Solved

Need to track down Outlook 2003 Delegate and remove

Posted on 2007-11-28
12
1,143 Views
Last Modified: 2012-05-05
Hello,

We had a user who left the company. She made herself a mailbox delegate in Outlook 2003 for several managers. When people were receiving NDR's with this person's name, we were able to connect her mailbox back to her account and remove her as a delegate from these managers. This happened several months ago and we considered the matter closed.

Today we just received word that someone sent out a meeting notice and got an NDR for this person again. The mailbox was deleted a while ago. I have three questions:

How do I track down where she may be listed as a delegate?
How do I get rid of her as a delegate if her mailbox is gone?
Finally, is there anyway to prevent something like this from happening in the future?

All clients are Outlook 2003, backend is Exchange 2003 SP2. Thanks!
0
Comment
Question by:lucado01
  • 5
  • 3
  • 2
  • +2
12 Comments
 
LVL 9

Expert Comment

by:crawfordits
ID: 20371018
Sounds like they may have this person in a local contact group therefore attempting to send to the non-existent mailbox and receiving NDR
0
 
LVL 11

Expert Comment

by:bsharath
ID: 20371078
1.      Download the MFCMAPI tool to managers’s computer. (We can also do this in your if you can configure a profile for manager’s mailbox in your client)
     http://www.microsoft.com/downloads/details.aspx?FamilyID=55fdffd7-1878-4637-9808-1e21abb3ae37&DisplayLang=en
2.      Extract it then start MFCMAPI by double clicking it.
3.      Click OK on the about screen & get to the main UI window.
4.      From the main UI window, go to the "Session" menu option and select "Logon and Display Store Table". Select the Manager’s profile then click OK.
5.      In the Mailbox window you'll see the Mailbox & Public Folders instances. Double click the Mailbox. This will open  the mailbox in a seperate window.
6.      Click the "+" next to the Root-Mailbox object. Here you will see the various objects within the Mailbox (like the  IPM_SUBTREE, CommonViews, Shortcuts, etc.
7.      Click the "+" next to "IPM_SUBTREE". You will now see the folders that are a part of the mailbox (like the Inbox,  Outbox, Sent Items, etc).
8.      Highlight the Inbox folder, right click and choose "Display Rules Table". This will open a new windows and will display the rules configured on this mailbox. The rules will be listed in the top half of this window.
9.      In the top window of the Rules table, scroll all the way to the right till you see a column titled “PR_RULE_PROVIDER::0X6681001E:PT_STRING8". This column lists the TYPE of rule configured. The name of the rule should be “Schedule+EMS Interface”.
click the Delegate Rule mentioned above ("Schedule+EMS Interface") and then chose Delete. This will delete the rule from the mailbox.
10. After that, for all the delegates of the Manager, we need to remove them then add them back again.

For all the above you need domain Admin priveledges.

0
 
LVL 13

Expert Comment

by:rhinoceros
ID: 20372185
>>Today we just received word that someone sent out a meeting notice and got an NDR for this person again...

What is the user roles now ? Have you REMOVED from Exchange "Member of" tab ?
0
 
LVL 6

Accepted Solution

by:
Neiphin earned 500 total points
ID: 20372736
Find out who sent the meeting request and to whom. If it was one person then ok, if to several people you have some work to do. Start by sending a test meeting to each person individually. One of them will send back an NDR. Once you know which mail account sends the NDR you can look at the permissions of the calendar in that mail account. You may see a rogue permission set, if so remove it. Test again with a meeting.
If NDR is received,
Open ADSIEDIT.MSC and locate the mail box that sent the NDR. Check its properties and look at pubdeletages and modify of you are able. If you find the zombied entry make a note of it. Now for the fun part. You can run csvde script which will dump out any attribute from adsiedit that you wish. A good one would be pubdelegate and currentmailaccount to dump out to a text file. Search the text file for the zombied mail account. Reference it against currentmailaccount and your clean up is completed.

Regards
0
 

Author Comment

by:lucado01
ID: 20377999
crawfordits- I checked the Message Tracking Center on Exchange and saw the list of recipients the message went to. The user was not on the list. I saw the NDR follow right after. Instead of having an email address it had the LDAP information of the user.

bsharath- I'd need to test the utility you're talking about since I've never used it. If it can be successfully run from another computer so long as we set up the managers mailbox, that would be great. This person is VIP and just getting access to the machine is difficult.

rhinoceros- The user is no longer with the company. The mailbox object has been removed but the account remains disabled. If we delete the account, will that take care of the problem? I wouldn't think so but then again I may have just asked the dumbest question ever posted on EE.

Neiphin- I agree with your logic in the first paragraph, however this individual has been gone for months and no one has claimed getting NDR's with her name on them until now. In the Message Tracking Center on Exchange all of the users that received the message are high profile and I'm positive someone would have reported this sooner. I've personally e-mailed most of the people who were on the list and haven't gotten an NDR. As for your second paragraph I'm afraid I'm unclear as to the last sentence.

Thanks to all for the information. I have to fix this ASAP so I appreciate all input.
0
 
LVL 11

Expert Comment

by:bsharath
ID: 20379507
Hi,

If you have Administrator access and the proper permissions from the management then you can do this from your machine itself...
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 6

Expert Comment

by:Neiphin
ID: 20396094
The second paragraph leads after the first in fault diagnostics.
In ADSIEDIT you will see all of the active current users in your org. If your tests revealed that Joe Smith sends the NDRs to the meeting (will not happen with normal email) lookup Joe Smith and view properties. Look in pubdeletages and see who has access. I usually find the rogue entry there.
The very last part mentions using a utility called "csvde" which will interrogate adsiedit for all rouge entries.
These two methods have always work for me. If one doesn't then the second will.
Let me know how you get on.

REGARDS
0
 

Author Comment

by:lucado01
ID: 20408646
Neiphin,

We found the rouge entry using ASDIEDIT. If we delete the entry from pubdelegates, will we be able to remove the user from the Outlook delegate tab?

I've never used this utility before, any potential problems we could run into?

Also, why aren't the NDR's generated by normal emails?

Thanks!

0
 
LVL 6

Expert Comment

by:Neiphin
ID: 20411799
Yes, go ahead and remove it from pubdelegates. That is what i do. It will have no negative issues.

The reason you will not receive an NDR from an email is because the rouge entry is only permissioned against the calendar not the inbox. Hence it will only show up when a meeting invite is sent.

regards
0
 

Author Comment

by:lucado01
ID: 20428429
Neiphin,

We removed the entry through ADSIEDIT a couple of days ago and things seem to be OK. This is not an easy thing for us to test so I wanted to give it a couple of more days before I closed this out. However, it appears this was the fix. THANKS! I'll give the points early next week.
0
 
LVL 6

Expert Comment

by:Neiphin
ID: 20429278
That is good news.

Send a meeting request from your account and see if you get an NDR. If you don't get an NDR then it is fixed. It either works or it dosen't, simple as that.

regards
0
 
LVL 6

Expert Comment

by:Neiphin
ID: 20458128
Hi lucado01

Did any of the above answer with your question.

Please close or ask for further clafification if required. Please do not leave questions unresolved.

Regards
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now