Install ADFS on Azure VM step by step

0

Not able to configure outlook profile via auto discovery or user not able to send set out of office via outlook.

PROBLEM

Consider the following scenario:

A single user from on-premise Exchange complaints that he/she is not able to setup OOO, and getting an error 

Your Out of Office settings cannot be displayed because the server is currently unavailable. Try again later.

  • You are not able to configure Outlook profile using auto discover.
  • Affected user not able to see Free/Busy information of other users
This issue could occur if the affected user had full mailbox access permission on the mailbox which is now moved to Cloud and the permission were removed from the affected user mailbox

In this case, permission is removed from the moved mailbox but an attribute of affected user mailbox is still available on the moved mailbox which is creating a false situation of full mailbox access for on-premise mailbox and causing this issue.

RESOLUTION

Part 1) - Determine on which mailbox user had Full mailbox access permission?

This can be done via adsiedit.msc or via PowerShell if you have PowerShell module for Active Directory installed.
I used adsiedit.msc as I did not have active directory module install.
Follow the below steps to further troubleshooting on the issue.
  •  Open adsiedit.msc
  •  Click on Domain > right Click and then click on New >> Query
  •  Type Query Name in Name field
  • Copy Query String below and paste in Query String. 
(&(objectCategory=user)(|(samaccountname=USERALIAS)))
  • Replace USERALIAS with affected user mailbox alias and click ok to save the query.
  • This Query will find the affected user mailbox Object.
  • Now right-click on the object and look for attribute “msExchDelegateListBL
  • In this Attribute, you will find an entry of the mailbox that the user had access to, make a note of this mailbox.
Part 2)- Search and Remove DN of affected user from the Mailbox we found in Part 1.
  •     Search the mailbox Object in "adsiedit" we found in part 1 under “msExchDelegateListBL “ attribute
  •     Now right click on the found object and check for attribute “msExchDelegateListLink
  •     Now remove the affected DN entry from the list and save the object.
This should fix the issue, now user should be able to set out of office and should be able to configure profile using auto discover.

For fixing this issue via PowerShell please follow the blog post by Jim Martin he has explained the issue thoroughly very nicely.

http://blogs.technet.com/b/tips_from_the_inside/archive/2012/01/11/autodiscover-fails-for-one-or-more-users.aspx

Comments

  1. AnonymousMay 31, 2014 at 1:05 AM

    Awesome blog ,it helped me so much.Thank you

    ReplyDelete

Post a Comment