|
|
|
date: Mon, 8 Sep 2008 12:42:39 -0500,
group: microsoft.public.exchange.admin
back
Re: Still having problems with new users
Ok, errors I got were these:
Description:
The expected registry value 'Track Duplicates' under registry key
'SYSTEM\CurrentControlSet\Services\MsExchangeIs\HERMES\Private-0f164aae-f741-416b-bb99-2123854421ce'
could not be found. Some server operations may be affected.
For more information, click http://www.microsoft.com/contentredirect.asp.
Event Type: Error
Event Source: EXOLEDB
Event Category: Events
Event ID: 112
Date: 9/8/2008
Time: 3:47:04 PM
User: N/A
Computer: HERMES
Description:
Microsoft Exchange OLEDB was unable to register OnSyncSave event for Schema
propagation on MDB startup HRESULT = 0x8000ffff.
For more information, click http://www.microsoft.com/contentredirect.asp.
Event Type: Error
Event Source: EXOLEDB
Event Category: Events
Event ID: 116
Date: 9/8/2008
Time: 3:47:04 PM
User: N/A
Computer: HERMES
Description:
Microsoft Exchange OLEDB was unable to initialize event system correctly.
Support for store event may have been disabled. HRESULT = 0x8004010f.
For more information, click http://www.microsoft.com/contentredirect.asp.
"Michael Dragone" wrote in message
news:e35ATLfEJHA.616@TK2MSFTNGP06.phx.gbl...
> XADM: How to Collect Diagnostic Data for Information Store Troubleshooting
> http://support.microsoft.com/kb/257725
>
> "Mark Morrell" wrote in message
> news:uaRsoqeEJHA.4784@TK2MSFTNGP05.phx.gbl...
>> Nothing like that in the logs.
>> I'm looking over that link now. I am always baffled why they give
>> instructions to do something by telling you to do it.
>> I'm talking about the "Increasing Diagnostics Logging". Any idea where I
>> would do that??
>>
>> Recipient update service has all the right stuff as far as I can tell.
>> Domain name config looks good
>> Under "Additional..."
>> #1 Modify is faded so I can't do that
>> #2 None of the new users are stamped
>> #3 The new ones have nothing in there
>> #4 Not running 2000
>> #5 If my phone would stop ringing I might get time to try this one.....
>>
>>
>>
>> "Michael Dragone" wrote in message
>> news:%230%23eOKeEJHA.4304@TK2MSFTNGP02.phx.gbl...
>>> Hmm. Could be a RUS issue. Do you see anything in the Event Logs
>>> relating to the Recipient Update Service? Have you taken a look at
>>> http://support.microsoft.com/?id=288807 yet?
>>>
>>> "Mark Morrell" wrote in message
>>> news:upA#y9dEJHA.1272@TK2MSFTNGP05.phx.gbl...
>>>> Just the default policy. General tab has: (mailnickname=*). E-mail
>>>> tab has the SMTP and X400 addresses.
>>>> LDAP - c=us;a= ;p=BHExchange;o=Exchange; (is this the filter you mean?)
>>>>
>>>> "Michael Dragone" wrote in message
>>>> news:OcQiT3dEJHA.768@TK2MSFTNGP05.phx.gbl...
>>>>> How many policies do you have? What LDAP filter would be applied to
>>>>> the one(s) with the X.400 address?
>>>>>
>>>>> "Mark Morrell" wrote in message
>>>>> news:uMkPmzdEJHA.4104@TK2MSFTNGP04.phx.gbl...
>>>>>> Ok, normally we just log the person in and setup the email. I just
>>>>>> never noticed about the permissions until we had problems. So that
>>>>>> part makes sense.
>>>>>>
>>>>>> Yes, the X400 and the SMTP have x's in the block.
>>>>>>
>>>>>>
>>>>>>
>>>>>> "Michael Dragone" wrote in message
>>>>>> news:uXaLKudEJHA.3288@TK2MSFTNGP03.phx.gbl...
>>>>>>> Newly created mailboxes with only have an ACE for SELF until the
>>>>>>> mailbox is logged in to or until it receives mail.
>>>>>>>
>>>>>>> Mailbox Rights for New Users Shows Only Self
>>>>>>> http://support.microsoft.com/?kbid=272153
>>>>>>>
>>>>>>> Do you have an X.400 address checked off in the recipient policy
>>>>>>> being applied to your newly created users? Look in Exchange System
>>>>>>> Manager under Organization\Receipients\Recipient Policies.
>>>>>>>
>>>>>>> "Mark Morrell" wrote in message
>>>>>>> news:u$WXLpdEJHA.3288@TK2MSFTNGP03.phx.gbl...
>>>>>>>> Exchange 2003 on server 2003 with all patches up to date.
>>>>>>>> Had a server crash, rebuilt on new box with disasterRecovery option
>>>>>>>> Old users working fine.
>>>>>>>>
>>>>>>>> But, when I create new users, they don't get any permissions except
>>>>>>>> Self.
>>>>>>>> SMTP address is created, but not the X400 address
>>>>>>>> After talking with Jamestechman I tried changing the user's
>>>>>>>> msExchUserAccountControl attribute in adsiedit to 0.
>>>>>>>> Then ran rebuild rus. Still nothing...until I send that user an
>>>>>>>> smtp email. Then the correct permissions propagate.
>>>>>>>> But still no X400 address.
>>>>>>>>
>>>>>>>> I tried manually adding the X400 address, but no go. It forced me
>>>>>>>> to add the ADMD but none of my other users have that block filled
>>>>>>>> in.
>>>>>>>>
>>>>>>>> I ran the best practices analyzer tool and it comes up clean.
>>>>>>>>
>>>>>>>> Any ideas how to fix this?
>>>>>>>>
>>>>>>>> Thanks in advance
>>>>>>>> Mark
>
date: Mon, 8 Sep 2008 15:55:52 -0500
author: Mark Morrell
Re: Still having problems with new users
I'm sorry, I just realized I should've been clearer.
You follow the instructions in KB 257725 to turn up the diagnostic logging,
but need to follow the section below in KB 288807 to turn up the RUS-related
components.
To increase diagnostics logging:
1. Increase diagnostic logging to Maximum on the MSExchangeAL service for
the following categories: LDAP Operations, Service Control and Address List
Synchronization.
2. Then, in Exchange Server 2003, increase diagnostic logging to Maximum on
the MSExchangeSA service for the Proxy Generation category.
3. Restart the System Attendant service and rebuild the Recipient Update
Service.
4. Examine Application Log for indications of problems.
"Mark Morrell" wrote in message
news:uaRsoqeEJHA.4784@TK2MSFTNGP05.phx.gbl...
> Nothing like that in the logs.
> I'm looking over that link now. I am always baffled why they give
> instructions to do something by telling you to do it.
> I'm talking about the "Increasing Diagnostics Logging". Any idea where I
> would do that??
>
> Recipient update service has all the right stuff as far as I can tell.
> Domain name config looks good
> Under "Additional..."
> #1 Modify is faded so I can't do that
> #2 None of the new users are stamped
> #3 The new ones have nothing in there
> #4 Not running 2000
> #5 If my phone would stop ringing I might get time to try this one.....
>
>
>
> "Michael Dragone" wrote in message
> news:%230%23eOKeEJHA.4304@TK2MSFTNGP02.phx.gbl...
>> Hmm. Could be a RUS issue. Do you see anything in the Event Logs relating
>> to the Recipient Update Service? Have you taken a look at
>> http://support.microsoft.com/?id=288807 yet?
>>
>> "Mark Morrell" wrote in message
>> news:upA#y9dEJHA.1272@TK2MSFTNGP05.phx.gbl...
>>> Just the default policy. General tab has: (mailnickname=*). E-mail tab
>>> has the SMTP and X400 addresses.
>>> LDAP - c=us;a= ;p=BHExchange;o=Exchange; (is this the filter you mean?)
>>>
>>> "Michael Dragone" wrote in message
>>> news:OcQiT3dEJHA.768@TK2MSFTNGP05.phx.gbl...
>>>> How many policies do you have? What LDAP filter would be applied to the
>>>> one(s) with the X.400 address?
>>>>
>>>> "Mark Morrell" wrote in message
>>>> news:uMkPmzdEJHA.4104@TK2MSFTNGP04.phx.gbl...
>>>>> Ok, normally we just log the person in and setup the email. I just
>>>>> never noticed about the permissions until we had problems. So that
>>>>> part makes sense.
>>>>>
>>>>> Yes, the X400 and the SMTP have x's in the block.
>>>>>
>>>>>
>>>>>
>>>>> "Michael Dragone" wrote in message
>>>>> news:uXaLKudEJHA.3288@TK2MSFTNGP03.phx.gbl...
>>>>>> Newly created mailboxes with only have an ACE for SELF until the
>>>>>> mailbox is logged in to or until it receives mail.
