?
Solved

Exchange 2010 send on behalf of distribution group

Posted on 2011-09-26
7
Medium Priority
?
1,464 Views
Last Modified: 2012-05-12
I used to be able to send from a distribution group when we had Exchange 2003, these groups have worked since we have upgraded to Exchange 2010. However if we have needed to amend the group details then we have had to change the group from 'Mail Non-Universal' to 'Mail Universal Distribution'

There are to groups in particular which are not behaving the same since being converted to 'Mail Universal Distribution'.

accounts@domainname and support@domainname I can send from the support address but not from the accounts one this has only happened since changing the account group to the 'Mail Universal Distribution' last week. The support group was a long time before that and works fine.

When I try to send a massage as accounts I get this message…

Delivery has failed to these recipients or groups:

blahblah@blah.com
You can't send a message on behalf of this user unless you have permission to do so. Please make sure you're sending on behalf of the correct sender, or request the necessary permission. If the problem continues, please contact your helpdesk.

Diagnostic information for administrators:

Generating server:

blahblah@blah.com
#MSEXCH:MSExchangeIS:/DC=local/DC=DOMAIN:SERVER[578:0x000004DC:0x0000001D] #SMTP#
0
Comment
Question by:Fubschuk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 49

Accepted Solution

by:
Akhater earned 2000 total points
ID: 36708222
open ADUC -> View Advanced Features -> find the group -> RIght click properties -> security

ad the user and give it sendas permission
0
 

Author Comment

by:Fubschuk
ID: 36708437
Already tried that, but no sucsess. the support@domainname has sendas ticked for 'Authenticated Users' and I have tried the same with the accounts@domainname but this didn't work. I have also added myself to the group in ADUC and tried adding the sendas and even giving full permission but still no joy.

Any other ideas
0
 
LVL 29

Expert Comment

by:pwindell
ID: 36716920
I'm not convinced that it can be done really.  I probably would have just said "You can't".   A Distrib Group is not a User Account, and more importantly it does not have a mailbox, and I think that makes a difference.   When mail comes in to a Distrib Group the Distrib Group does not hold it because there is no where to hold it,...all it does is re-associate the message with the multiple mailboxes of the Group's Members.  Now you could set the "send on behalf of" toward one of the Group's Members individually, but not the group.

The whole thing is a waste of time anyway.  It is still going to show coming from the user that really sent it anyway.  If the user sending is JSmith then the message they send is going to say  From: JSmith on behalf of DistribGroup.  There are obvious legal reasons for this,...it prevents fraudulent emails be sent from one person but disguised as someone else.  For example an employee of the company gets "send on behalf" of rights against the company's CEO,...so the employee sends the message "on behalf of" the CEO to the Mayor and Chief of Police and flames them calling them every name in the book in an attempt to cause the CEO grief.  The behavior of Exchange prevents this from happening.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 49

Expert Comment

by:Akhater
ID: 36716946
sorry I missed your reply, please try sending from OWA and not from outlook see if there is a difference in the behavior


to pwindell, it can be done 100%
0
 

Author Comment

by:Fubschuk
ID: 36717006
SEND AS is working now, must have be propagation delay from AD with the security settings.
0
 
LVL 49

Expert Comment

by:Akhater
ID: 36717047
it is not a propagation delay rather the time needed for your outlook to get the new OAB (offline address book) that's why I asked you to try from OWA

thanks for the updates and the points
0
 
LVL 29

Expert Comment

by:pwindell
ID: 36717115
Very good.
So it is possible after all.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this post we will be converting StringData saved within a text file into a hash table. This can be further used in a PowerShell script for replacing settings that are dynamic in nature from environment to environment.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses
Course of the Month12 days, 4 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question