Exchange: Add-PublicFolderClientPermission : An existing permission entry was found for user: Anonymous.

Today a user complained stating that nobody from outside our organisation was able to send email to his public folder.
I tried to send an email to, let say, publicfolder@contoso.com. I indeed got a Non deliverable report back, stating I was not authenticated.

publicfolder@contoso.com
SRV-EXCHANGE-1.contoso.com
Remote Server returned ‘550 5.7.1 RESOLVER.RST.AuthRequired; authentication required [Stage: CreateMessage]’

This usually means the permissions on the Public Folder are not set correctly for the user “Anonymous”. Checking… yep, same issue here. Anonymous was missing in the Permissions tab in the Properties window of the Public Folder. However, I could not find any way to add the Anonymous user by using the GUI. So I tried it by Exchange Management Shell:

Add-PublicFolderClientPermission -id \publicfolder -AccessRights CreateItems -User Anonymous

Add-PublicFolderClientPermission : An existing permission entry was found for user: Anonymous.
At line:1 char:1
+ Add-PublicFolderClientPermission -id \publicfolder -AccessRights CreateItems -Use
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Add-PublicFolderClientPermission], UserAlreadyExistsInPermissionEntryException
+ FullyQualifiedErrorId : [Server=SRV-EXCHANGE-1,RequestId=62918356-e6a9-4c20-8c16-2b246d7858e6,TimeStamp=12/14/2016 3:58:21 PM] [FailureCategory=Cmdlet-UserAlreadyExistsInPermissionEntryException] 5D350A2C,Microsoft.Exchange.Management.StoreTasks
.AddPublicFolderClientPermission

Wtf…  the error stated that the user already exists, but I did not see the user in the properties! Even stranger: the Anonymous user didn’t show up either in Get-PublicFolderClientPermission -id \publicfolder

Solution:
I ended up in deleting the Anonymous user, and adding it again.
Use these cmdlets to fix it:

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010
$publicfolder = “\publicfolder”
Remove-PublicFolderClientPermission -Id $publicfolder -User Anonymous
Add-PublicFolderClientPermission -id $publicfolder -AccessRights CreateItems -User Anonymous

Leave a Reply

Be the First to Comment!

Notify of
avatar
wpDiscuz