>>>>>>
>>>>>> Mailbox Rights for New Users Shows Only Self
>>>>>> http://support.microsoft.com/?kbid=272153
>>>>>>
>>>>>> Do you have an X.400 address checked off in the recipient policy
>>>>>> being applied to your newly created users? Look in Exchange System
>>>>>> Manager under Organization\Receipients\Recipient Policies.
>>>>>>
>>>>>> "Mark Morrell" wrote in message
>>>>>> news:u$WXLpdEJHA.3288@TK2MSFTNGP03.phx.gbl...
>>>>>>> Exchange 2003 on server 2003 with all patches up to date.
>>>>>>> Had a server crash, rebuilt on new box with disasterRecovery option
>>>>>>> Old users working fine.
>>>>>>>
>>>>>>> But, when I create new users, they don't get any permissions except
>>>>>>> Self.
>>>>>>> SMTP address is created, but not the X400 address
>>>>>>> After talking with Jamestechman I tried changing the user's
>>>>>>> msExchUserAccountControl attribute in adsiedit to 0.
>>>>>>> Then ran rebuild rus. Still nothing...until I send that user an
>>>>>>> smtp email. Then the correct permissions propagate.
>>>>>>> But still no X400 address.
>>>>>>>
>>>>>>> I tried manually adding the X400 address, but no go. It forced me
>>>>>>> to add the ADMD but none of my other users have that block filled
>>>>>>> in.
>>>>>>>
>>>>>>> I ran the best practices analyzer tool and it comes up clean.
>>>>>>>
>>>>>>> Any ideas how to fix this?
>>>>>>>
>>>>>>> Thanks in advance
>>>>>>> Mark
>>
>
>
date: Mon, 8 Sep 2008 17:13:10 -0400
author: Michael Dragone
Re: Still having problems with new users
No, you made sense! I did do that, but went back again just now and tried
it again.
Same errors. I'll post them below.
I thought I would just try creating a new user to see what happened. Now
that one doesn't even get the SMTP address!
Description:
The expected registry value 'Track Duplicates' under registry key
'SYSTEM\CurrentControlSet\Services\MsExchangeIs\HERMES\Private-0f164aae-f741-416b-bb99-2123854421ce'
could not be found. Some server operations may be affected.
For more information, click http://www.microsoft.com/contentredirect.asp.
Event Type: Error
Event Source: EXOLEDB
Event Category: Events
Event ID: 112
Date: 9/8/2008
Time: 3:47:04 PM
User: N/A
Computer: HERMES
Description:
Microsoft Exchange OLEDB was unable to register OnSyncSave event for Schema
propagation on MDB startup HRESULT = 0x8000ffff.
For more information, click http://www.microsoft.com/contentredirect.asp.
Event Type: Error
Event Source: EXOLEDB
Event Category: Events
Event ID: 116
Date: 9/8/2008
Time: 3:47:04 PM
User: N/A
Computer: HERMES
Description:
Microsoft Exchange OLEDB was unable to initialize event system correctly.
Support for store event may have been disabled. HRESULT = 0x8004010f.
For more information, click http://www.microsoft.com/contentredirect.asp.
"Michael Dragone" wrote in message
news:e35ATLfEJHA.616@TK2MSFTNGP06.phx.gbl...
> XADM: How to Collect Diagnostic Data for Information Store Troubleshooting
> http://support.microsoft.com/kb/257725
>
> "Mark Morrell" wrote in message
> news:uaRsoqeEJHA.4784@TK2MSFTNGP05.phx.gbl...
>> Nothing like that in the logs.
>> I'm looking over that link now. I am always baffled why they give
>> instructions to do something by telling you to do it.
>> I'm talking about the "Increasing Diagnostics Logging". Any idea where I
>> would do that??
>>
>> Recipient update service has all the right stuff as far as I can tell.
>> Domain name config looks good
>> Under "Additional..."
>> #1 Modify is faded so I can't do that
>> #2 None of the new users are stamped
>> #3 The new ones have nothing in there
>> #4 Not running 2000
"Michael Dragone" wrote in message
news:ODYM0efEJHA.4420@TK2MSFTNGP06.phx.gbl...
> I'm sorry, I just realized I should've been clearer.
>
> You follow the instructions in KB 257725 to turn up the diagnostic
> logging, but need to follow the section below in KB 288807 to turn up the
> RUS-related components.
>
> To increase diagnostics logging:
> 1. Increase diagnostic logging to Maximum on the MSExchangeAL service for
> the following categories: LDAP Operations, Service Control and Address
> List Synchronization.
> 2. Then, in Exchange Server 2003, increase diagnostic logging to Maximum
> on the MSExchangeSA service for the Proxy Generation category.
> 3. Restart the System Attendant service and rebuild the Recipient Update
> Service.
> 4. Examine Application Log for indications of problems.
>
> "Mark Morrell" wrote in message
> news:uaRsoqeEJHA.4784@TK2MSFTNGP05.phx.gbl...
>> Nothing like that in the logs.
>> I'm looking over that link now. I am always baffled why they give
>> instructions to do something by telling you to do it.
>> I'm talking about the "Increasing Diagnostics Logging". Any idea where I
>> would do that??
>>
>> Recipient update service has all the right stuff as far as I can tell.
>> Domain name config looks good
>> Under "Additional..."
>> #1 Modify is faded so I can't do that
>> #2 None of the new users are stamped
>> #3 The new ones have nothing in there
>> #4 Not running 2000
>> #5 If my phone would stop ringing I might get time to try this one.....
>>
>>
>>
>> "Michael Dragone" wrote in message
>> news:%230%23eOKeEJHA.4304@TK2MSFTNGP02.phx.gbl...
>>> Hmm. Could be a RUS issue. Do you see anything in the Event Logs
>>> relating to the Recipient Update Service? Have you taken a look at
>>> http://support.microsoft.com/?id=288807 yet?
>>>
>>> "Mark Morrell" wrote in message
>>> news:upA#y9dEJHA.1272@TK2MSFTNGP05.phx.gbl...
>>>> Just the default policy. General tab has: (mailnickname=*). E-mail
>>>> tab has the SMTP and X400 addresses.
>>>> LDAP - c=us;a= ;p=BHExchange;o=Exchange; (is this the filter you mean?)
>>>>
>>>> "Michael Dragone" wrote in message
>>>> news:OcQiT3dEJHA.768@TK2MSFTNGP05.phx.gbl...
>>>>> How many policies do you have? What LDAP filter would be applied to
>>>>> the one(s) with the X.400 address?
>>>>>
>>>>> "Mark Morrell" wrote in message
>>>>> news:uMkPmzdEJHA.4104@TK2MSFTNGP04.phx.gbl...
>>>>>> Ok, normally we just log the person in and setup the email. I just
>>>>>> never noticed about the permissions until we had problems. So that
>>>>>> part makes sense.
>>>>>>
>>>>>> Yes, the X400 and the SMTP have x's in the block.
>>>>>>
>>>>>>
>>>>>>
>>>>>> "Michael Dragone" wrote in message
>>>>>> news:uXaLKudEJHA.3288@TK2MSFTNGP03.phx.gbl...
>>>>>>> Newly created mailboxes with only have an ACE for SELF until the
>>>>>>> mailbox is logged in to or until it receives mail.
>>>>>>>
>>>>>>> Mailbox Rights for New Users Shows Only Self
>>>>>>> http://support.microsoft.com/?kbid=272153
>>>>>>>
>>>>>>> Do you have an X.400 address checked off in the recipient policy
>>>>>>> being applied to your newly created users? Look in Exchange System
>>>>>>> Manager under Organization\Receipients\Recipient Policies.
>>>>>>>
>>>>>>> "Mark Morrell" wrote in message
>>>>>>> news:u$WXLpdEJHA.3288@TK2MSFTNGP03.phx.gbl...
>>>>>>>> Exchange 2003 on server 2003 with all patches up to date.
>>>>>>>> Had a server crash, rebuilt on new box with disasterRecovery option
>>>>>>>> Old users working fine.
>>>>>>>>
>>>>>>>> But, when I create new users, they don't get any permissions except
>>>>>>>> Self.
>>>>>>>> SMTP address is created, but not the X400 address
>>>>>>>> After talking with Jamestechman I tried changing the user's
>>>>>>>> msExchUserAccountControl attribute in adsiedit to 0.
>>>>>>>> Then ran rebuild rus. Still nothing...until I send that user an
>>>>>>>> smtp email. Then the correct permissions propagate.
>>>>>>>> But still no X400 address.
>>>>>>>>
>>>>>>>> I tried manually adding the X400 address, but no go. It forced me
>>>>>>>> to add the ADMD but none of my other users have that block filled
>>>>>>>> in.
>>>>>>>>
>>>>>>>> I ran the best practices analyzer tool and it comes up clean.
>>>>>>>>
>>>>>>>> Any ideas how to fix this?
