Today a user complained stating that nobody from outside our organisation was able to send email to his public folder.
I tried to send an email to, let say, firstname.lastname@example.org. I indeed got a Non deliverable report back, stating I was not authenticated.
Remote Server returned ‘550 5.7.1 RESOLVER.RST.AuthRequired; authentication required [Stage: CreateMessage]’
This usually means the permissions on the Public Folder are not set correctly for the user “Anonymous”. Checking… yep, same issue here. Anonymous was missing in the Permissions tab in the Properties window of the Public Folder. However, I could not find any way to add the Anonymous user by using the GUI. So I tried it by Exchange Management Shell:
Add-PublicFolderClientPermission -id \publicfolder -AccessRights CreateItems -User Anonymous
Add-PublicFolderClientPermission : An existing permission entry was found for user: Anonymous.
At line:1 char:1
+ Add-PublicFolderClientPermission -id \publicfolder -AccessRights CreateItems -Use …
+ CategoryInfo : NotSpecified: (:) [Add-PublicFolderClientPermission], UserAlreadyExistsInPermissionEntryException
+ FullyQualifiedErrorId : [Server=SRV-EXCHANGE-1,RequestId=62918356-e6a9-4c20-8c16-2b246d7858e6,TimeStamp=12/14/2016 3:58:21 PM] [FailureCategory=Cmdlet-UserAlreadyExistsInPermissionEntryException] 5D350A2C,Microsoft.Exchange.Management.StoreTasks
Wtf… the error stated that the user already exists, but I did not see the user in the properties! Even stranger: the Anonymous user didn’t show up either in Get-PublicFolderClientPermission -id \publicfolder
I ended up in deleting the Anonymous user, and adding it again.
Use these cmdlets to fix it:
$publicfolder = “\publicfolder”
Remove-PublicFolderClientPermission -Id $publicfolder -User Anonymous
Add-PublicFolderClientPermission -id $publicfolder -AccessRights CreateItems -User Anonymous