Solved

Using ADModify to change delivery restrictions in Microsoft Exchange

Posted on 2008-10-28
4
1,396 Views
Last Modified: 2013-12-24
I am using ADModify to bulk change mailbox delivery restrictions across one of the information stores.  I have created a security group containing the members of the individuals allowed to send to these mailboxes.

On a test account, the security group was applied using the GUI and tested successfully

Now to bulk modify
In ADModify, I have applied the LDAP fillter associated with the specific information store and selected all (240 accounts). Custom tab - authOrig and applied the distinguished name of the secutiy group.

The problem is that although the changes are  100% successful, no one can send mail to these accounts. Not even members of the applied security group. The group was removed using the null value and everything is back to the default value and working properly. I have also attempted to do this on a reduced number of accounts (20) and had the same results

0
Comment
Question by:jb747
  • 2
  • 2
4 Comments
 
LVL 71

Expert Comment

by:Chris Dent
ID: 22841863

Hey,

authOrig can only contain Users (or really mailboxes). If you're adding a group you must add it to dLSubmitPerms.

It makes for a very odd split.

Chris
0
 

Author Comment

by:jb747
ID: 22843838
I've included snapshots of the results. Using dLSubmitPerms returns 0% success. In review of the variable, I don't see it when I look in Adsiedit.msc. Am I doing something wrong ? Still need to use the custom field correct ?
dlsp.jpg
dlspresults.jpg
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 22843879

Sorry, my fault. Try dLMemSubmitPerms.

Chris
0
 

Author Closing Comment

by:jb747
ID: 31510736
That's it...everything worked as expected. Thank you.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question