>>>>>>>>
>>>>>>>> Thanks in advance
>>>>>>>> Mark
>>>
>>
>>
date: Tue, 9 Sep 2008 07:38:05 -0500
author: Mark Morrell
Re: Still having problems with new users
Not sure if this sounds silly or not, but I'm desparate...
Could it be as simple as the Default Policy being corrupt somehow?
It won't let me modify on the general tab.
"Michael Dragone" wrote in message
news:ODYM0efEJHA.4420@TK2MSFTNGP06.phx.gbl...
> I'm sorry, I just realized I should've been clearer.
>
> You follow the instructions in KB 257725 to turn up the diagnostic
> logging, but need to follow the section below in KB 288807 to turn up the
> RUS-related components.
>
> To increase diagnostics logging:
> 1. Increase diagnostic logging to Maximum on the MSExchangeAL service for
> the following categories: LDAP Operations, Service Control and Address
> List Synchronization.
> 2. Then, in Exchange Server 2003, increase diagnostic logging to Maximum
> on the MSExchangeSA service for the Proxy Generation category.
> 3. Restart the System Attendant service and rebuild the Recipient Update
> Service.
> 4. Examine Application Log for indications of problems.
>
> "Mark Morrell" wrote in message
> news:uaRsoqeEJHA.4784@TK2MSFTNGP05.phx.gbl...
>> Nothing like that in the logs.
>> I'm looking over that link now. I am always baffled why they give
>> instructions to do something by telling you to do it.
>> I'm talking about the "Increasing Diagnostics Logging". Any idea where I
>> would do that??
>>
>> Recipient update service has all the right stuff as far as I can tell.
>> Domain name config looks good
>> Under "Additional..."
>> #1 Modify is faded so I can't do that
>> #2 None of the new users are stamped
>> #3 The new ones have nothing in there
>> #4 Not running 2000
>> #5 If my phone would stop ringing I might get time to try this one.....
>>
>>
>>
>> "Michael Dragone" wrote in message
>> news:%230%23eOKeEJHA.4304@TK2MSFTNGP02.phx.gbl...
>>> Hmm. Could be a RUS issue. Do you see anything in the Event Logs
>>> relating to the Recipient Update Service? Have you taken a look at
>>> http://support.microsoft.com/?id=288807 yet?
>>>
>>> "Mark Morrell" wrote in message
>>> news:upA#y9dEJHA.1272@TK2MSFTNGP05.phx.gbl...
>>>> Just the default policy. General tab has: (mailnickname=*). E-mail
>>>> tab has the SMTP and X400 addresses.
>>>> LDAP - c=us;a= ;p=BHExchange;o=Exchange; (is this the filter you mean?)
>>>>
>>>> "Michael Dragone" wrote in message
>>>> news:OcQiT3dEJHA.768@TK2MSFTNGP05.phx.gbl...
>>>>> How many policies do you have? What LDAP filter would be applied to
>>>>> the one(s) with the X.400 address?
>>>>>
>>>>> "Mark Morrell" wrote in message
>>>>> news:uMkPmzdEJHA.4104@TK2MSFTNGP04.phx.gbl...
>>>>>> Ok, normally we just log the person in and setup the email. I just
>>>>>> never noticed about the permissions until we had problems. So that
>>>>>> part makes sense.
>>>>>>
>>>>>> Yes, the X400 and the SMTP have x's in the block.
>>>>>>
>>>>>>
>>>>>>
>>>>>> "Michael Dragone" wrote in message
>>>>>> news:uXaLKudEJHA.3288@TK2MSFTNGP03.phx.gbl...
>>>>>>> Newly created mailboxes with only have an ACE for SELF until the
>>>>>>> mailbox is logged in to or until it receives mail.
>>>>>>>
>>>>>>> Mailbox Rights for New Users Shows Only Self
>>>>>>> http://support.microsoft.com/?kbid=272153
>>>>>>>
>>>>>>> Do you have an X.400 address checked off in the recipient policy
>>>>>>> being applied to your newly created users? Look in Exchange System
>>>>>>> Manager under Organization\Receipients\Recipient Policies.
>>>>>>>
>>>>>>> "Mark Morrell" wrote in message
>>>>>>> news:u$WXLpdEJHA.3288@TK2MSFTNGP03.phx.gbl...
>>>>>>>> Exchange 2003 on server 2003 with all patches up to date.
>>>>>>>> Had a server crash, rebuilt on new box with disasterRecovery option
>>>>>>>> Old users working fine.
>>>>>>>>
>>>>>>>> But, when I create new users, they don't get any permissions except
>>>>>>>> Self.
>>>>>>>> SMTP address is created, but not the X400 address
>>>>>>>> After talking with Jamestechman I tried changing the user's
>>>>>>>> msExchUserAccountControl attribute in adsiedit to 0.
>>>>>>>> Then ran rebuild rus. Still nothing...until I send that user an
>>>>>>>> smtp email. Then the correct permissions propagate.
>>>>>>>> But still no X400 address.
>>>>>>>>
>>>>>>>> I tried manually adding the X400 address, but no go. It forced me
>>>>>>>> to add the ADMD but none of my other users have that block filled
>>>>>>>> in.
>>>>>>>>
>>>>>>>> I ran the best practices analyzer tool and it comes up clean.
>>>>>>>>
>>>>>>>> Any ideas how to fix this?
>>>>>>>>
>>>>>>>> Thanks in advance
>>>>>>>> Mark
>>>
>>
>>
date: Tue, 9 Sep 2008 07:40:47 -0500
author: Mark Morrell
Re: Still having problems with new users
The Modify button is grayed out? By any chance do you have any Exchange 2007
servers installed and did you upgrade the policy to Exchange 2007?
"Mark Morrell" wrote in message
news:OFRpJlnEJHA.4504@TK2MSFTNGP05.phx.gbl...
> Not sure if this sounds silly or not, but I'm desparate...
> Could it be as simple as the Default Policy being corrupt somehow?
> It won't let me modify on the general tab.
>
>
> "Michael Dragone" wrote in message
> news:ODYM0efEJHA.4420@TK2MSFTNGP06.phx.gbl...
>> I'm sorry, I just realized I should've been clearer.
>>
>> You follow the instructions in KB 257725 to turn up the diagnostic
>> logging, but need to follow the section below in KB 288807 to turn up the
>> RUS-related components.
>>
>> To increase diagnostics logging:
>> 1. Increase diagnostic logging to Maximum on the MSExchangeAL service for
>> the following categories: LDAP Operations, Service Control and Address
>> List Synchronization.
>> 2. Then, in Exchange Server 2003, increase diagnostic logging to Maximum
>> on the MSExchangeSA service for the Proxy Generation category.
>> 3. Restart the System Attendant service and rebuild the Recipient Update
>> Service.
>> 4. Examine Application Log for indications of problems.
>>
>> "Mark Morrell" wrote in message
>> news:uaRsoqeEJHA.4784@TK2MSFTNGP05.phx.gbl...
>>> Nothing like that in the logs.
>>> I'm looking over that link now. I am always baffled why they give
>>> instructions to do something by telling you to do it.
>>> I'm talking about the "Increasing Diagnostics Logging". Any idea where
>>> I would do that??
>>>
>>> Recipient update service has all the right stuff as far as I can tell.
>>> Domain name config looks good
>>> Under "Additional..."
>>> #1 Modify is faded so I can't do that
>>> #2 None of the new users are stamped
>>> #3 The new ones have nothing in there
>>> #4 Not running 2000
>>> #5 If my phone would stop ringing I might get time to try this one.....
>>>
>>>
>>>
>>> "Michael Dragone" wrote in message
>>> news:%230%23eOKeEJHA.4304@TK2MSFTNGP02.phx.gbl...
>>>> Hmm. Could be a RUS issue. Do you see anything in the Event Logs
>>>> relating to the Recipient Update Service? Have you taken a look at
>>>> http://support.microsoft.com/?id=288807 yet?
>>>>
>>>> "Mark Morrell" wrote in message
>>>> news:upA#y9dEJHA.1272@TK2MSFTNGP05.phx.gbl...
>>>>> Just the default policy. General tab has: (mailnickname=*). E-mail
>>>>> tab has the SMTP and X400 addresses.
>>>>> LDAP - c=us;a= ;p=BHExchange;o=Exchange; (is this the filter you
>>>>> mean?)
>>>>>
>>>>> "Michael Dragone" wrote in message
>>>>> news:OcQiT3dEJHA.768@TK2MSFTNGP05.phx.gbl...
>>>>>> How many policies do you have? What LDAP filter would be applied to
>>>>>> the one(s) with the X.400 address?
>>>>>>
>>>>>> "Mark Morrell" wrote in message
>>>>>> news:uMkPmzdEJHA.4104@TK2MSFTNGP04.phx.gbl...
