Today I came across a mysterious problem when trying to open a Exchange 2016 mailbox in Outlook or in Outlook Web Access… but first, let me describe the situation: This AD had many years ago an old Exchange Server installed (maybe 5.5. or so) which was substituted by another MTA. Now the company migrates another time, you are already guessing right: back to Exchange, Version 2016.

During my first days of preparing the new Exchange Server and asking some people to open their Outlook for the first time, some were able to use it without problems, others were not.
OWA was showing the following error message:

Google suggested that the mailbox might be quarantined, I should check the registry for the GUID of the quarantined mailbox and so on… This was not the cause, the whole key described by others was missing, so the cause must be another.
After some days of thinking about it, I compared the AD-User-Objects with the ADSI-Editor and came across the „legacyExchangeDN“ attribute.

– Old users had the value „ADCDISABLED“ set


– new users, which could connect their Outlook to the server without problems, had values like this:

/o=First Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=24e0ce336649437d964ba623e807b642-USER

I began to read about the legacyExchangeValue and read a few times, that the part after cn=Recipients consists of 3 random hex values and the username
I couldn’t find any solution about how to recreate this value, because simply leaving it empty helped nothing, despite the Eventlog got filled with NDR-warnings 😉
At some point I realized what I have read before „3 random hex values“ … random!
I copied the attribute value from another new and working user and changed only one digit in the hex part… Bingo!

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.

Diese Website verwendet Akismet, um Spam zu reduzieren. Erfahre mehr darüber, wie deine Kommentardaten verarbeitet werden.