none
Publish certificate to GAL - Exchange linked mailbox user RRS feed

  • Question

  • Hi,

    we have main forest with Exchange in it and second smaller forest whose users have linked mailboxes from main forest. Forests have trust relationship between them.

    We have just built MS PKI infrastructure and currently we are trying to implement e-mail encryption (S-MIME). Everthing is working fine inside the main forest (sertificates are published to AD and GAL and user are able to send encrypted messages to eash other). In smaller forest, when we try to publih user certificate to GAL (using Outlook 2010) there is error message pop-up saying that server is offline or certificate is not valid. We managed to manualy export certificate and import it in linked user atribute in main forest and that solves problem.

    Qusetion is: is there a way to publish certificate to GAL in case of linked mailboxes?

    Wednesday, May 25, 2011 3:00 PM

Answers

  • Hi,

     

    Please first check the problematic user's permission:

     

    1. Start ADUC and in the View tab, click Advanced.

    2. Find the user, right click it and choose Properties.

    3. Switch to security tab.

    4. In the Group or user names, there is a "SELF" in the list.

    5. Choose SELF, and in the lower pan, make sure the "Read Personal Information" and "Write Personal Information" are checked.

     

    Then, please check if the problem continues. If so, since this problem is related to Exchange Server, I suggest you also ask in Exchange Server forum.

     

    Exchange Server forum

    http://social.technet.microsoft.com/Forums/en-us/category/exchangeserver

     

    Thanks for your understanding.

     

    Regards,

    Bruce


    This posting is provided "AS IS" with no warranties, and confers no rights. Please remember to click "Mark as Answer" on the post that helps you, and to click "Unmark as Answer" if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    • Marked as answer by Bruce-Liu Tuesday, June 7, 2011 5:56 AM
    Friday, May 27, 2011 4:50 PM

All replies

  • Hi,

     

    Please first check the problematic user's permission:

     

    1. Start ADUC and in the View tab, click Advanced.

    2. Find the user, right click it and choose Properties.

    3. Switch to security tab.

    4. In the Group or user names, there is a "SELF" in the list.

    5. Choose SELF, and in the lower pan, make sure the "Read Personal Information" and "Write Personal Information" are checked.

     

    Then, please check if the problem continues. If so, since this problem is related to Exchange Server, I suggest you also ask in Exchange Server forum.

     

    Exchange Server forum

    http://social.technet.microsoft.com/Forums/en-us/category/exchangeserver

     

    Thanks for your understanding.

     

    Regards,

    Bruce


    This posting is provided "AS IS" with no warranties, and confers no rights. Please remember to click "Mark as Answer" on the post that helps you, and to click "Unmark as Answer" if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    • Marked as answer by Bruce-Liu Tuesday, June 7, 2011 5:56 AM
    Friday, May 27, 2011 4:50 PM
  • Hi,

    thank you for responding.

    I have checked permission and everything is fine with them. Also, I already asked same question in Exchange forum.

    Thanks.

    Mile

    Saturday, May 28, 2011 4:58 PM