>>>>>>> Ok, normally we just log the person in and setup the email. I just
>>>>>>> never noticed about the permissions until we had problems. So that
>>>>>>> part makes sense.
>>>>>>>
>>>>>>> Yes, the X400 and the SMTP have x's in the block.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> "Michael Dragone" wrote in message
>>>>>>> news:uXaLKudEJHA.3288@TK2MSFTNGP03.phx.gbl...
>>>>>>>> Newly created mailboxes with only have an ACE for SELF until the
>>>>>>>> mailbox is logged in to or until it receives mail.
>>>>>>>>
>>>>>>>> Mailbox Rights for New Users Shows Only Self
>>>>>>>> http://support.microsoft.com/?kbid=272153
>>>>>>>>
>>>>>>>> Do you have an X.400 address checked off in the recipient policy
>>>>>>>> being applied to your newly created users? Look in Exchange System
>>>>>>>> Manager under Organization\Receipients\Recipient Policies.
>>>>>>>>
>>>>>>>> "Mark Morrell" wrote in message
>>>>>>>> news:u$WXLpdEJHA.3288@TK2MSFTNGP03.phx.gbl...
>>>>>>>>> Exchange 2003 on server 2003 with all patches up to date.
>>>>>>>>> Had a server crash, rebuilt on new box with disasterRecovery
>>>>>>>>> option
>>>>>>>>> Old users working fine.
>>>>>>>>>
>>>>>>>>> But, when I create new users, they don't get any permissions
>>>>>>>>> except Self.
>>>>>>>>> SMTP address is created, but not the X400 address
>>>>>>>>> After talking with Jamestechman I tried changing the user's
>>>>>>>>> msExchUserAccountControl attribute in adsiedit to 0.
>>>>>>>>> Then ran rebuild rus. Still nothing...until I send that user an
>>>>>>>>> smtp email. Then the correct permissions propagate.
>>>>>>>>> But still no X400 address.
>>>>>>>>>
>>>>>>>>> I tried manually adding the X400 address, but no go. It forced me
>>>>>>>>> to add the ADMD but none of my other users have that block filled
>>>>>>>>> in.
>>>>>>>>>
>>>>>>>>> I ran the best practices analyzer tool and it comes up clean.
>>>>>>>>>
>>>>>>>>> Any ideas how to fix this?
>>>>>>>>>
>>>>>>>>> Thanks in advance
>>>>>>>>> Mark
>>>>
>>>
>>>
>
>
date: Tue, 9 Sep 2008 09:33:54 -0400
author: Michael Dragone
Re: Still having problems with new users
Nope. I only have the one Exchange 2003 server. I don't even have the disk
for 07 yet.
I do have one workstation running Outlook 2007. Everything else is Outlook
2003.
"Michael Dragone" wrote in message
news:O$Bl1CoEJHA.3408@TK2MSFTNGP04.phx.gbl...
> The Modify button is grayed out? By any chance do you have any Exchange
> 2007 servers installed and did you upgrade the policy to Exchange 2007?
>
> "Mark Morrell" wrote in message
> news:OFRpJlnEJHA.4504@TK2MSFTNGP05.phx.gbl...
>> Not sure if this sounds silly or not, but I'm desparate...
>> Could it be as simple as the Default Policy being corrupt somehow?
>> It won't let me modify on the general tab.
>>
>>
>> "Michael Dragone" wrote in message
>> news:ODYM0efEJHA.4420@TK2MSFTNGP06.phx.gbl...
>>> I'm sorry, I just realized I should've been clearer.
>>>
>>> You follow the instructions in KB 257725 to turn up the diagnostic
>>> logging, but need to follow the section below in KB 288807 to turn up
>>> the RUS-related components.
>>>
>>> To increase diagnostics logging:
>>> 1. Increase diagnostic logging to Maximum on the MSExchangeAL service
>>> for the following categories: LDAP Operations, Service Control and
>>> Address List Synchronization.
>>> 2. Then, in Exchange Server 2003, increase diagnostic logging to Maximum
>>> on the MSExchangeSA service for the Proxy Generation category.
>>> 3. Restart the System Attendant service and rebuild the Recipient Update
>>> Service.
>>> 4. Examine Application Log for indications of problems.
>>>
>>> "Mark Morrell" wrote in message
>>> news:uaRsoqeEJHA.4784@TK2MSFTNGP05.phx.gbl...
>>>> Nothing like that in the logs.
>>>> I'm looking over that link now. I am always baffled why they give
>>>> instructions to do something by telling you to do it.
>>>> I'm talking about the "Increasing Diagnostics Logging". Any idea where
>>>> I would do that??
>>>>
>>>> Recipient update service has all the right stuff as far as I can tell.
>>>> Domain name config looks good
>>>> Under "Additional..."
>>>> #1 Modify is faded so I can't do that
>>>> #2 None of the new users are stamped
>>>> #3 The new ones have nothing in there
>>>> #4 Not running 2000
>>>> #5 If my phone would stop ringing I might get time to try this one.....
>>>>
>>>>
>>>>
>>>> "Michael Dragone" wrote in message
>>>> news:%230%23eOKeEJHA.4304@TK2MSFTNGP02.phx.gbl...
>>>>> Hmm. Could be a RUS issue. Do you see anything in the Event Logs
>>>>> relating to the Recipient Update Service? Have you taken a look at
>>>>> http://support.microsoft.com/?id=288807 yet?
>>>>>
>>>>> "Mark Morrell" wrote in message
>>>>> news:upA#y9dEJHA.1272@TK2MSFTNGP05.phx.gbl...
>>>>>> Just the default policy. General tab has: (mailnickname=*). E-mail
>>>>>> tab has the SMTP and X400 addresses.
>>>>>> LDAP - c=us;a= ;p=BHExchange;o=Exchange; (is this the filter you
>>>>>> mean?)
>>>>>>
>>>>>> "Michael Dragone" wrote in message
>>>>>> news:OcQiT3dEJHA.768@TK2MSFTNGP05.phx.gbl...
>>>>>>> How many policies do you have? What LDAP filter would be applied to
>>>>>>> the one(s) with the X.400 address?
>>>>>>>
>>>>>>> "Mark Morrell" wrote in message
>>>>>>> news:uMkPmzdEJHA.4104@TK2MSFTNGP04.phx.gbl...
>>>>>>>> Ok, normally we just log the person in and setup the email. I just
>>>>>>>> never noticed about the permissions until we had problems. So that
>>>>>>>> part makes sense.
>>>>>>>>
>>>>>>>> Yes, the X400 and the SMTP have x's in the block.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> "Michael Dragone" wrote in message
>>>>>>>> news:uXaLKudEJHA.3288@TK2MSFTNGP03.phx.gbl...
>>>>>>>>> Newly created mailboxes with only have an ACE for SELF until the
>>>>>>>>> mailbox is logged in to or until it receives mail.
>>>>>>>>>
>>>>>>>>> Mailbox Rights for New Users Shows Only Self
>>>>>>>>> http://support.microsoft.com/?kbid=272153
>>>>>>>>>
>>>>>>>>> Do you have an X.400 address checked off in the recipient policy
>>>>>>>>> being applied to your newly created users? Look in Exchange System
>>>>>>>>> Manager under Organization\Receipients\Recipient Policies.
>>>>>>>>>
>>>>>>>>> "Mark Morrell" wrote in message
>>>>>>>>> news:u$WXLpdEJHA.3288@TK2MSFTNGP03.phx.gbl...
>>>>>>>>>> Exchange 2003 on server 2003 with all patches up to date.
>>>>>>>>>> Had a server crash, rebuilt on new box with disasterRecovery
>>>>>>>>>> option
>>>>>>>>>> Old users working fine.
>>>>>>>>>>
>>>>>>>>>> But, when I create new users, they don't get any permissions
>>>>>>>>>> except Self.
>>>>>>>>>> SMTP address is created, but not the X400 address
>>>>>>>>>> After talking with Jamestechman I tried changing the user's
>>>>>>>>>> msExchUserAccountControl attribute in adsiedit to 0.
>>>>>>>>>> Then ran rebuild rus. Still nothing...until I send that user an
>>>>>>>>>> smtp email. Then the correct permissions propagate.
>>>>>>>>>> But still no X400 address.
>>>>>>>>>>
>>>>>>>>>> I tried manually adding the X400 address, but no go. It forced
>>>>>>>>>> me to add the ADMD but none of my other users have that block
>>>>>>>>>> filled in.
>>>>>>>>>>
>>>>>>>>>> I ran the best practices analyzer tool and it comes up clean.
>>>>>>>>>>
>>>>>>>>>> Any ideas how to fix this?
>>>>>>>>>>
>>>>>>>>>> Thanks in advance
>>>>>>>>>> Mark
>>>>>
>>>>
>>>>
>>
>>
date: Tue, 9 Sep 2008 08:55:24 -0500
author: Mark Morrell
Re: Still having problems with new users
Interesting. I forgot to ask this earlier, but you do have "Automatically
update e-mail address based on e-mail address policy" checked off on the
E-mail Addresses tab of the user account?
