Exchange 2003 SP2 Mailbox Store Missing PLEASE HELP

Deejay_RSA
Deejay_RSA used Ask the Experts™
on
Hi There,

Please help, I messed around with Exchange permissions in ESM and now I can't see the mailbox store in ESM and the users are not getting any mail. It looks like everything else is working ok - pop is downloading from ISP etc.  Also performed successful ESEUTIL /p

Getting the following event:

Event Type:      Error
Event Source:      MSExchangeSA
Event Category:      MAPI Session
Event ID:      9175
Date:            7/20/2009
Time:            6:47:10 PM
User:            N/A
Computer:      SERVER
Description:
The MAPI call 'OpenMsgStore' failed with the following error:
The attempt to log on to the Microsoft Exchange Server computer has failed.
The MAPI provider failed.
Microsoft Exchange Server Information Store
ID no: 8004011d-0512-00000000

 This is very urgent, please help!

Thanks,

Deejay


Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Alan HardistyCo-Owner
Top Expert 2011

Commented:
See resolution 3 in this article which may be relevant to your problem:
http://support.microsoft.com/kb/896143 
Expert of the Quarter 2009
Expert of the Year 2009

Commented:
What exactly do you mean by mess about with permissions?
What did you remove or change?

Although your best option may well be to call Microsoft and pay their fee, forums like this are not the best place for urgent questions where your system is down as you are dependant on someone having the time to post - there is no guarantee that someone will.

Simon.
O. PierruSystem admin

Commented:
Hello,

Just a small checklist:

1/ Have you remounted the Storage group?                                                 
2/ Does the drive that contains the databases have enough space available?
3/ Check your stores permissions : http://technet.microsoft.com/en-us/library/bb123975(EXCHG.65).aspx

Good luck

--

CompTIA Network+

Prepare for the CompTIA Network+ exam by learning how to troubleshoot, configure, and manage both wired and wireless networks.

Author

Commented:
Thanks for you quick reply. Well the owner of the company has permissions to check everyone else's mail. Then he found out that anybody can add any mailbox to their own account and see their mail, so I thought I was being clever and messed with the permissions to stop everybody from checking everybody else's mail. And stuffed it up.

I've been on the net the whole day and I have subscribed to E-E just for this. No joy so far.  Any advice would be greatly appreciated.
Alan HardistyCo-Owner
Top Expert 2011

Commented:
As Simon (Mestha) has stated - you may be better off calling Microsoft directly, or trying to remember what settings / permissions you changed and putting them back again.
Following the Microsoft route would get you up and running quickly as they can remotely control your server and reset your permissions.  Alternatively, look at the profiles of the Experts trying to help you for other options.

Commented:
Use PFDAVAdmin. Whenever you screw up Public Folder or Mailbox permissions, use this program!

http://www.microsoft.com/downloads/details.aspx?FamilyId=635BE792-D8AD-49E3-ADA4-E2422C0AB424&displaylang=en


For help on using it:

http://www.msexchange.org/articles/PFDavAdmin-tool-Part1.html


I have needed it in a pinch several times now!
Expert of the Quarter 2009
Expert of the Year 2009

Commented:
Without knowing what permissions were removed, replacing those permissions is hard work.
The Exchange permission structure is very complex, if I have to replace the permissions I need to use a reference system to copy them across, one by one (ie manually adding them) usually through ADSIEDIT to get access back. It can take some time to do, as it isn't documented.

You might get away with a reinstall of Exchange and then the service pack, but I cannot remember if that will reset permissions that have been removed.

Simon.
O. PierruSystem admin

Commented:
Then I think you obviously have a permissions problem on this server. Nobody can open/read any other user's mailbox on a default SBS 2003 installation.

I'd would compare each store permissions with another working SBS 2003 and correct what's wrong.

Commented:
I did have a similar error at one point.

What worked for me was:

Open PFDAVAdmin
File -> Connect
Check All Mailboxes
Right-Click Mailboxes
Click Fix Folder DACLs

Author

Commented:
That's the freaky thing! I know you're not supposed to be able to see other users mail - but this one could. I saw it with my own eyes.

I have tried comparing the folder permissions with no luck.

How do I get in touch with Microsoft? I have RDP access setup.

Author

Commented:
Tried running PFDAVAdmin - got an error. Please see attachment.
error.JPG
Alan HardistyCo-Owner
Top Expert 2011

Commented:
Expert of the Quarter 2009
Expert of the Year 2009

Commented:
To contact Microsoft, you have to go to http://support.microsoft.com/ then follow the links on the right to Contact Microsoft.

I suspect that you have removed more permissions than you should have done - probably "Everyone", Users or Domain Users, rather than removing the specific permissions that were granting the access.

Simon.

Author

Commented:
Forgot to mention that I'm in South Africa, will see If they have local support.
Alan HardistyCo-Owner
Top Expert 2011

Commented:
Alan HardistyCo-Owner
Top Expert 2011

Commented:
South Africa Microsoft Contact Centre: 0860 22 55 67

Author

Commented:
Awesome thanks everybody. Will keep you posted.
Alan HardistyCo-Owner
Top Expert 2011

Commented:
Good luck.

Author

Commented:
Hi Everyone,

I just phoned Microsoft support and it's too expensive. If anybody would like to have a go at fixing this thing over VNC please let me know, II'l set it up.
Expert of the Quarter 2009
Expert of the Year 2009

Commented:
Resolving problems outside of the site is against the rules of the site.
How much is this costing your company in downtime? Microsoft support is usually the cheapest way of getting things fixed, because if you get a consultant in then it is done on per hour.
Here in the UK, it is cheaper to have Microsoft look at it than me after less than three hours. If Microsoft take ten hours to fix it then you still pay the same fee.

Simon.

Author

Commented:
Oh apologies I didn't know about that.

I'm not the owner of the comany, they have all left for the day. I have no way of paying them. It's after hours anyway, maybe if I try during the day It'l be cheaper.

Author

Commented:
Would restoring to a previous system state help?
Expert of the Quarter 2009
Expert of the Year 2009

Commented:
I doubt it, not with Exchange.
You need to get permissions back in the system, but if you didn't document what you removed, it is going to be hard to recreate them. I have done it, but I built a new system in a VM to compare it with.

If you have the installation media for Exchange, then try reinstalling it, then the service pack.

Simon.

Author

Commented:
I created a new maillbox store (with a different name), and it mounted just fine. Compared the permssions on the .edb files (they're all in the MDBDATA folder) and they are exactly the same. Weird.
O. PierruSystem admin

Commented:
Yes, but what about permissions on the storage group itself?

*Open ESM > Servers > servername > First storage group > right click your problematic mailbox storage group > Properties > Security tab > What do you have here?



*Sorry for the translation.  
O. PierruSystem admin

Commented:
Note: you should be able to compare permissions between the problematic storage group and the one you just created.

Author

Commented:
Hi Oliver

I Can't see the problematic mailbox storage group under ESM.
O. PierruSystem admin

Commented:
Hello,

Sorry, I knew it wasn't clear. I meant the problematic mailbox store (the one you can't re-mount).

should look like this:

ESM > Administrative groups > First Administrative Group > Servers > servername > First Storage Group > here you have your mailbox stores and can right click the problematic one > Properties > Security tab.
How do I close this question?

The problem was solved with a reload.
Alan HardistyCo-Owner
Top Expert 2011

Commented:
Pick one or more comments that answered your qestion.  If none did, then choose your last comment as the solution.  If you pick comments other than your own, you can allocate points accordingly.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial