Re: Can't Update/Change EMail address on EMail Tab
![Lanwench [MVP - Exchange]'s profile photo](https://lh3.googleusercontent.com/a/default-user=s40-c)
Lanwench [MVP - Exchange]
> Folks.....I cannot change e-mail addresses on the e-mail tab in our
> Active Directory.
>
> History: We were running Exchange 2000 on Windows 2000 when we had a
> significant failure and for various reasons did not repair or
> reinstall Exchange 2000 for several months. Our users used another
> e-mail service/ISP during this period. Those users had e-mail
> addresses of the form xxx...@ISPxxx.Net in the Active Directory. Note our
> Active Directory Domain is USqqq.Com.
>
> Now that Exchange is back up and running, only my id with a USqqq.Com
> e-mail address and one new user's id can be "Changed or Editted" on
> the E-Mail tab in the Active Directory.
>
> What's going on and how can I fix it? Thanks.....RDK
What's in your recipient policy?
RDK
The "recipient policy" is "default" and contains the following entries:
MS (Unchecked) USqqqExc/FirstAdmin
SMTP (Checked) @Postoffice.ISPxxx.Net
SMTP (Checked and Bold) @OurLocn.USqqq.Com
X400 (Checked and bold) c=US; a= ;p=USqqq Exchange;o=Exchange;
Does this help in answering my question? ....RDK
"Lanwench [MVP - Exchange]"
<lanw...@heybuddy.donotsendme.unsolicitedmailatyahoo.com> wrote in message
news:%23CDknw4...@TK2MSFTNGP06.phx.gbl...
Lanwench [MVP - Exchange]
> Thanks for your reply.
>
> The "recipient policy" is "default" and contains the following
> entries: MS (Unchecked) USqqqExc/FirstAdmin
> SMTP (Checked) @Postoffice.ISPxxx.Net
> SMTP (Checked and Bold) @OurLocn.USqqq.Com
> X400 (Checked and bold) c=US; a= ;p=USqqq Exchange;o=Exchange;
>
> Does this help in answering my question? ....RDK
Yes, although I suspect one of those SMTP policies has "smtp" (lower case)
as the uppercase one is the default. Change SMTP @postoffice.ispxxx.net to
@mydomain.com and it should update all your recipients accordingly (make
sure it's the default!).
You could also rerun the CEICW to accomplish this. I hope you aren't using
the dreaded POOP connector.
Ace Fekay [MCT]
<lanw...@heybuddy.donotsendme.unsolicitedmailatyahoo.com> wrote in message
<snipped>
>
> You could also rerun the CEICW to accomplish this. I hope you aren't using
> the dreaded POOP connector.
Oh, isn't that's the new Post Office Object Protocol connector, or the
Pooled Out of Process connector?
:-)
Ace Fekay [MCT]
news:u2tV3NDe...@TK2MSFTNGP05.phx.gbl...
> Folks...We have tried all of the items in the responses to this note
> (thanks for your efforts) without effect , we still can not edit the
> entries in the "E-mail Address" tab of the Active Directory!!
>
> In frustration I brought up the properties tables for my "power" id (which
> will allow editing) and my "normal" id (which will not allow editing). I
> went through the tabs one-by-one and low and behold when I got to the
> "Exchange General" tab I detected a difference which we had not noticed
> before!!!
>
> My "power" id has the MAILBOX STORE value as "ServerX/First Storage
> Group/Mailbox Store(ServerX)" while my other id has HOME SERVER as
> "USqqq/First Administrative Group/ServerX". Thus I can only assume there
> is something left over somewhere from the old Exchange 2000 installation.
> I Google'ed "Exchange 2000 First Administrative Group" and got a MS KB
> article 307917 which talked about how to remove the "First Exchange
> Server...". That server died several years ago. It was replaced by the
> version that crashed earlier this year (not having good luck with servers)
> and now has been replaced by this server/installation.
>
> Can you help?????
