The issue we were having was that the exchange router was not deleting emails from the message queue in exchange once it has been delevered to a CRM queue. The user for the queue has be set in Exchange with an CRMEmailEnabled mailbox. When a message come in the queue, this message will duplicate itself in the CRM queue every 4 minutes and every 27 minutes (or there abouts). There was only one Exchange server and only one Connector so the issue wasn't with multiple instances.
By setting the "SELF" to be the Associated External Account, a Master SID is set on the mailbox and the problem of the mail attempting to redeliver. E-mail sent to a queue will then duplicate itself many times.
To correct this issue, an attribute must be added to every queue user in the Active Directory. However, I would suggest that you backup your data as detailed in KB872408 as a precaution.
(Document ID: B872408) “How to plan for disaster recovery with Microsoft CRM”
To generate a msExchMasterAccountSide attribute:
From the View menu in the Active Directory Users and Computers snap-in, click Advanced Features. On the Exchange Advanced properties tab of the disabled user object that owns the mailbox, click Mailbox Rights, and then search the list of accounts for one that has the Associated External Account permission.
Note: By default, no account will have this permission; however, depending on how the account was created, it may already have this set. If another account currently has Associated External Account permissions, remove the Associated External Account permissions from that account because only one account at a time can have the Associated External Account permission. Therefore, to reset the permission, you must first remove this permission. If no account has this permission then grant the SELF Account the Associated External Account and Full Mailbox Access permissions.
Note: By default, the SELF account will already have Full Mailbox Access permissions if this is a disabled account. The SELF account is available in all Microsoft Windows 2000 domains. All SELF accounts share a well-known SID that is the same across all domains. If the SELF account is not already listed in the Permissions dialog box, you can add it by typing SELF as the account name.
Exit all properties dialog boxes for the user object by clicking OK at each level (do not click Cancel). Changes to permissions are not applied until you completely exit all properties dialog boxes.
After the DsAccess cache is refreshed (which may take some time), the new configurations take effect and e-mail messages that are sent to the disabled account will no longer generate errors.
No comments:
Post a Comment