Solved

I am unable to connect to a disconnected mailbox in exchange 2007.

Posted on 2009-06-29
10
1,044 Views
Last Modified: 2012-06-27
I had a corrupt user in AD... Disconnected the mailbox, deleted the user, added the new user, then I tried to reconnect the mailbox to the new user account. Exch07 says "successful" but the user cannot connect to the mailbox with OWA at all (this user will not be using outlook or entourage). Here is the message from OWA.

        Outlook Web Access could not connect to your Microsoft Exchange mailbox. If the problem continues, contact technical support for your organization.
Show details


Request
Url: https://<ServerName>:443/owa/lang.owa
User host address: <IP ADDRESS>

Exception
Exception type: Microsoft.Exchange.Data.Storage.ConnectionFailedTransientException
Exception message: Cannot open mailbox /o=<Domain>/ou=exchange administrative group (fydibohf23spdlt)/cn=recipients/cn=<username>.

Call stack
Microsoft.Exchange.Data.Storage.ConnectionCachePool.OpenMailbox(String serverDn, String userDn, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, Object identity, ConnectFlag connectFlag, OpenStoreFlag openStoreFlag, CultureInfo cultureInfo, String clientInfoString, Boolean secondTry)
Microsoft.Exchange.Data.Storage.ConnectionCachePool.OpenMailbox(String serverDn, String userDn, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, Object identity, ConnectFlag connectFlag, OpenStoreFlag openStoreFlag, CultureInfo cultureInfo, String clientInfoString, Boolean secondTry)
Microsoft.Exchange.Data.Storage.ConnectionCachePool.OpenMailbox(String serverDn, String userDn, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, Object identity, ConnectFlag connectFlag, OpenStoreFlag openStoreFlag, CultureInfo cultureInfo, String clientInfoString)
Microsoft.Exchange.Data.Storage.MailboxSession.Initialize(LogonType logonType, ExchangePrincipal owner, ADOrgPerson delegateUser, Object identity, OpenMailboxSessionFlags flags)
Microsoft.Exchange.Data.Storage.MailboxSession.CreateMailboxSession(LogonType logonType, ExchangePrincipal owner, ADOrgPerson delegateUser, Object identity, OpenMailboxSessionFlags flags, CultureInfo cultureInfo, String clientInfoString)
Microsoft.Exchange.Data.Storage.MailboxSession.Open(ExchangePrincipal mailboxOwner, WindowsPrincipal authenticatedUser, CultureInfo cultureInfo, String clientInfoString)
Microsoft.Exchange.Clients.Owa.Core.OwaWindowsIdentity.CreateMailboxSession(ExchangePrincipal exchangePrincipal, CultureInfo cultureInfo)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchLanguagePostLocally(OwaContext owaContext, OwaIdentity logonIdentity, CultureInfo culture, String timeZoneKeyName, Boolean isOptimized)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchLanguagePostRequest(OwaContext owaContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.PrepareRequestWithoutSession(OwaContext owaContext, UserContextCookie userContextCookie)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.InternalDispatchRequest(OwaContext owaContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchRequest(OwaContext owaContext)
System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Inner Exception
Exception type: Microsoft.Mapi.MapiExceptionLogonFailed
Exception message: MapiExceptionLogonFailed: Unable to open message store. (hr=0x80040111, ec=1010) Diagnostic context: Lid: 18969 EcDoRpcExt2 called [length=443] Lid: 27161 EcDoRpcExt2 returned [ec=0x0][length=148][latency=0] Lid: 23226 --- ROP Parse Start --- Lid: 27962 ROP: ropLogon [254] Lid: 17082 ROP Error: 0x3F2 Lid: 26937 Lid: 21921 StoreEc: 0x3F2 Lid: 27962 ROP: ropExtendedError [250] Lid: 1494 ---- Remote Context Beg ---- Lid: 26426 ROP: ropLogon [254] Lid: 4740 StoreEc: 0x80070005 Lid: 30409 StoreEc: 0x80070005 Lid: 19145 StoreEc: 0x3F2 Lid: 23241 StoreEc: 0x3F2 Lid: 32186 Lid: 8620 StoreEc: 0x3F2 Lid: 10786 dwParam: 0x0 Msg: EAGLEMAIL Lid: 1750 ---- Remote Context End ---- Lid: 26849 Lid: 21817 ROP Failure: 0x3F2 Lid: 26297 Lid: 16585 StoreEc: 0x3F2 Lid: 32441 Lid: 1706 StoreEc: 0x3F2 Lid: 24761 Lid: 20665 StoreEc: 0x3F2 Lid: 25785 Lid: 29881 StoreEc: 0x3F2

