Shared Hosting on Exchange Now Outlook Clients can't Resolve or Send e-mails

Dear All,

I have recently setup an Exchange 2007 standard server for a client - it's been working perfectly for over 6 months. The client wanted to have separate address books between departments that cannot be accessed across departments. So I found some steps on how to separate the GAL without AD segregation here: http://www.msexchange.org/articles_tutorials/exchange-server-2007/migration-deployment/shared-hosting-exchange-2007-part1.html

First I followed the steps on my test environment and it worked perfectly and I was able to create separate GALs & separate mailbox DBs - so people in one GAL cannot see people in another GAL.

I implemented this on the live server yesterday and after testing it all worked. Today however no user can send e-mails they keep getting error "The operation failed. The messaging interfaces have returned an unknown error. If the problem persists, restart Out, cannot resolve recipient" I tried to recreate Outlook profile and configure exchange account and now no matter what account I use it says "your server or mailbox names cannot be resolved" and in outlook 2007 it says "The action cannot be completed. the name cannot be matched to a name on the address list." even though they are 100% correct.

I'm panicking as I cannot get in touch with the author of the article for guidance :-(

OWA still works perfectly though.... Please help
AndreYPBAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
AndreYPBConnect With a Mentor Author Commented:
Thanks - that had already been done - the backing up at least.
To make it work I had to modify the permissions on to default authenicated users - 'read/list' on the default GAL - after a reboot it of the server all is now fine in the lands. Thanks anyway.
0
 
David Johnson, CD, MVPOwnerCommented:
backup, backup, backup and restore
0
 
AndreYPBAuthor Commented:
This worked for me
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
jmichaelpalermo4Commented:
andreTPB -

We're running into exactly the same issue (began about a week ago out of the blue). Doesn't adding the authenticated users back to the default GAL undo the GAL segregation of a hosted Exchange environment?
0
 
AndreYPBAuthor Commented:
Indeed it does, however you can still restrict what users see by editing the 'msExchQueryBaseDn' of the user account and pointing it to the CN or OU that's associated with the address list you have setup. If you have multiple users you can use the free ADModify tool to edit the same attribute for multiple users. I did this and now it all works nicely :-)
0
 
jmichaelpalermo4Commented:
Thanks AndreYPB -

Our issues must somehow be different. Our users can still send/receive emails, just new Outlook profiles give the "The action cannot be completed. the name cannot be matched to a name in the address list." error. I attempted adding the authenticated users back to the Default GAL (Read/List) and restarted the server...no effect. Any other thoughts/suggestions? I'm out of ideas...
0
 
AndreYPBAuthor Commented:
I would check DNS settings - see if there is an A record for autodiscover.mydomain.local and remote.mydomain.local - these should be mapped to the exchange server internal IP address. Lastly check the clients DNS settings - and ensure that only your DNS Server is listed here as these can cause authentication problems.

On the exchange I had the problem with - they could send/receive e-mails but they had to strip out display name propterties i.e they couldn't reply if the address field showed Jon Do <jon.do@123.com> but sending to just jon.do@123.com worked.

For permissions I just set it back to 'inherit from parent' so the original permissions were picked up
0
 
jmichaelpalermo4Commented:
Thanks Andre - DNS is definitely okay; testexchangeconnectivity.com shows everything should work for autodiscover. This is very strange...

Do you know of a way to see which address list Exchange is trying to look at when attempting to match the user to an address list?
0
 
AndreYPBAuthor Commented:
I would imagine under normal circumstances it's the default GAL and if said user doesn't have permissions then they won't be listed under that GAL therefore making the creation of a profile impossible - but this is just my theory - i can't be certain, it might be worth posting as a new question if you haven't already done so. Good luck
0
 
jmichaelpalermo4Commented:
Thanks Andre
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.