Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Error 550.5.7.1 Client does not have permissions to send as this sender

Posted on 2007-12-06
6
Medium Priority
?
24,888 Views
Last Modified: 2012-05-05
Hi Guys and Girls,

I have 250 users all on my exchange 2007 box. All users can send via OWA with no problem what-so-ever. I have one user that needs to use POP or iMAP (in OE) and recieves the following error message when sending (recieveing is fine): Error 550.5.7.1 Client does not have permissions to send as this sender. I assumed it was just a POP/iMAP issue but it turns out she cannot send via OWA either (clicking new/reply/forward produces nothing - not even an error).

I have tried around 10 other users from the same and/or differnet AD OU's and OWA/POP/iMAP all worl hunky dorey - it is purely this one user! I am not yet terribly up to speed on the new 'console for everything' approach so don't even know where to start, all obvious GUI configurations for that mailbox seem fine.

Any help urgently and greatfully recieved!

Ben
0
Comment
Question by:ben_stanton
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 9

Expert Comment

by:Veerappan Sundaram
ID: 20419811
Did you compare the Default SMTP address of any working user ID with this user ID?

>>>> Veera.
0
 
LVL 6

Author Comment

by:ben_stanton
ID: 20420072

Not sure what you mean there. But there has been no different configuration made to that one mailbox. It was created just like all the others
0
 
LVL 9

Expert Comment

by:Veerappan Sundaram
ID: 20420244
Each and every user has SMTP addressed stamped by Exchange.
There will be a Default SMTP address for all the users. If this user has more than one SMTP address, then check for the default SMTP address.

>>>> veera.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 6

Accepted Solution

by:
ben_stanton earned 0 total points
ID: 20956513
Hi guys,

I had to issue the following command in EMC. I found the answer here; http://forums.msexchange.org/m_1800412481/printable.htm

get-receiveconnector Client <servername> | add-adpermission -user AU -extendedrights ms-Exch-SMTP-Accept-Authoritative-Domain-Sender

I cannot explain why it was just a single client that could not send. There seems to be no user specific code inte above. Very strange.

Thank you for your thoughts anyway.

Ben
0
 
LVL 2

Expert Comment

by:intelliwyse
ID: 30043566
I had this problem too. I added my own SMTP Send Connector to the Hub Transport but there was this single user who just couldn't relay mail. I copied the command suggested above and pasted into the CMDlet for Exchange 2007 and it worked instantly!

I had to alter the syntax to get it work. Used this syntax:
get-receiveconnector 'recieveconnectornamegoeshere' | add-adpermission -user AU -extendedrights ms-Exch-SMTP-Accept-Authoritative-Domain-Sender

where 'recieveconnectornamegoeshere' is the name of the recieve connector under Server Configuration/Hub Transport
0
 
LVL 1

Expert Comment

by:RLUNT
ID: 33247887
Well the discuss has been great, it is/was a combination of all the discussions that actually solves the problem for all, at least me.



1) the NT_Authority\self resolution has more details than presented. Charlie on another forum gave this clue:

go the the Exchange management console and select the user. Right Click, go to the send as permissions option.. check that User NT AUTHORITY\SELF is listed. If not add it.



2) Another user identifed the following power shell as necessary

[PS] C:\Windows\system32>add-adpermission "ConnectorName" -User "domain\user or group" -ExtendedRights ms-Exch-S
MTP-Accept-Authoritative-Domain-Sender


Note the double quotes when your connector has a space in it. aka "domain users"

You have to perform this on both your internal and external connector, then restart the transport and hub services. These steps were left off many forums.

Note the '-' in front of ExtendedRights. This was originally presented without this '-' and there is a command -AccessRights ExtendedRight which lead many to a goose chase.

3) Many discussions are about one user having sendas on another. The topic was about the actual User1 not being able to send as 'User1'. The above steps are for User1 not being able to send as User1.

4)Within Outlook, If you get an error, it is necesary to remove the account or repair it within Outlook, or else the error will 'stick' until you do. Again, another forum had this hidden gem.

5) The above line: get-receiveconnector Client <servername> | add-adpermission -user AU -extendedrights ms-Exch-SMTP-Accept-Authoritative-Domain-Sender

fails with Exchange 2007, the modified version is:
get-receiveconnector "ConnectorName" | add-adpermission -user AU -extendedrights ms-Exch-SMTP-Accept-Authoritative-Domain-Sender

I'm unclear as to the nuance of this vs the above add-adpermission comand, but it took both to make it work.
Note the quotes around "ConnectorName' are unnecessary unless you have a connector name with a space in it.



Thanks for everyones help, I hope the above steps saves the next soul some hours.

0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
Are you an Exchange administrator employed with an organization? And, have you encountered a corrupt Exchange database due to which you are not able to open its EDB file. This article will explain all the steps to repair corrupt Exchange database.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question