Call stack
Microsoft.Mapi.MapiExceptionHelper.ThrowIfError(String message, Int32 hresult, Int32 ec, DiagnosticContext diagCtx)
Microsoft.Mapi.ExRpcConnection.OpenMsgStore(OpenStoreFlag storeFlags, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, MapiStore msgStorePrivate, String& correctServerDn, ClientIdentityInfo clientIdentityAs, String userDnAs, String applicationId, CultureInfo cultureInfo)
Microsoft.Mapi.ConnectionCache.OpenMapiStore(String mailboxDn, Guid mailboxGuid, Guid mdbGuid, ClientIdentityInfo clientIdentity, String userDnAs, OpenStoreFlag openStoreFlags, CultureInfo cultureInfo, String applicationId)
Microsoft.Mapi.ConnectionCache.OpenMailbox(String mailboxDn, Guid mailboxGuid, Guid mdbGuid, WindowsIdentity windowsIdentityAs, String userDnAs, OpenStoreFlag openStoreFlags, CultureInfo cultureInfo, String applicationId)
Microsoft.Exchange.Data.Storage.ConnectionCachePool.OpenMailbox(String serverDn, String userDn, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, Object identity, ConnectFlag connectFlag, OpenStoreFlag openStoreFlag, CultureInfo cultureInfo, String clientInfoString, Boolean secondTry)
0
Comment
Question by:stephenwyles
  • 5
  • 5
10 Comments
 
LVL 6

Accepted Solution

by:
grandebob earned 500 total points
Comment Utility
Go into exchange management console, and check the full access permissions of the mailbox. if you see an ugly SID, try adding the newly created AD account.
0
 

Author Comment

by:stephenwyles
Comment Utility
I followed these steps by microsoft...  
1. Start the Exchange Management Console.
2. In the console tree, click Recipient Configuration.
3. In the result pane, select the mailbox for which you want to grant the Full Access permission.
4. In the action pane, under the mailbox name, click Manage Full Access Permission. The Manage Full Access Permission wizard opens.
5. On the Manage Full Access Permission page, click Add.
6. In Select User or Group, select the user to which you want to grant the Full Access permission, and then click OK.
7. Click Manage.
8. On the Completion page, the Summary states whether the Full Access permission was successfully granted. The summary also displays the Exchange Management Shell command that was used to grant the Full Access permission.
9. Click Finish.


Problem... I don't have "Manage Full Access Permission" on the "Action Pane" of my EMC. I have attached a screen shot of my "Actions Pane". And... it does not show up for any of my mailboxes, not just this one. But, this is the only account with a problem.


Picture-13.png
0
 
LVL 6

Expert Comment

by:grandebob
Comment Utility
Can you right click on the mail box and select "manage full access"?
0
 

Author Comment

by:stephenwyles
Comment Utility
No.
Here is a snapshot of my "right click" menu.
Picture-14.png
0
 
LVL 6

Expert Comment

by:grandebob
Comment Utility
Are you logged in as a member of the exchange admin's group?
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Author Comment

by:stephenwyles
Comment Utility
I am logged in as the Domain Administrator!
0
 

Author Comment

by:stephenwyles
Comment Utility
Using your information about security settings I was able to fix the problem!

I went into the "Properties" and went to the "Mail Flow Settings" tab and the properties of "Delivery Options". From there I clicked "Add" to the "Grant this permission to:" window and added the new user account.

I logged back into to OWA and the emails were all intact!

Thanks for the help, I will update the status and award the points accordingly.

I attached a snapshot of the steps I mentioned above.


Picture-15.png
0
 
LVL 6

Expert Comment

by:grandebob
Comment Utility
Have you tried through AD or power shell? The bellow PS command should let you add permissions to the mailbox. You might have to tweak it a little, but that would be the command to use.

add-adpermission %username -user user@domain.com -accessrights "GenericAll"

Open in new window

0
 
LVL 6

Expert Comment

by:grandebob
Comment Utility
Awesome, glad you got it to work.
0
 

Author Closing Comment

by:stephenwyles
Comment Utility
It was definitely a security issue but the steps to get there were not accurate for my server. I was able to locate the security area I needed to resolve this issue on my own and I would have never thought to look there if it were not for the initial comment left on this question.
0

Featured Post

Why do Marketing keep bothering you?

Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

Join & Write a Comment

Suggested Solutions

"Migrate" an SMTP relay receive connector to a new server using info from an old server.
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now