locked
Active Directory and Exchange 2007 RRS feed

  • Question

  • Hi all,

    I have 3 domain controllers Win 2003 SP2 (2 of them are GC) and a Exchange 2007 SP1 environment (2 mailbox in a CCR cluster and 1 CAS (it has also hub transport role).

    The problem is that a user account is member of AD group "Group A" (universal security group), but from Exchange 2007 console the user does not appear as member of "Group A".

    All DCs are replicating well between them. I checked event logs and found only one error event from one of the DCs, it was event id 2088 source: NTDS replication, category: DS RPC Client.

    Could you please help me with this?

    Thanks in advance.

    Monday, February 27, 2012 8:13 PM

Answers

  • Hi,

    You will not be able to see them if those groups are created using Active Directory Users Computers, however when you create a group using EMS or EMC they will be listed. Its an Architecture change which was introduced in Exchange Server 2007.


    Thanks Sunder

    Monday, February 27, 2012 8:26 PM
  • I would suggest an upgrade from Exchange 2007 SP1 to begin with . That is very old. SP3 with the latest rollup would be a good start.

    is the user mail enabled? If you remove the user from the group using ADUC and then add them back in again through Exchange does it work then? What happens if you look at the group membership through OWA? Does the user receive email from the group?

    Simon.


    Simon Butler, Exchange MVP
    Blog | Exchange Resources | In the UK? Hire Me.

    Monday, February 27, 2012 11:59 PM

All replies

  • Hi,

    You will not be able to see them if those groups are created using Active Directory Users Computers, however when you create a group using EMS or EMC they will be listed. Its an Architecture change which was introduced in Exchange Server 2007.


    Thanks Sunder

    Monday, February 27, 2012 8:26 PM
  • I would suggest an upgrade from Exchange 2007 SP1 to begin with . That is very old. SP3 with the latest rollup would be a good start.

    is the user mail enabled? If you remove the user from the group using ADUC and then add them back in again through Exchange does it work then? What happens if you look at the group membership through OWA? Does the user receive email from the group?

    Simon.


    Simon Butler, Exchange MVP
    Blog | Exchange Resources | In the UK? Hire Me.

    Monday, February 27, 2012 11:59 PM
  • On Mon, 27 Feb 2012 20:13:44 +0000, dgimenez1983 wrote:
     
    >
    >
    >Hi all,
    >
    >I have 3 domain controllers Win 2003 SP2 (2 of them are GC) and a Exchange 2007 SP1 environment (2 mailbox in a CCR cluster and 1 CAS (it has also hub transport role).
    >
    >The problem is that a user account is member of AD group "Group A" (universal security group), but from Exchange 2007 console the user does not appear as member of "Group A".
     
    Is the group mail-enabled? If not, you won't see it with the EMC. Use
    the ADUC to manage the group, or the get/set-group cmdlets.
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Tuesday, February 28, 2012 2:58 AM