3 Domains: 2 NT, 1 AD -- domains all trust each other
BES is in AD domain
4 Exchange servers are in the same site
2 Exchange 2003 servers are in AD domain
2 Exchange 5.5 servers are in NT domain
We use ADMT to clone NT ids to AD; ADC to replicate exchange information to AD.
When adding users to the BES, I have no problem adding anyone from the 2003 servers in AD, but when adding a 5.5 user I receive the "failed to add user .. unable to open mailbox". The GAL I'm choosing the users from is the 2003 GAL (different from the 5.5 GAL). The 5.5 userid exists in AD (via ADMT and ADC), so this is the id I'm selecting, but the mailbox is in 5.5 (accessible through SID history).
The correct permissions are on the AD exchange servers; on the 5.5 server the besadmin account has been given "service account admin" at both the site and configuration containers.
Is the problem that the GAL is AD, but the mailbox is on NT? Eventually all users will be migrated to AD; until then, I'd like the BES to also work for 5.5 users.
Here is a good test to let us know if the permissions are set correctly. On a desktop PC log in as the BESadmin... Open Outlook and try to add that users maibox if you are unable to access that then it's would be a permissions issue. Although your permissions look to be correct. I'm not the bes with 5.5 do you only have 1 mailbox store or do you have more then one? Make sure the permissions are given to all mailbox stores which you will be adding users from.
I followed your instructions and logged in as besadmin and could add an AD Exchange 2003 mailbox, but no, I could not add an Exchange 5.5 mailbox -- I received the error "unable to expand the folder". The event viewer logs Event ID: 20000 "unable to open database for user"
On the 5.5 server, I've granted permissions at the site and configuration level -- the information store for each server has inherited these permissions from these levels. If I look at the 5.5 server under ESM, I can view the permissions, and "administer information store and "send as" and "receive as" aren't selected. I cannot add permissions to a 5.5 server under ESM -- since these permissions aren't available under NT, how do I add them to the 5.5 information stores?
In the 5.5 enviroment you only need the site and configutation levels.
It looks to be permissions still but off the top of my head I can't think of them....
Possibly check the installation guide for the 4.0 BES posted on www.blackberry.com