>
> Thanks again for your previous help and hope this will provide the
> necessary clues to solve this issue.....RDK
>
It appears you have more going on than meets the eye. Was the lost Exchagne
server the first Exchange server introduced into the domain?
If you lost the very first Exchagne server that was in the organization
without moving the System and Hidden folders, there are some repercussions,
sucha s with the RUS, OAB and losing Free/Busy info. If your users don't use
Meeting Requests, you may not have noticed the last one. If the tabs show
inconsistency, it could also indicate an AD issue.
As for removing the first Exchange server in the org, read the following.
How to remove the first Exchange Server 2003 computer from the organization
This article describes the steps to remove the first Microsoft Exchange
Server 2003 computer from an administrative group. The first Exchange Server
2003 ...
http://support.microsoft.com/kb/822931
XADM: How to Remove the First Exchange Server in a Site
This article outlines the steps necessary to remove the first Microsoft
Exchange Server computer installed in an Exchange Server site.
http://support.microsoft.com/kb/152959
Here's what can happen if the first server is lost without replicating the
System and Hidden folders, such as with the Free/Busy folder.
Schedule+ Free/Busy system folder is missingWhen you migrate the first
Microsoft Exchange Server 5.5 computer in the site to Microsoft Exchange
2000 Server or to Microsoft Exchange Server 2003, ...
http://support.microsoft.com/kb/284200
How to reset system folders in Exchange Server 2003
http://support.microsoft.com/kb/822444/en-us
Also, please post an ipconfig /all from your DC, Exchange server and a
sample workstation to help us evaluate your AD configuration to eliminate
some basic issues. Also if there are more than one DC, indicate if any of
them are multihomed (more than one NIC, more than one IP or has RRAS
installed).
Ace
Lanwench [MVP - Exchange]
Additionally, I suggest posting a brand-new, up to date post in
microsoft.public.exchange.admin. That gets the most traffic of all the
Exchange groups on the MS news servers. Recap what happened, briefly, and
make sure to include all pertinent versions & SP levels.
RDK
Thanks for your comments and help so far. We are discussing your
information requests to try and determine if there are security or privacy
issues with posting that on a public forum site. I'll get back to you when
we have this sorted out locally. Thanks again.....RDK
"Lanwench [MVP - Exchange]"
<lanw...@heybuddy.donotsendme.unsolicitedmailatyahoo.com> wrote in message
news:em4akGde...@TK2MSFTNGP02.phx.gbl...
Ace Fekay [MCT]
> Lanwench and Ace,
>
> Thanks for your comments and help so far. We are discussing your
> information requests to try and determine if there are security or privacy
> issues with posting that on a public forum site. I'll get back to you
> when we have this sorted out locally. Thanks again.....RDK
You are welcome.
Just an FYI, many folks post their ipconfigs. You can munge the Primary DNS
Suffix and other suffixes, to hide the internal name, however just keep them
in the same "form" such as if it is somedomain.local, you can chagne it to
'mydomain.local.' However, keep the IP, subnet and other info intact,
because I assume you are using private IP ranges. If you try to munge them,
more than likely there will be an error which just generates more questions
regarding the configs, which delays assistance.
If you are concerned with security and cannot post the info, it may be to
your advantage to contact Microsoft PSS directly. Check
http://support.microsoft.com for regional phone numbers. They will fix it
fast, for a low price. If you have an SA, you are entitled to a number of
support calls as part of your agreement. If this issue you are experiencing
is causing issues with productivity, then that will be your best course of
action to eliminate any further delays in resolving it.
Ace
RDK
the problem in this note and will also post it later to the other forums
that you suggested (after I re-read it, etc).....
Now to your last reply:
"It appears you have more going on than meets the eye. Was the lost
Exchange server the first Exchange server introduced into the domain?"
The history of this/these Exchange servers is:
1) the original Exchange 2000 server (Coachman) was installed in 2002 and
ran fine until we thought there were signs of hard disk problems in 2005.
