Mail to Public Folder Results in Non-Delivery Report (NDR) 5.2.1 (323728)
The information in this article applies to:
- Microsoft Exchange 2000 Server
- Microsoft Exchange Server 2003 Enterprise Edition
- Microsoft Exchange Server 2003 Standard Edition
- Microsoft Windows Small Business Server 2003, Premium Edition
- Microsoft Windows Small Business Server 2003, Standard Edition
This article was previously published under Q323728 SYMPTOMS
When a user who is a member of certain groups in your Microsoft Exchange Server organization tries to send e-mail messages to a public folder, that same user may receive a non-delivery report (NDR) similar to the following:
Your message did not reach some or all of the intended recipients.
Subject: <subject>
Sent: <date> 2:26 PM
The following recipient(s) could not be reached:
Change Control Requests on <date> 2:26 PM
The message reached the recipient's e-mail system, but delivery was
refused. Attempt to resend the message. If it still fails, contact your system administrator.
<mail.example.com #5.2.1>
However, the same users can successfully post the message to the public folder.
Additionally, if you add that user account individually, as a contributor to the public folder, that same user can successfully send the e-mail message to that public folder.
CAUSE
This issue may occur if the Exchange Enterprise Servers security group lacks the correct permissions for the group in which the affected user is a members.
The 5.2.1 NDR is related to permissions issues. The Exchange Enterprise Servers group must have at least Read permissions in every group of which the user is a member. Additionally, the Exchange Enterprise Servers group must have at least Read permissions in the groups of which those groups are members.
When an Exchange Server user sends an e-mail message to a public folder, Exchange performs a Lightweight Directory Access Protocol (LDAP) query for every group of which that user is a member (and, for every group of which that particular group is a member). By default, the Exchange Enterprise Servers group has permissions at the domain root, which allow access to all objects. If any of these groups is not found, typically because Exchange Enterprise Servers group lacks correct access permissions, e-mail messages sent to the public folder from that user will be returned with a 5.2.1 NDR.
RESOLUTION
To resolve this issue, verify that the Exchange Enterprise Servers group has at least Read permissions to all groups of which the affected user accounts are members, and also to the groups of which these groups are members.
Or, you can reset the Exchange Enterprise Servers default permissions at the domain level. To do so, follow these steps:
- Start the Active Directory Users and Computers snap-in, and then remove permissions for the Exchange Enterprise Servers group entirely.
- Run setup /domainprep from the Exchange CD-ROM, or from a network installation point. This adds the Exchange Enterprise Servers group to the domain with default permissions.
- Restore permissions inheritance to other Organizational Units (OU).
- Allow the domain controllers to replicate.
| Modification Type: | Minor | Last Reviewed: | 11/10/2005 |
|---|
| Keywords: | kbprb KB323728 |
|---|
|