asked on
Trying to fix an undeleted AD account's mailbox access
Hello,
An employee recently came back and since we still had her account as a tombstone, I undeleted it. She was having trouble getting into her mailbox, which is understandable - I think the account was deleted right at the time when we were undergoing an Exchange migration. So I removed the mailbox and then created a new mailbox for the account, and restored all the items in it. Works fine - EXCEPT that I am getting autoresponses with the following error:
#550 4.4.7 QUEUE.Expired; message expired ##
Keep in mind, over 1000 other employees have sound email traffic so I think this is account or mailbox-related. I just don't find a good correlation between the error and the behavior online. As a weird sidenote, I tried to grant full control to the mailbox via the ECP and got a hung screen. I can apply the permissions via Powershell using Add-MailboxPermission. From that I'm betting this is probably a URL setting issue or something in IIS, but where would you suggest I begin looking?
Thanks for your time
An employee recently came back and since we still had her account as a tombstone, I undeleted it. She was having trouble getting into her mailbox, which is understandable - I think the account was deleted right at the time when we were undergoing an Exchange migration. So I removed the mailbox and then created a new mailbox for the account, and restored all the items in it. Works fine - EXCEPT that I am getting autoresponses with the following error:
#550 4.4.7 QUEUE.Expired; message expired ##
Keep in mind, over 1000 other employees have sound email traffic so I think this is account or mailbox-related. I just don't find a good correlation between the error and the behavior online. As a weird sidenote, I tried to grant full control to the mailbox via the ECP and got a hung screen. I can apply the permissions via Powershell using Add-MailboxPermission. From that I'm betting this is probably a URL setting issue or something in IIS, but where would you suggest I begin looking?
Thanks for your time
ExchangeActive Directory
Last Comment
dgapinski
is this happending when there is an incoming mail to the user? Are you using any kind of AntiSpam ? Did you check if the email is correct? also check the DNS
ASKER
Hi Mohammed, I actually tried deleting the autocomplete, thinking that it might be related. The account does have an X500 entry, but how do I know if it is correct?
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
OK I got the old LegacyExchangeDN attribute from our week-old test environement, and added the x500 address. I'm guessing it might not take right away? I could restart the Exchange Info Store service, but in the middle of the night
It should take effect immediately after AD replication takes place. .. have u tried sending an e-mail?
ASKER
I have, and have been watching the mailbox as well as the queue, which shows it as a message delayed even after I retried it an hour or so after sending. I see the attached description when I pull up the message in the 2010 Queue Viewer, which I don't find particularly helpful, but there you are. Keep in mind that for all the normal mailboxes, traffic flows without a problem between our 2010 and 2013 mailstore servers.
Delayed.PNG
Delayed.PNG
Who is the address in this screenshot ? Is it the deleted/recreated user? I can see the error is 400 4.4.7 message delayed
ASKER
Correct Mohammed - it is the deleted/recreated user that I sent the test email to.
Could you please send me how you entered the x500 address in a private message.
ASKER
Sent - is the x500 address supposed to match the LegacyExchangeDN as well? Since we don't use x500 addresses normally (it doesn't appear on other working accounts, but I understand that x500 addreses are used for situations like this), I'm not sure what the rules are here. Thanks for explaining!
ASKER
I should ask, can I look for the intended ExchangeDN that this is failing on from the queue? Actually I will try to find in transport logs (maybe it will say there what it's supposed to be). More on that soon.
ASKER
I could not find a DN from the transport logs I ran out of time and had to recreate the mailbox. after I did, I had to clear my autocomplete cache and instruct my users to do the same. Thankfully this user did not have hugely important email delayed in the send queue. I am marking the X500 answer as correct, because it's a good answer and I think would bring in the delayed emails if I could find what the x500 address being used is.
I have seen this error happens with users who get new email as they get new GUID but in autocomplete that gets stored somewhere and the way to resolve it is to either delete the autocomplete for this user or simply create the X500 attribute in his account object.