Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

Clients cannot log on to Exchange Server 2007 mailboxes by using Outlook or Outlook Web Access in a mixed Exchange Server 2003 and Exchange Server 2007 environment


View products that this article applies to.

Symptoms

In a mixed Microsoft Exchange Server 2003 and Microsoft Exchange Server 2007 environment, clients cannot log on to Exchange Server 2007 mailboxes by using Microsoft Outlook or Microsoft Office Outlook Web Access.

Additionally, clients receive one of the following error messages when they try to log on to Exchange Server 2007, depending on whether they use Outlook or Outlook Web Access.

Outlook
Unable to open your default e-mail folder. The Microsoft Exchange Server computer is not available. Either there are network problems or the Microsoft Exchange Server computer is down for maintenance.
Outlook Web Access
Outlook Web Access could not find a mailbox for DOMAIN\USER. If the problem continues, contact technical support for your organization and tell them the following: The mailbox may be stored on a Microsoft Exchange 2000 or Microsoft Exchange Server 2003, or the Active Directory user account was created recently and has not yet replicated to the Active Directory site where this Client Access server is hosted.
Note This issue does not occur when clients log on to mailboxes that are located on a computer that is running Exchange Server 2003.

Additionally, if you move the mailbox from Exchange Server 2003 to Exchange Server 2007, you receive the following error message:
-1056749241
This issue occurs after you successfully install Exchange Server 2007 with the following roles:
  • Hub Transport
  • Client Access Server
  • Mailbox
Additionally, you can successfully create new mailboxes in Exchange Server 2007.

↑ Back to the top


Cause

This issue occurs if Read permissions were removed for the Authenticated Users group in an organizational unit.

When this occurs, Exchange Server 2003 continues to authenticate clients. However, in Exchange Server 2007, the Exchange Servers group is a member of the Authenticated Users group, and this group is missing the Read permissions for address lists. Exchange Server 2007 uses the ShowInAddressBook attribute to authenticate clients.

↑ Back to the top


Resolution

To resolve this issue, grant Read permissions to the Authenticated Users group in the organizational unit where the user account is located.

Note In special hosting environments, you may not be able or willing to grant authenticated users Read permissions. In this scenario, you can grant Read permissions to the Exchange Servers group in the organizational unit. When you do this, the client logs on successfully.

↑ Back to the top


Keywords: KB938444, kbexch2007prev, kbprb, kbtshoot, kberrmsg

↑ Back to the top

Article Info
Article ID : 938444
Revision : 1
Created on : 7/27/2007
Published on : 7/27/2007
Exists online : False
Views : 312