I recently installed three Exchange 2007 servers in our EX03 org. After the install, all the users in one OU (who happen to also be still on EX03) can no longer resolve other users' names if I try to add another user's mailbox in Outlook. The error says "The name cannot be resolved. The action cannot be completed." Other mailboxes that had been added to Outlook prior to the upgrade no longer worked and gave errors relating to Outlook not being able to access the mailboxes (when accepting appointments) although regular browsing through the mailbox worked fine.
Originally all domain admins had full Exchange rights to all mailboxes. After installing 2007 I had to remove the deny ACL's set by Exchange to allow this again. It seems like what is happening with the users is something similar, because if I give them Send/Receive As rights in AD they can then resolve the names.
Any ideas? If I go to the properties of a user and view effective permissions it seems as though everyone has rights...
Btw I'm not sure if the permissions problem really has anything to do with that OU, it's just a coincidence. Awhile back someone had experimented with configuring Exchange similar to a hosted config where each OU couldn't see the others. Could have something to do with that. All address lists seem to have proper permissions. I've hunted in ADSI forever and can't seem to find where the problem is. Any tips/direction here would be great.