
LVL 9

Expert Comment

by:crawfordits
ID: 20371018
Sounds like they may have this person in a local contact group therefore attempting to send to the non-existent mailbox and receiving NDR
0
 
LVL 11

Expert Comment

by:bsharath
ID: 20371078
1.      Download the MFCMAPI tool to managers’s computer. (We can also do this in your if you can configure a profile for manager’s mailbox in your client)
     http://www.microsoft.com/downloads/details.aspx?FamilyID=55fdffd7-1878-4637-9808-1e21abb3ae37&DisplayLang=en
2.      Extract it then start MFCMAPI by double clicking it.
3.      Click OK on the about screen & get to the main UI window.
4.      From the main UI window, go to the "Session" menu option and select "Logon and Display Store Table". Select the Manager’s profile then click OK.
5.      In the Mailbox window you'll see the Mailbox & Public Folders instances. Double click the Mailbox. This will open  the mailbox in a seperate window.
6.      Click the "+" next to the Root-Mailbox object. Here you will see the various objects within the Mailbox (like the  IPM_SUBTREE, CommonViews, Shortcuts, etc.
7.      Click the "+" next to "IPM_SUBTREE". You will now see the folders that are a part of the mailbox (like the Inbox,  Outbox, Sent Items, etc).
8.      Highlight the Inbox folder, right click and choose "Display Rules Table". This will open a new windows and will display the rules configured on this mailbox. The rules will be listed in the top half of this window.
9.      In the top window of the Rules table, scroll all the way to the right till you see a column titled “PR_RULE_PROVIDER::0X6681001E:PT_STRING8". This column lists the TYPE of rule configured. The name of the rule should be “Schedule+EMS Interface”.
click the Delegate Rule mentioned above ("Schedule+EMS Interface") and then chose Delete. This will delete the rule from the mailbox.
10. After that, for all the delegates of the Manager, we need to remove them then add them back again.

For all the above you need domain Admin priveledges.

0
 
LVL 13

Expert Comment

by:rhinoceros
ID: 20372185
>>Today we just received word that someone sent out a meeting notice and got an NDR for this person again...

What is the user roles now ? Have you REMOVED from Exchange "Member of" tab ?
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 6

Accepted Solution

by:
Neiphin earned 500 total points
ID: 20372736
Find out who sent the meeting request and to whom. If it was one person then ok, if to several people you have some work to do. Start by sending a test meeting to each person individually. One of them will send back an NDR. Once you know which mail account sends the NDR you can look at the permissions of the calendar in that mail account. You may see a rogue permission set, if so remove it. Test again with a meeting.
If NDR is received,
Open ADSIEDIT.MSC and locate the mail box that sent the NDR. Check its properties and look at pubdeletages and modify of you are able. If you find the zombied entry make a note of it. Now for the fun part. You can run csvde script which will dump out any attribute from adsiedit that you wish. A good one would be pubdelegate and currentmailaccount to dump out to a text file. Search the text file for the zombied mail account. Reference it against currentmailaccount and your clean up is completed.

Regards
0
 

Author Comment

by:lucado01
ID: 20377999
crawfordits- I checked the Message Tracking Center on Exchange and saw the list of recipients the message went to. The user was not on the list. I saw the NDR follow right after. Instead of having an email address it had the LDAP information of the user.

bsharath- I'd need to test the utility you're talking about since I've never used it. If it can be successfully run from another computer so long as we set up the managers mailbox, that would be great. This person is VIP and just getting access to the machine is difficult.

rhinoceros- The user is no longer with the company. The mailbox object has been removed but the account remains disabled. If we delete the account, will that take care of the problem? I wouldn't think so but then again I may have just asked the dumbest question ever posted on EE.

Neiphin- I agree with your logic in the first paragraph, however this individual has been gone for months and no one has claimed getting NDR's with her name on them until now. In the Message Tracking Center on Exchange all of the users that received the message are high profile and I'm positive someone would have reported this sooner. I've personally e-mailed most of the people who were on the list and haven't gotten an NDR. As for your second paragraph I'm afraid I'm unclear as to the last sentence.

Thanks to all for the information. I have to fix this ASAP so I appreciate all input.
0
 
LVL 11

Expert Comment

by:bsharath
ID: 20379507
Hi,

If you have Administrator access and the proper permissions from the management then you can do this from your machine itself...
0
 
LVL 6

Expert Comment

by:Neiphin
ID: 20396094
The second paragraph leads after the first in fault diagnostics.
In ADSIEDIT you will see all of the active current users in your org. If your tests revealed that Joe Smith sends the NDRs to the meeting (will not happen with normal email) lookup Joe Smith and view properties. Look in pubdeletages and see who has access. I usually find the rogue entry there.
The very last part mentions using a utility called "csvde" which will interrogate adsiedit for all rouge entries.
These two methods have always work for me. If one doesn't then the second will.
Let me know how you get on.

REGARDS
0
 

Author Comment

by:lucado01
ID: 20408646
Neiphin,

We found the rouge entry using ASDIEDIT. If we delete the entry from pubdelegates, will we be able to remove the user from the Outlook delegate tab?

I've never used this utility before, any potential problems we could run into?

Also, why aren't the NDR's generated by normal emails?

Thanks!

0
 
LVL 6

Expert Comment

by:Neiphin
ID: 20411799
Yes, go ahead and remove it from pubdelegates. That is what i do. It will have no negative issues.

The reason you will not receive an NDR from an email is because the rouge entry is only permissioned against the calendar not the inbox. Hence it will only show up when a meeting invite is sent.

regards
0
 

Author Comment

by:lucado01
ID: 20428429
Neiphin,

We removed the entry through ADSIEDIT a couple of days ago and things seem to be OK. This is not an easy thing for us to test so I wanted to give it a couple of more days before I closed this out. However, it appears this was the fix. THANKS! I'll give the points early next week.
0
 
LVL 6

Expert Comment

by:Neiphin
ID: 20429278
That is good news.

Send a meeting request from your account and see if you get an NDR. If you don't get an NDR then it is fixed. It either works or it dosen't, simple as that.

regards
0
 
LVL 6

Expert Comment

by:Neiphin
ID: 20458128
Hi lucado01

Did any of the above answer with your question.

Please close or ask for further clafification if required. Please do not leave questions unresolved.

Regards
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this step by step procedure, you will come to know the details of creating an Outlook meeting in 2007, 2010, 2013 & 2016.
This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question