2) we got a new server in 2005 with RAID hard drive technology and installed
Windows 2000 server and Exchange 2000 (Cricket). Got everything running and
then decommissioned the original Exchange 2000 server(Coachman). As we
recall we did follow the process for removing the original server files and
entries. Everything worked fine and all users were happy until...
3) in late 2008 we had a hard disk problem and lost everything (yes, even
with RAID). At that point we abandoned Exchange and our users used another
e-mail service/ISP during this period. Those users had e-mail addresses of
the form xxx...@ISPxxx.Net in the Active Directory. Note our Active
Directory Domain is "USqqq.Cal" and this location is "OurLocn.USqqq.Cal"
4) Summer 2009 we corrected the hardware issues with the sever and rebuilt
it with Window 2000 server and Exchange 2000, using the same name(Cricket)
as the second Exchange server which failed 6 months earlier. The server
entries were removed from the Active Directory before we rebuilt the
machine.
5) The installation seemed to go fine and all seemed to be working, but we
did not put it into production right away due to other priorities. In
October we started trying to get folks back onto Exchange and discovered
that only my ID and any new user ID's seemed to be recognized by Exchange
and the E-Mail tab in the Active Directory for old users would not allow one
to remove or edit the e-mail addresses.
Since then, thanks to you folks, we have investigated several possibilities:
A) The "Recipient Policy":
The "recipient policy" is "default" and contains the following entries:
MS (Unchecked) USqqqExc/FirstAdmin
smtp (Checked) @Postoffice.ISPxxx.Net
SMTP (Checked and Bold) @OurLocn.USqqq.Cal
X400 (Checked and bold) c=US; a= ;p=USqqq Exchange;o=Exchange;
Several modifications of this policy did not change the problem with old
users in the Active Directory.
The current policy read like this:
The "recipient policy" is "default" and contains the following entries:
MS (Unchecked) USqqqExc/FirstAdmin
SMTP (Checked and Bold) @ISPxxx.Net
smtp (UnChecked) @OurLocn.USqqq.Cal
X400 (Checked and bold) c=US; a= ;p=USqqq Exchange;o=Exchange;
In frustration I brought up the Active Directory properties tables for my
"power" id (which will allow editing) and my "normal" id (which will not
allow editing). I went through the tabs one-by-one and low and behold when
I got to the "Exchange General" tab I detected a difference which we had not
noticed before!!!
My "power" id has the MAILBOX STORE value as "Cricket/First Storage
Group/Mailbox Store(Cricket)" while my other id has HOME SERVER as
"USqqq/First Administrative Group/Cricket". Thus I can only assume there
is something left over somewhere from the old Exchange 2000 installation. I
Google'ed "Exchange 2000 First Administrative Group" and got a MS KB article
307917 which talked about how to remove the "First Exchange Server...". That
server died several years ago. It was replaced by the version that crashed
in 2008 (not having good luck with servers) and now has been replaced by
this server/installation.
B) "Also, please post an ipconfig /all from your DC, Exchange server and a
sample workstation to help us evaluate your AD configuration to eliminate
some basic issues. Also if there are more than one DC, indicate if any of
them are multihomed (more than one NIC, more than one IP or has RRAS
installed)."
In response to your request for IPCONFIGs for the Domain Controller
(GrizzlyKing), the Exchange server (Cricket) and a typical Workstation
(Mosquito) I have attached a txt file. We have two Domain Controllers which
are both configured the same (see GrizzlyKing data in the text file); Both
are multihomed (two NICs) for the internal network (Sprint) and the
SonicWALL VPN network which gives us access from off site.
Thanks and Happy New Year....RDK
"Lanwench [MVP - Exchange]"
<lanw...@heybuddy.donotsendme.unsolicitedmailatyahoo.com> wrote in message
news:em4akGde...@TK2MSFTNGP02.phx.gbl...
