Mailbox-Enabling User Objects
To mailbox-enable a user or inetOrgPerson object, the Exchange
administrator must apply the Exchange delegated role, Exchange View-
Only Administrator (or higher), on the target administrative group.
In addition, the Exchange administrator must have Read and Write
access to the following user or inetOrgPerson object attributes:
• adminDisplayName
• autoReplyMessage (ILS Settings)
• displayName (Display Name)
• dLMemDefault
• homeMDB (Exchange Mailbox Store)
• homeMTA
• legacyExchangeDN
• mail (E-Mail Address)
• mailNickname (Alias)
• mAPIRecipient
• mDBUseDefaults
• msExchADCGlobalNames
• msExchControllingZone
• msExchFBURL
• msExchHideFromAddressLists
• msExchHomeServerName (Exchange Home Server)
• msExchMailboxGuid
• msExchMailboxSecurityDescriptor
• msExchPoliciesExcluded
• msExchPoliciesIncluded
• msExchResourceGUID
• msExchUserAccountControl
• proxyAddresses (Proxy Addresses)
• showInAddressBook
• targetAddress
• textEncodedORAddress
Also make sure that the user\group has read access on the store itself
if it doesn't show up when you're creating the mailbox.
Working with Active Directory Permissions in Microsoft Exchange Server
2003
http://www.microsoft.com/downloads/details.aspx?familyid=0954b157-5add-48b8-9657-b95ac5bfe0a2&displaylang=en
James Chong (MVP)
MCITP | EMA; MCSE | M+, S+,
Security+, Project+, ITIL
msexchangetips.blogspot.com
On Aug 19, 6:33 am, Andersen @ DK