If so, try creating a new policy with a higher priority.
"Mark Morrell" wrote in message
news:OP7M2OoEJHA.1280@TK2MSFTNGP02.phx.gbl...
> Nope. I only have the one Exchange 2003 server. I don't even have the
> disk for 07 yet.
> I do have one workstation running Outlook 2007. Everything else is
> Outlook 2003.
>
> "Michael Dragone" wrote in message
> news:O$Bl1CoEJHA.3408@TK2MSFTNGP04.phx.gbl...
>> The Modify button is grayed out? By any chance do you have any Exchange
>> 2007 servers installed and did you upgrade the policy to Exchange 2007?
>>
>> "Mark Morrell" wrote in message
>> news:OFRpJlnEJHA.4504@TK2MSFTNGP05.phx.gbl...
>>> Not sure if this sounds silly or not, but I'm desparate...
>>> Could it be as simple as the Default Policy being corrupt somehow?
>>> It won't let me modify on the general tab.
>>>
>>>
>>> "Michael Dragone" wrote in message
>>> news:ODYM0efEJHA.4420@TK2MSFTNGP06.phx.gbl...
>>>> I'm sorry, I just realized I should've been clearer.
>>>>
>>>> You follow the instructions in KB 257725 to turn up the diagnostic
>>>> logging, but need to follow the section below in KB 288807 to turn up
>>>> the RUS-related components.
>>>>
>>>> To increase diagnostics logging:
>>>> 1. Increase diagnostic logging to Maximum on the MSExchangeAL service
>>>> for the following categories: LDAP Operations, Service Control and
>>>> Address List Synchronization.
>>>> 2. Then, in Exchange Server 2003, increase diagnostic logging to
>>>> Maximum on the MSExchangeSA service for the Proxy Generation category.
>>>> 3. Restart the System Attendant service and rebuild the Recipient
>>>> Update Service.
>>>> 4. Examine Application Log for indications of problems.
>>>>
>>>> "Mark Morrell" wrote in message
>>>> news:uaRsoqeEJHA.4784@TK2MSFTNGP05.phx.gbl...
>>>>> Nothing like that in the logs.
>>>>> I'm looking over that link now. I am always baffled why they give
>>>>> instructions to do something by telling you to do it.
>>>>> I'm talking about the "Increasing Diagnostics Logging". Any idea
>>>>> where I would do that??
>>>>>
>>>>> Recipient update service has all the right stuff as far as I can tell.
>>>>> Domain name config looks good
>>>>> Under "Additional..."
>>>>> #1 Modify is faded so I can't do that
>>>>> #2 None of the new users are stamped
>>>>> #3 The new ones have nothing in there
>>>>> #4 Not running 2000
>>>>> #5 If my phone would stop ringing I might get time to try this
>>>>> one.....
>>>>>
>>>>>
>>>>>
>>>>> "Michael Dragone" wrote in message
>>>>> news:%230%23eOKeEJHA.4304@TK2MSFTNGP02.phx.gbl...
>>>>>> Hmm. Could be a RUS issue. Do you see anything in the Event Logs
>>>>>> relating to the Recipient Update Service? Have you taken a look at
>>>>>> http://support.microsoft.com/?id=288807 yet?
>>>>>>
>>>>>> "Mark Morrell" wrote in message
>>>>>> news:upA#y9dEJHA.1272@TK2MSFTNGP05.phx.gbl...
>>>>>>> Just the default policy. General tab has: (mailnickname=*). E-mail
>>>>>>> tab has the SMTP and X400 addresses.
>>>>>>> LDAP - c=us;a= ;p=BHExchange;o=Exchange; (is this the filter you
>>>>>>> mean?)
>>>>>>>
>>>>>>> "Michael Dragone" wrote in message
>>>>>>> news:OcQiT3dEJHA.768@TK2MSFTNGP05.phx.gbl...
>>>>>>>> How many policies do you have? What LDAP filter would be applied to
>>>>>>>> the one(s) with the X.400 address?
>>>>>>>>
>>>>>>>> "Mark Morrell" wrote in message
>>>>>>>> news:uMkPmzdEJHA.4104@TK2MSFTNGP04.phx.gbl...
>>>>>>>>> Ok, normally we just log the person in and setup the email. I
>>>>>>>>> just never noticed about the permissions until we had problems.
>>>>>>>>> So that part makes sense.
>>>>>>>>>
>>>>>>>>> Yes, the X400 and the SMTP have x's in the block.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> "Michael Dragone" wrote in message
>>>>>>>>> news:uXaLKudEJHA.3288@TK2MSFTNGP03.phx.gbl...
>>>>>>>>>> Newly created mailboxes with only have an ACE for SELF until the
>>>>>>>>>> mailbox is logged in to or until it receives mail.
>>>>>>>>>>
>>>>>>>>>> Mailbox Rights for New Users Shows Only Self
>>>>>>>>>> http://support.microsoft.com/?kbid=272153
>>>>>>>>>>
>>>>>>>>>> Do you have an X.400 address checked off in the recipient policy
>>>>>>>>>> being applied to your newly created users? Look in Exchange
>>>>>>>>>> System Manager under Organization\Receipients\Recipient Policies.
>>>>>>>>>>
>>>>>>>>>> "Mark Morrell" wrote in message
>>>>>>>>>> news:u$WXLpdEJHA.3288@TK2MSFTNGP03.phx.gbl...
>>>>>>>>>>> Exchange 2003 on server 2003 with all patches up to date.
>>>>>>>>>>> Had a server crash, rebuilt on new box with disasterRecovery
>>>>>>>>>>> option
>>>>>>>>>>> Old users working fine.
>>>>>>>>>>>
>>>>>>>>>>> But, when I create new users, they don't get any permissions
>>>>>>>>>>> except Self.
>>>>>>>>>>> SMTP address is created, but not the X400 address
>>>>>>>>>>> After talking with Jamestechman I tried changing the user's
>>>>>>>>>>> msExchUserAccountControl attribute in adsiedit to 0.
>>>>>>>>>>> Then ran rebuild rus. Still nothing...until I send that user an
>>>>>>>>>>> smtp email. Then the correct permissions propagate.
>>>>>>>>>>> But still no X400 address.
>>>>>>>>>>>
>>>>>>>>>>> I tried manually adding the X400 address, but no go. It forced
>>>>>>>>>>> me to add the ADMD but none of my other users have that block
>>>>>>>>>>> filled in.
>>>>>>>>>>>
>>>>>>>>>>> I ran the best practices analyzer tool and it comes up clean.
>>>>>>>>>>>
>>>>>>>>>>> Any ideas how to fix this?
>>>>>>>>>>>
>>>>>>>>>>> Thanks in advance
>>>>>>>>>>> Mark
date: Tue, 9 Sep 2008 10:24:56 -0400
author: Michael Dragone
Re: Still having problems with new users
Yes, that is checked too.
Ok, tried the new policy. It gave it priority 1 (the default one
says"lowest"). I didn't see any way to modify that, but I figure 1 is
higher than lowest. :)
I did the rebuid again. No change. I tried creating another new user and
no email addresses show up at all.
"Michael Dragone" wrote in message
news:uPplWfoEJHA.4960@TK2MSFTNGP05.phx.gbl...
> Interesting. I forgot to ask this earlier, but you do have "Automatically
> update e-mail address based on e-mail address policy" checked off on the
> E-mail Addresses tab of the user account?
>
> If so, try creating a new policy with a higher priority.
>
> "Mark Morrell" wrote in message
> news:OP7M2OoEJHA.1280@TK2MSFTNGP02.phx.gbl...
>> Nope. I only have the one Exchange 2003 server. I don't even have the
>> disk for 07 yet.
>> I do have one workstation running Outlook 2007. Everything else is
>> Outlook 2003.
>>
>> "Michael Dragone" wrote in message
>> news:O$Bl1CoEJHA.3408@TK2MSFTNGP04.phx.gbl...
>>> The Modify button is grayed out? By any chance do you have any Exchange
>>> 2007 servers installed and did you upgrade the policy to Exchange 2007?
>>>
>>> "Mark Morrell" wrote in message
>>> news:OFRpJlnEJHA.4504@TK2MSFTNGP05.phx.gbl...
>>>> Not sure if this sounds silly or not, but I'm desparate...
>>>> Could it be as simple as the Default Policy being corrupt somehow?
>>>> It won't let me modify on the general tab.
>>>>
>>>>
>>>> "Michael Dragone" wrote in message
>>>> news:ODYM0efEJHA.4420@TK2MSFTNGP06.phx.gbl...
>>>>> I'm sorry, I just realized I should've been clearer.
