Exchange 2010 - Manage Full Access Didn't Remove Account
I have a weird scenario that I need help with.
I have Exchange 2010 on Windows Server 2008. Using the Exchange Management Console I added "Full Access" for User A, to see and manage User B's Account. Now when it is time to remove that permission, exchange is not giving it up. What I mean is that I went back to the account in Mailboxes under Recipient Config in EMC, and right clicked the account of User B, and chose "Manage Full Access" and selected User B, and removed them, and finished successfully.
The email account still shows up in User A's Outlook 2013 client on the left hand side as it always had. It won't remove.
Things I have tried:
I have checked the Account Properties for Delegates and there are none. I have right clicked the account and chosen delete, and it says something about it being managed by the server or the equivalent. I have recreated the Profile of User A, and it still shows up. I have also checked the "Send Mail As" property in EMC, and User A is not on User B's list.
I tried a repair of outlook thinking this was a local problem to the client, and when that didn't fix it, I connected her account to another computer and had the same problem. So the issue is definitely on the Exchange server.
I have checked Mail Flow settings, on both User A and B's mailbox properties, and it's all default there.
I tried adding the Full access permission back to User B's Account, waited a while, then removed it. That didn't help.
User A, can still see and open mail that is sent to User B. And when I connect to our Outlook Web Mail portal in a web browser as User A, I am not able to view User B's account. It says I don't have permission.
What should I do to remove this mailbox from User A's Outlook?
Additional Info:
Somewhere between the time I added the full access permission for User A on User B's Account and the time I tried to remove it, User A got married, so I changed her account name in Active Directory. I didn't create a new account, just went into the user account properties in AD, and in the "Account" tab, I changed the "User Logon Name" to match her new last name. Everything seemed to be fine after that change. No weird behavior except this outlook issue. Of course her Exchange Mailbox is connected through AD to her account. I didn't think changing her account name would effect that connection. And she can still access her email and see all her folders and contacts etc... All I did in EMC was add a new alias for her (because I'm unsure of another easy way to manage this scenario, I didn't want to learn how to migrate between old and new mailbox accounts, but will if that's the fix). Not sure if this is related...
Thanks Experts!!
I have Exchange 2010 on Windows Server 2008. Using the Exchange Management Console I added "Full Access" for User A, to see and manage User B's Account. Now when it is time to remove that permission, exchange is not giving it up. What I mean is that I went back to the account in Mailboxes under Recipient Config in EMC, and right clicked the account of User B, and chose "Manage Full Access" and selected User B, and removed them, and finished successfully.
The email account still shows up in User A's Outlook 2013 client on the left hand side as it always had. It won't remove.
Things I have tried:
I have checked the Account Properties for Delegates and there are none. I have right clicked the account and chosen delete, and it says something about it being managed by the server or the equivalent. I have recreated the Profile of User A, and it still shows up. I have also checked the "Send Mail As" property in EMC, and User A is not on User B's list.
I tried a repair of outlook thinking this was a local problem to the client, and when that didn't fix it, I connected her account to another computer and had the same problem. So the issue is definitely on the Exchange server.
I have checked Mail Flow settings, on both User A and B's mailbox properties, and it's all default there.
I tried adding the Full access permission back to User B's Account, waited a while, then removed it. That didn't help.
User A, can still see and open mail that is sent to User B. And when I connect to our Outlook Web Mail portal in a web browser as User A, I am not able to view User B's account. It says I don't have permission.
What should I do to remove this mailbox from User A's Outlook?
Additional Info:
Somewhere between the time I added the full access permission for User A on User B's Account and the time I tried to remove it, User A got married, so I changed her account name in Active Directory. I didn't create a new account, just went into the user account properties in AD, and in the "Account" tab, I changed the "User Logon Name" to match her new last name. Everything seemed to be fine after that change. No weird behavior except this outlook issue. Of course her Exchange Mailbox is connected through AD to her account. I didn't think changing her account name would effect that connection. And she can still access her email and see all her folders and contacts etc... All I did in EMC was add a new alias for her (because I'm unsure of another easy way to manage this scenario, I didn't want to learn how to migrate between old and new mailbox accounts, but will if that's the fix). Not sure if this is related...
Thanks Experts!!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This is specific to each user, not a global setting. You can call it as Exchange 2010 bug. Normally, using EMC and EMS it should be removed, in some cases, it need adsiedit.
ASKER
Thank you Amit! This solved my problem perfectly!
I appreciate the help!
I appreciate the help!
ASKER
But am I correct in understanding the AS Auto-Mapping to be the feature that allows me to add "full access" to a mailbox, and that mailbox is automatically added to the users outlook in the next few minutes?
If this article is saying that the solution to my problem is to disable Auto-Mapping, then I am not liking that answer. I really use the auto-mapping feature all the time. Users are always going on vacation, and asking someone to monitor their high traffic in-boxes. I can easily add it, without being in front of their computer.
I'm hoping for a solution that allows me to just fix this one issue/mailbox account, and not disable AutoMapping.
What do you think?