Solved

Exchange 2010 SP3, remote users unable to open shared mailboxes

Posted on 2014-10-06
9
439 Views
Last Modified: 2014-10-13
This weekend we had a scheduled power outage, so I shutdown all the servers at my site including the Exchange box.  Today users from a remote location who open a couple shared mailboxes that are hosted from my site are unable to do so.

I have verified those users are in the correct security group, that security groups is listed with Full Access to these two mailboxes.  Local users have no trouble opening the mailboxes in question.

I've checked the Event logs on both servers and am seeing nothing with regards to these two mailboxes, or the users trying to access them.

As a test I gave an Admin at the remote site Full Access to a totally different mailbox hosted here.. Outlook could not find that user.  What's more, the test admin in the remote site CAN see the test mailbox listed in the GAL.
0
Comment
Question by:Ben Hart
  • 6
  • 3
9 Comments
 
LVL 5

Expert Comment

by:Abdul Khadja Alaoudine
ID: 40363748
It looks to me it could be DNS issue. Test mailbox could be listed in the GAL because Outlook may have Offline Address Book cached.

From remote site see if you can ping / nslookup to Exchange servers and DCs.
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 40363964
Test admin can ping my Exch server and the two DC's which are both GC's as well.  Ive also tried removing and re-adding the permissions which did not help.
0
 
LVL 5

Expert Comment

by:Abdul Khadja Alaoudine
ID: 40364058
What's the error message? Would you be able to provide screenshot?
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 40364308
The set of folders cannot be opened.  Exchange is not available, etc


sounds just like a network issue, but with pings and nslookups completing successfully from those desktops it can't be network related.  I found out two other users who have main mailboxes on that server but are also remotely opening the problematic mailboxes are doing so without issue.
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 5

Accepted Solution

by:
Abdul Khadja Alaoudine earned 500 total points
ID: 40365369
Do the following:

1. Remove full access to those users for the shared mailboxes
2. Run below PS command and disable Automapping

Add-MailboxPermission -Identity <shared mailbox> -User '<user needs access>' -AccessRight FullAccess -InheritanceType All -Automapping $false

See for more info - http://technet.microsoft.com/en-gb/library/hh529943(v=exchg.141).aspx

3. Open Outlook on users' PC who need access. In Outlook click on File --> Account Settings --> Account Settings --> Change --> More Settings --> Advanced --> Add

Let me know the result.
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 40366814
I actually did the first half of your suggestion yesterday before posting here as suggested by some random blog I found.  Disabling Automapping as well.

I will find out what's in the Add box..
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 40368374
I feel as though I should diagram this to help follower understand better.

SITE A                                                SITE B
Exch 1                                               Exch 2
remote user                                    Shared mailbox

Ok so last night I rebooted Exch 1.. all of this started because power was shut down in all of Site B and I had been able to bounce both DC's in SITE A so the only thing left was Exch 1.

The issue persists this morning though.  Remote Users cannot access the Shared Mailbox.  But still local users to SITE B can access the Shared Mailbox.

Here's an interesting thing though, my admin in SITE A whose bene helping me test.. after I bounce Exch 1 last night he says that he can now connect to a test shared mailbox..but he was over VPN.. not in the SITE A office.  What's doubly odd is that the VPN session terminated as an ASA 5500 in SITE A.  So the only thing different was the subnet he was on.
0
 
LVL 14

Assisted Solution

by:Ben Hart
Ben Hart earned 0 total points
ID: 40369114
Ok issue is resolved.

Long story short, on day one firs thing I did was check perms.  Both reporting users were in a security group who was given FullAccess rights to the problematic mailboxes.  I tried adding them specifically, which did not resolve the issue.

Last night I bounced their local Exchange server and the issue persists still.  Until I removed those explicit permission entries, after that and restarting their Outlook they could open the mailboxes just fine.

So moral of the story is.. two rights make a wrong?  Maybe this story has no moral.
0
 
LVL 14

Author Closing Comment

by:Ben Hart
ID: 40376637
the solution to my issue was half Abdul and half me.  He reminded me of the command to remove-mailboxpermissions but that was not the sole solution.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now