>>>>>
>>>>> You follow the instructions in KB 257725 to turn up the diagnostic
>>>>> logging, but need to follow the section below in KB 288807 to turn up
>>>>> the RUS-related components.
>>>>>
>>>>> To increase diagnostics logging:
>>>>> 1. Increase diagnostic logging to Maximum on the MSExchangeAL service
>>>>> for the following categories: LDAP Operations, Service Control and
>>>>> Address List Synchronization.
>>>>> 2. Then, in Exchange Server 2003, increase diagnostic logging to
>>>>> Maximum on the MSExchangeSA service for the Proxy Generation category.
>>>>> 3. Restart the System Attendant service and rebuild the Recipient
>>>>> Update Service.
>>>>> 4. Examine Application Log for indications of problems.
>>>>>
>>>>> "Mark Morrell" wrote in message
>>>>> news:uaRsoqeEJHA.4784@TK2MSFTNGP05.phx.gbl...
>>>>>> Nothing like that in the logs.
>>>>>> I'm looking over that link now. I am always baffled why they give
>>>>>> instructions to do something by telling you to do it.
>>>>>> I'm talking about the "Increasing Diagnostics Logging". Any idea
>>>>>> where I would do that??
>>>>>>
>>>>>> Recipient update service has all the right stuff as far as I can
>>>>>> tell.
>>>>>> Domain name config looks good
>>>>>> Under "Additional..."
>>>>>> #1 Modify is faded so I can't do that
>>>>>> #2 None of the new users are stamped
>>>>>> #3 The new ones have nothing in there
>>>>>> #4 Not running 2000
>>>>>> #5 If my phone would stop ringing I might get time to try this
>>>>>> one.....
>>>>>>
>>>>>>
>>>>>>
>>>>>> "Michael Dragone" wrote in message
>>>>>> news:%230%23eOKeEJHA.4304@TK2MSFTNGP02.phx.gbl...
>>>>>>> Hmm. Could be a RUS issue. Do you see anything in the Event Logs
>>>>>>> relating to the Recipient Update Service? Have you taken a look at
>>>>>>> http://support.microsoft.com/?id=288807 yet?
>>>>>>>
>>>>>>> "Mark Morrell" wrote in message
>>>>>>> news:upA#y9dEJHA.1272@TK2MSFTNGP05.phx.gbl...
>>>>>>>> Just the default policy. General tab has: (mailnickname=*).
>>>>>>>> E-mail tab has the SMTP and X400 addresses.
>>>>>>>> LDAP - c=us;a= ;p=BHExchange;o=Exchange; (is this the filter you
>>>>>>>> mean?)
>>>>>>>>
>>>>>>>> "Michael Dragone" wrote in message
>>>>>>>> news:OcQiT3dEJHA.768@TK2MSFTNGP05.phx.gbl...
>>>>>>>>> How many policies do you have? What LDAP filter would be applied
>>>>>>>>> to the one(s) with the X.400 address?
>>>>>>>>>
>>>>>>>>> "Mark Morrell" wrote in message
>>>>>>>>> news:uMkPmzdEJHA.4104@TK2MSFTNGP04.phx.gbl...
>>>>>>>>>> Ok, normally we just log the person in and setup the email. I
>>>>>>>>>> just never noticed about the permissions until we had problems.
>>>>>>>>>> So that part makes sense.
>>>>>>>>>>
>>>>>>>>>> Yes, the X400 and the SMTP have x's in the block.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> "Michael Dragone" wrote in message
>>>>>>>>>> news:uXaLKudEJHA.3288@TK2MSFTNGP03.phx.gbl...
>>>>>>>>>>> Newly created mailboxes with only have an ACE for SELF until the
>>>>>>>>>>> mailbox is logged in to or until it receives mail.
>>>>>>>>>>>
>>>>>>>>>>> Mailbox Rights for New Users Shows Only Self
>>>>>>>>>>> http://support.microsoft.com/?kbid=272153
>>>>>>>>>>>
>>>>>>>>>>> Do you have an X.400 address checked off in the recipient policy
>>>>>>>>>>> being applied to your newly created users? Look in Exchange
>>>>>>>>>>> System Manager under Organization\Receipients\Recipient
>>>>>>>>>>> Policies.
>>>>>>>>>>>
>>>>>>>>>>> "Mark Morrell" wrote in message
>>>>>>>>>>> news:u$WXLpdEJHA.3288@TK2MSFTNGP03.phx.gbl...
>>>>>>>>>>>> Exchange 2003 on server 2003 with all patches up to date.
>>>>>>>>>>>> Had a server crash, rebuilt on new box with disasterRecovery
>>>>>>>>>>>> option
>>>>>>>>>>>> Old users working fine.
>>>>>>>>>>>>
>>>>>>>>>>>> But, when I create new users, they don't get any permissions
>>>>>>>>>>>> except Self.
>>>>>>>>>>>> SMTP address is created, but not the X400 address
>>>>>>>>>>>> After talking with Jamestechman I tried changing the user's
>>>>>>>>>>>> msExchUserAccountControl attribute in adsiedit to 0.
>>>>>>>>>>>> Then ran rebuild rus. Still nothing...until I send that user
>>>>>>>>>>>> an smtp email. Then the correct permissions propagate.
>>>>>>>>>>>> But still no X400 address.
>>>>>>>>>>>>
>>>>>>>>>>>> I tried manually adding the X400 address, but no go. It forced
>>>>>>>>>>>> me to add the ADMD but none of my other users have that block
>>>>>>>>>>>> filled in.
>>>>>>>>>>>>
>>>>>>>>>>>> I ran the best practices analyzer tool and it comes up clean.
>>>>>>>>>>>>
>>>>>>>>>>>> Any ideas how to fix this?
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks in advance
>>>>>>>>>>>> Mark
>
date: Tue, 9 Sep 2008 09:55:23 -0500
author: Mark Morrell
Re: Still having problems with new users
What LDAP filter are you applying to the policy? Still (mailnickname=*)?
"Mark Morrell" wrote in message
news:#x#iXwoEJHA.1268@TK2MSFTNGP05.phx.gbl...
> Yes, that is checked too.
> Ok, tried the new policy. It gave it priority 1 (the default one
> says"lowest"). I didn't see any way to modify that, but I figure 1 is
> higher than lowest. :)
> I did the rebuid again. No change. I tried creating another new user and
> no email addresses show up at all.
>
>
> "Michael Dragone" wrote in message
> news:uPplWfoEJHA.4960@TK2MSFTNGP05.phx.gbl...
>> Interesting. I forgot to ask this earlier, but you do have "Automatically
>> update e-mail address based on e-mail address policy" checked off on the
>> E-mail Addresses tab of the user account?
>>
>> If so, try creating a new policy with a higher priority.
>>
>> "Mark Morrell" wrote in message
>> news:OP7M2OoEJHA.1280@TK2MSFTNGP02.phx.gbl...
>>> Nope. I only have the one Exchange 2003 server. I don't even have the
>>> disk for 07 yet.
>>> I do have one workstation running Outlook 2007. Everything else is
>>> Outlook 2003.
>>>
>>> "Michael Dragone" wrote in message
>>> news:O$Bl1CoEJHA.3408@TK2MSFTNGP04.phx.gbl...
>>>> The Modify button is grayed out? By any chance do you have any Exchange
>>>> 2007 servers installed and did you upgrade the policy to Exchange 2007?
>>>>
>>>> "Mark Morrell" wrote in message
>>>> news:OFRpJlnEJHA.4504@TK2MSFTNGP05.phx.gbl...
>>>>> Not sure if this sounds silly or not, but I'm desparate...
>>>>> Could it be as simple as the Default Policy being corrupt somehow?
>>>>> It won't let me modify on the general tab.
>>>>>
>>>>>
>>>>> "Michael Dragone" wrote in message
>>>>> news:ODYM0efEJHA.4420@TK2MSFTNGP06.phx.gbl...
>>>>>> I'm sorry, I just realized I should've been clearer.
>>>>>>
>>>>>> You follow the instructions in KB 257725 to turn up the diagnostic
>>>>>> logging, but need to follow the section below in KB 288807 to turn up
>>>>>> the RUS-related components.
>>>>>>
>>>>>> To increase diagnostics logging:
>>>>>> 1. Increase diagnostic logging to Maximum on the MSExchangeAL service
>>>>>> for the following categories: LDAP Operations, Service Control and
>>>>>> Address List Synchronization.
>>>>>> 2. Then, in Exchange Server 2003, increase diagnostic logging to
>>>>>> Maximum on the MSExchangeSA service for the Proxy Generation
>>>>>> category.
>>>>>> 3. Restart the System Attendant service and rebuild the Recipient
>>>>>> Update Service.
>>>>>> 4. Examine Application Log for indications of problems.
>>>>>>
>>>>>> "Mark Morrell" wrote in message
>>>>>> news:uaRsoqeEJHA.4784@TK2MSFTNGP05.phx.gbl...
