Associate External Account is needed if the AD account is
disabled and the mailbox is associated with an external forest (or NT4
domain)... hence the name. Theoretically you could set the Associate External
Account to SELF and add the NT4 mailboxes to the ACL as FULL and it should work
with outlook for mailbox access though you could have some other issues
with public folders I think.
Not sure at all on the OWA requirements, I think I
would dig into the event log and IIS logs to see if you can find some clues. One
thing I would also look at is can any forest C user connect through OWA to
say a mailbox that they are configured as primary for (i.e. AEA perm granted to
them).
joe
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Manjeet
Sent: Tuesday, March 08, 2005 5:38 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Associate external Account Permission
Hi,
On one of my mailbox say "A", I have given the Permission like
this.
Associted + full mailbox rights to user B ( User B is a user of Seprate
forest and have external one way trust with Forest
A and forest B)
Full rights to user C ( User C is a user of third forest
C and have the one way trust with A)
Now I am successfully able to access mailbox A with both User B and user C
if I use the Outlook client.
And I use the OWA the only B is able to access mailbox. User C is not able
to authenticate.
Now my Question is -
Is Associate external Account permission is only required for OWA clients
?
Is it possible that Both User B and User C can access the mailbox A using
OWA ?
Thanks,
Manjeet
__________________________________________________
Do You Yahoo!?
Tired
of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