Ace Fekay [MVP-DS, MCT]
First, Happy New Year to you, too! :-)
As for the issues, there are numerous things wrong. First, apparently the
first Exchange server was not removed properly, hence it's reference to it
in Active Directory. Keep in mind, when Exchange is installed, it adds
approximately 1200-1300 objects (depending on Exchange version) into AD,
most of which are in the Configuration Container. Whenever you open the
Exchange mamgement Console, it doesn;t communicate with Exchange, rather it
communicates with AD to present all the data in the console. So if there are
AD issues, the console will either not open or not correctly display all
config info.
You can use ADSI Edit to view these objects, however be careful with ADSI
Edit. It is an AD editor similar to Windows registry editor. Any changes
made are not reversible without restoring a System State backup. So make
sure you have a good backup before messing wtih it.
Continuing on, to remove the first Exchange server in an Exchange
organization involves moving all mailboxes, Public Folders and Hidden System
Folders, (basically rehoming these folders), moving the OAB, RUS, etc, to
another Exchagne server in the org. I'm not sure if this was done, but from
what you mentioned, it may not have been. The article you used should have
been sufficient, and the following article for Ex2003 will also work.
How to remove the first Exchange Server 2003 computer from the
administrative group
http://support.microsoft.com/?kbid=822931
Apparently something was missed while removing the first server.
As for the multihomed DCs, this is hugely problematic and can/WILL be
contributing to the issues you are seeing. Remember I mentioned Exchange
stores it's config data in AD? Well, it needs access to be able to "find" AD
properly. However due to the multihoming, and using the wrong DNS addresses,
based on your ipconfigs, this will surely contribute to the problem.
You also have multiple gateways on the multihomed DCs. This is problematic
as well, whether a DC or not a DC with multiple NICs.This will cause
internal routing issues with the machine.
This is due to the way AD stores it's data in DNS. If you are specifying an
ISP's DNS addresss (as your ipconfigs show), it cannot register that data in
the ISP's DNS servers. Also, when the workstations look for a DC to logon or
authenticate against, it is asking the ISP's DNS servers, 'where is my
domain controller for my domain?" Unfortunately, the ISP's DNS servers do
not have that answer, which will cause issues with your user base.
Recommendations for the DCs:
Remove the additonal NICs.
Remove the ISP's DNS addresses.
Workstations:
Remove the ISPs DNS addresses from the DHCP scope (option 006)
Use a firewall/router in place of the DCs to configure a connection between
your subnet and the edge router. If you can't and need a Windows machine
(for wahtever reason), use a non-DC for this function.
Please read my blog in the following link to explain what multihoming a DC
does to DNS registration (which is required by AD), why it does it, it's
implications, and how to resolve it, that isif you feel that you absolutlely
positively need to keep the DC multihomed, but be forewarned it requires
multiple alterations including registry changes. In my opinion, I would
rather see your disable the external NICs, remove the ISP DNS address,
coinfigure a Forwarder on each DNS to the ISP, etc, instead of making all of
these changes to alter a DC's dedfault functionality to work in your
scenario.
Multihomed DCs with DNS, RRAS, multiple IPs, and/or PPPoE adapters
http://msmvps.com/blogs/acefekay/archive/2009/08/17/multihomed-dcs-with-dns-rras-and-or-pppoe-adapters.aspx
Let's straighten out AD first before going further into the Exchange issues.
This is important for AD and for Exchange.
Ace
RDK
digesting your comments and will get back to the Forum with results and/or
more questions.....RDK
"Ace Fekay [MVP-DS, MCT]" <ace...@mvps.RemoveThisPart.org> wrote in message
news:ecnwSuuj...@TK2MSFTNGP05.phx.gbl...
Ace Fekay [MVP-DS, MCT]
news:%23Hgq7ES...@TK2MSFTNGP02.phx.gbl...
> Ace....Thanks for your very details analysis of our situation. We are
> digesting your comments and will get back to the Forum with results and/or
> more questions.....RDK
>
Hi RDK,
I figured it was quite a bit of information to digest. Work through it
slowly in order to understand everything I mentioned. Do post back if you
have any questions.
Ace