>>>>>>> Nothing like that in the logs.
>>>>>>> I'm looking over that link now. I am always baffled why they give
>>>>>>> instructions to do something by telling you to do it.
>>>>>>> I'm talking about the "Increasing Diagnostics Logging". Any idea
>>>>>>> where I would do that??
>>>>>>>
>>>>>>> Recipient update service has all the right stuff as far as I can
>>>>>>> tell.
>>>>>>> Domain name config looks good
>>>>>>> Under "Additional..."
>>>>>>> #1 Modify is faded so I can't do that
>>>>>>> #2 None of the new users are stamped
>>>>>>> #3 The new ones have nothing in there
>>>>>>> #4 Not running 2000
>>>>>>> #5 If my phone would stop ringing I might get time to try this
>>>>>>> one.....
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> "Michael Dragone" wrote in message
>>>>>>> news:%230%23eOKeEJHA.4304@TK2MSFTNGP02.phx.gbl...
>>>>>>>> Hmm. Could be a RUS issue. Do you see anything in the Event Logs
>>>>>>>> relating to the Recipient Update Service? Have you taken a look at
>>>>>>>> http://support.microsoft.com/?id=288807 yet?
>>>>>>>>
>>>>>>>> "Mark Morrell" wrote in message
>>>>>>>> news:upA#y9dEJHA.1272@TK2MSFTNGP05.phx.gbl...
>>>>>>>>> Just the default policy. General tab has: (mailnickname=*).
>>>>>>>>> E-mail tab has the SMTP and X400 addresses.
>>>>>>>>> LDAP - c=us;a= ;p=BHExchange;o=Exchange; (is this the filter you
>>>>>>>>> mean?)
>>>>>>>>>
>>>>>>>>> "Michael Dragone" wrote in message
>>>>>>>>> news:OcQiT3dEJHA.768@TK2MSFTNGP05.phx.gbl...
>>>>>>>>>> How many policies do you have? What LDAP filter would be applied
>>>>>>>>>> to the one(s) with the X.400 address?
>>>>>>>>>>
>>>>>>>>>> "Mark Morrell" wrote in message
>>>>>>>>>> news:uMkPmzdEJHA.4104@TK2MSFTNGP04.phx.gbl...
>>>>>>>>>>> Ok, normally we just log the person in and setup the email. I
>>>>>>>>>>> just never noticed about the permissions until we had problems.
>>>>>>>>>>> So that part makes sense.
>>>>>>>>>>>
>>>>>>>>>>> Yes, the X400 and the SMTP have x's in the block.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> "Michael Dragone" wrote in message
>>>>>>>>>>> news:uXaLKudEJHA.3288@TK2MSFTNGP03.phx.gbl...
>>>>>>>>>>>> Newly created mailboxes with only have an ACE for SELF until
>>>>>>>>>>>> the mailbox is logged in to or until it receives mail.
>>>>>>>>>>>>
>>>>>>>>>>>> Mailbox Rights for New Users Shows Only Self
>>>>>>>>>>>> http://support.microsoft.com/?kbid=272153
>>>>>>>>>>>>
>>>>>>>>>>>> Do you have an X.400 address checked off in the recipient
>>>>>>>>>>>> policy being applied to your newly created users? Look in
>>>>>>>>>>>> Exchange System Manager under
>>>>>>>>>>>> Organization\Receipients\Recipient Policies.
>>>>>>>>>>>>
>>>>>>>>>>>> "Mark Morrell" wrote in message
>>>>>>>>>>>> news:u$WXLpdEJHA.3288@TK2MSFTNGP03.phx.gbl...
>>>>>>>>>>>>> Exchange 2003 on server 2003 with all patches up to date.
>>>>>>>>>>>>> Had a server crash, rebuilt on new box with disasterRecovery
>>>>>>>>>>>>> option
>>>>>>>>>>>>> Old users working fine.
>>>>>>>>>>>>>
>>>>>>>>>>>>> But, when I create new users, they don't get any permissions
>>>>>>>>>>>>> except Self.
>>>>>>>>>>>>> SMTP address is created, but not the X400 address
>>>>>>>>>>>>> After talking with Jamestechman I tried changing the user's
>>>>>>>>>>>>> msExchUserAccountControl attribute in adsiedit to 0.
>>>>>>>>>>>>> Then ran rebuild rus. Still nothing...until I send that user
>>>>>>>>>>>>> an smtp email. Then the correct permissions propagate.
>>>>>>>>>>>>> But still no X400 address.
>>>>>>>>>>>>>
>>>>>>>>>>>>> I tried manually adding the X400 address, but no go. It
>>>>>>>>>>>>> forced me to add the ADMD but none of my other users have that
>>>>>>>>>>>>> block filled in.
>>>>>>>>>>>>>
>>>>>>>>>>>>> I ran the best practices analyzer tool and it comes up clean.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Any ideas how to fix this?
>>>>>>>>>>>>>
>>>>>>>>>>>>> Thanks in advance
>>>>>>>>>>>>> Mark
>>
>
>
date: Tue, 9 Sep 2008 11:04:16 -0400
author: Michael Dragone
Re: Still having problems with new users
I couldn't figure out how to get just that on it. It wouldn't let me remove
all the checks and type in what I wanted so I left the first check on (Users
with Exchange mailbox). Now it reads:
(&(&(& (mailnickname=*) (|
(&(objectCategory=person)(objectClass=user)(|(homeMDB=*)(msExchHomeServerName=*)))
))))
"Michael Dragone" wrote in message
news:uSuaV1oEJHA.4492@TK2MSFTNGP05.phx.gbl...
> What LDAP filter are you applying to the policy? Still (mailnickname=*)?
>
> "Mark Morrell" wrote in message
> news:#x#iXwoEJHA.1268@TK2MSFTNGP05.phx.gbl...
>> Yes, that is checked too.
>> Ok, tried the new policy. It gave it priority 1 (the default one
>> says"lowest"). I didn't see any way to modify that, but I figure 1 is
>> higher than lowest. :)
>> I did the rebuid again. No change. I tried creating another new user
>> and no email addresses show up at all.
>>
>>
>> "Michael Dragone" wrote in message
>> news:uPplWfoEJHA.4960@TK2MSFTNGP05.phx.gbl...
>>> Interesting. I forgot to ask this earlier, but you do have
>>> "Automatically update e-mail address based on e-mail address policy"
>>> checked off on the E-mail Addresses tab of the user account?
>>>
>>> If so, try creating a new policy with a higher priority.
>>>
>>> "Mark Morrell" wrote in message
>>> news:OP7M2OoEJHA.1280@TK2MSFTNGP02.phx.gbl...
>>>> Nope. I only have the one Exchange 2003 server. I don't even have the
>>>> disk for 07 yet.
>>>> I do have one workstation running Outlook 2007. Everything else is
>>>> Outlook 2003.
>>>>
>>>> "Michael Dragone" wrote in message
>>>> news:O$Bl1CoEJHA.3408@TK2MSFTNGP04.phx.gbl...
>>>>> The Modify button is grayed out? By any chance do you have any
>>>>> Exchange 2007 servers installed and did you upgrade the policy to
>>>>> Exchange 2007?
>>>>>
>>>>> "Mark Morrell" wrote in message
>>>>> news:OFRpJlnEJHA.4504@TK2MSFTNGP05.phx.gbl...
>>>>>> Not sure if this sounds silly or not, but I'm desparate...
>>>>>> Could it be as simple as the Default Policy being corrupt somehow?
>>>>>> It won't let me modify on the general tab.
>>>>>>
>>>>>>
>>>>>> "Michael Dragone" wrote in message
>>>>>> news:ODYM0efEJHA.4420@TK2MSFTNGP06.phx.gbl...
>>>>>>> I'm sorry, I just realized I should've been clearer.
>>>>>>>
>>>>>>> You follow the instructions in KB 257725 to turn up the diagnostic
>>>>>>> logging, but need to follow the section below in KB 288807 to turn
>>>>>>> up the RUS-related components.
>>>>>>>
>>>>>>> To increase diagnostics logging:
>>>>>>> 1. Increase diagnostic logging to Maximum on the MSExchangeAL
>>>>>>> service for the following categories: LDAP Operations, Service
>>>>>>> Control and Address List Synchronization.
>>>>>>> 2. Then, in Exchange Server 2003, increase diagnostic logging to
>>>>>>> Maximum on the MSExchangeSA service for the Proxy Generation
>>>>>>> category.
>>>>>>> 3. Restart the System Attendant service and rebuild the Recipient
>>>>>>> Update Service.
>>>>>>> 4. Examine Application Log for indications of problems.
>>>>>>>
>>>>>>> "Mark Morrell" wrote in message
>>>>>>> news:uaRsoqeEJHA.4784@TK2MSFTNGP05.phx.gbl...
>>>>>>>> Nothing like that in the logs.
>>>>>>>> I'm looking over that link now. I am always baffled why they give
>>>>>>>> instructions to do something by telling you to do it.
>>>>>>>> I'm talking about the "Increasing Diagnostics Logging". Any idea
>>>>>>>> where I would do that??
>>>>>>>>
>>>>>>>> Recipient update service has all the right stuff as far as I can
>>>>>>>> tell.
>>>>>>>> Domain name config looks good
>>>>>>>> Under "Additional..."
>>>>>>>> #1 Modify is faded so I can't do that
>>>>>>>> #2 None of the new users are stamped
>>>>>>>> #3 The new ones have nothing in there
>>>>>>>> #4 Not running 2000
>>>>>>>> #5 If my phone would stop ringing I might get time to try this
>>>>>>>> one.....
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> "Michael Dragone" wrote in message
>>>>>>>> news:%230%23eOKeEJHA.4304@TK2MSFTNGP02.phx.gbl...
>>>>>>>>> Hmm. Could be a RUS issue. Do you see anything in the Event Logs
>>>>>>>>> relating to the Recipient Update Service? Have you taken a look at
>>>>>>>>> http://support.microsoft.com/?id=288807 yet?
>>>>>>>>>
>>>>>>>>> "Mark Morrell" wrote in message
>>>>>>>>> news:upA#y9dEJHA.1272@TK2MSFTNGP05.phx.gbl...
>>>>>>>>>> Just the default policy. General tab has: (mailnickname=*).
>>>>>>>>>> E-mail tab has the SMTP and X400 addresses.
>>>>>>>>>> LDAP - c=us;a= ;p=BHExchange;o=Exchange; (is this the filter you
>>>>>>>>>> mean?)
>>>>>>>>>>
>>>>>>>>>> "Michael Dragone" wrote in message
>>>>>>>>>> news:OcQiT3dEJHA.768@TK2MSFTNGP05.phx.gbl...
>>>>>>>>>>> How many policies do you have? What LDAP filter would be applied
>>>>>>>>>>> to the one(s) with the X.400 address?
>>>>>>>>>>>
>>>>>>>>>>> "Mark Morrell" wrote in message
>>>>>>>>>>> news:uMkPmzdEJHA.4104@TK2MSFTNGP04.phx.gbl...
>>>>>>>>>>>> Ok, normally we just log the person in and setup the email. I
>>>>>>>>>>>> just never noticed about the permissions until we had problems.
>>>>>>>>>>>> So that part makes sense.
>>>>>>>>>>>>
>>>>>>>>>>>> Yes, the X400 and the SMTP have x's in the block.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> "Michael Dragone" wrote in message
>>>>>>>>>>>> news:uXaLKudEJHA.3288@TK2MSFTNGP03.phx.gbl...
>>>>>>>>>>>>> Newly created mailboxes with only have an ACE for SELF until
>>>>>>>>>>>>> the mailbox is logged in to or until it receives mail.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Mailbox Rights for New Users Shows Only Self
>>>>>>>>>>>>> http://support.microsoft.com/?kbid=272153
>>>>>>>>>>>>>
>>>>>>>>>>>>> Do you have an X.400 address checked off in the recipient
>>>>>>>>>>>>> policy being applied to your newly created users? Look in
>>>>>>>>>>>>> Exchange System Manager under
>>>>>>>>>>>>> Organization\Receipients\Recipient Policies.
>>>>>>>>>>>>>
>>>>>>>>>>>>> "Mark Morrell" wrote in message
>>>>>>>>>>>>> news:u$WXLpdEJHA.3288@TK2MSFTNGP03.phx.gbl...
>>>>>>>>>>>>>> Exchange 2003 on server 2003 with all patches up to date.
>>>>>>>>>>>>>> Had a server crash, rebuilt on new box with disasterRecovery
>>>>>>>>>>>>>> option
>>>>>>>>>>>>>> Old users working fine.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> But, when I create new users, they don't get any permissions
>>>>>>>>>>>>>> except Self.
>>>>>>>>>>>>>> SMTP address is created, but not the X400 address
>>>>>>>>>>>>>> After talking with Jamestechman I tried changing the user's
>>>>>>>>>>>>>> msExchUserAccountControl attribute in adsiedit to 0.
>>>>>>>>>>>>>> Then ran rebuild rus. Still nothing...until I send that user
>>>>>>>>>>>>>> an smtp email. Then the correct permissions propagate.
>>>>>>>>>>>>>> But still no X400 address.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I tried manually adding the X400 address, but no go. It
>>>>>>>>>>>>>> forced me to add the ADMD but none of my other users have
>>>>>>>>>>>>>> that block filled in.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I ran the best practices analyzer tool and it comes up clean.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Any ideas how to fix this?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Thanks in advance
>>>>>>>>>>>>>> Mark
>>>
>>
>>
date: Tue, 9 Sep 2008 10:21:50 -0500
author: Mark Morrell
Re: Still having problems with new users
Okay. And you have an SMTP and/or X.400 address configured and checked off
on that policy?
"Mark Morrell" wrote in message
news:un6ZJ$oEJHA.4420@TK2MSFTNGP06.phx.gbl...
> I couldn't figure out how to get just that on it. It wouldn't let me
> remove all the checks and type in what I wanted so I left the first check
> on (Users with Exchange mailbox). Now it reads:
> (&(&(& (mailnickname=*) (|
> (&(objectCategory=person)(objectClass=user)(|(homeMDB=*)(msExchHomeServerName=*)))
> ))))
>
>
> "Michael Dragone" wrote in message
> news:uSuaV1oEJHA.4492@TK2MSFTNGP05.phx.gbl...
>> What LDAP filter are you applying to the policy? Still (mailnickname=*)?
>>
>> "Mark Morrell" wrote in message
>> news:#x#iXwoEJHA.1268@TK2MSFTNGP05.phx.gbl...
>>> Yes, that is checked too.
>>> Ok, tried the new policy. It gave it priority 1 (the default one
>>> says"lowest"). I didn't see any way to modify that, but I figure 1 is
>>> higher than lowest. :)
>>> I did the rebuid again. No change. I tried creating another new user
>>> and no email addresses show up at all.
>>>
>>>
>>> "Michael Dragone" wrote in message
>>> news:uPplWfoEJHA.4960@TK2MSFTNGP05.phx.gbl...
>>>> Interesting. I forgot to ask this earlier, but you do have
>>>> "Automatically update e-mail address based on e-mail address policy"
>>>> checked off on the E-mail Addresses tab of the user account?
>>>>
>>>> If so, try creating a new policy with a higher priority.
>>>>
>>>> "Mark Morrell" wrote in message
>>>> news:OP7M2OoEJHA.1280@TK2MSFTNGP02.phx.gbl...
>>>>> Nope. I only have the one Exchange 2003 server. I don't even have
>>>>> the disk for 07 yet.
>>>>> I do have one workstation running Outlook 2007. Everything else is
>>>>> Outlook 2003.
>>>>>
>>>>> "Michael Dragone" wrote in message
>>>>> news:O$Bl1CoEJHA.3408@TK2MSFTNGP04.phx.gbl...
>>>>>> The Modify button is grayed out? By any chance do you have any
>>>>>> Exchange 2007 servers installed and did you upgrade the policy to
>>>>>> Exchange 2007?
>>>>>>
>>>>>> "Mark Morrell" wrote in message
>>>>>> news:OFRpJlnEJHA.4504@TK2MSFTNGP05.phx.gbl...
>>>>>>> Not sure if this sounds silly or not, but I'm desparate...
>>>>>>> Could it be as simple as the Default Policy being corrupt somehow?
>>>>>>> It won't let me modify on the general tab.
>>>>>>>
>>>>>>>
>>>>>>> "Michael Dragone" wrote in message
>>>>>>> news:ODYM0efEJHA.4420@TK2MSFTNGP06.phx.gbl...
>>>>>>>> I'm sorry, I just realized I should've been clearer.
>>>>>>>>
>>>>>>>> You follow the instructions in KB 257725 to turn up the diagnostic
>>>>>>>> logging, but need to follow the section below in KB 288807 to turn
>>>>>>>> up the RUS-related components.
>>>>>>>>
>>>>>>>> To increase diagnostics logging:
>>>>>>>> 1. Increase diagnostic logging to Maximum on the MSExchangeAL
>>>>>>>> service for the following categories: LDAP Operations, Service
>>>>>>>> Control and Address List Synchronization.
>>>>>>>> 2. Then, in Exchange Server 2003, increase diagnostic logging to
>>>>>>>> Maximum on the MSExchangeSA service for the Proxy Generation
>>>>>>>> category.
>>>>>>>> 3. Restart the System Attendant service and rebuild the Recipient
>>>>>>>> Update Service.
>>>>>>>> 4. Examine Application Log for indications of problems.
date: Tue, 9 Sep 2008 11:28:04 -0400
author: Michael Dragone
|
