If you attempt to edit the authOrig attribute of a mail enabled group using ADSIedit you will get the following error.
There is no editor registered to handle this attribute type.
Why would you be doing this? This is done when you want to restrict who can email a group.
Solution
If you are running either on-premises Microsoft Exchange (or are running in Hybrid Exchange mode, and have retained an Exchange server for management,) You can simply use the Exchange Admin Center to add the person or group that you want to restrict access to.
Recipients > Groups > Group-Name > Edit > Delivery Management > Set accordingly.
Note: As I’m in Hybrid mode, and have AAD Sync setup, if I attempt to look at this group in O365 / Exchange online, it simply says.
You can only manage this group in your on premises environment. Use Active Directory users and groups, or Exchange AdminCenter tools to edit or delete this group.
Technical Pedantry: The fact it’s been called ‘Active Directory Users and Computers‘ since Windows 2000 makes my OCD flinch at that comment.
Use PowerShell
You can (if you have no access to Exchange Management tools) simply use PowerShell, the syntax is as follows.
[box]
Set-ADGroup -Identity "The-Group" -Server The-Domain-Controller -Add @{authOrig=@('The User or Group to Grand access to')}
e.g.
Set-ADGroup -Identity "CN=DG-Test-Disty-Group,CN=Users,DC=pnl,DC=com" -Server PNL-MGMT.pnl.com -Add @{authOrig=@('CN=Pete Long,CN=Users,DC=pnl,DC=com')}
[/box]
Then to prove it’s not all ‘smoke and mirrors’ you can go back to ADSIedit and check.
Related Articles, References, Credits, or External Links
Out of the box Evolution can only connect to Exchange 2000 and Exchange 2003, this is because it uses OWA to connect, when Exchange 2007 was released, the way OWA was presented changed a great deal. So if you try and connect to a newer version of Exchange it will error. (Before you email in, I know in 2010, its now called Web App not OWA).
But there’s nothing to stop you connecting to Exchange 2007 and Exchange 2010 via MAPI, you just have to add a few packages first.
I originally wrote this a while back for version 10, but I’ve updated it for version 11.10. I’ve left the earlier version 10 notes below.
Solution
Ubuntu Version 11.10
1. If Evolution is not already installed, Launch the Ubuntu Software Manager and search for Evolution > Install.
2. You will need to enter your password.
3. After a few minutes it should get a green tick to say its been installed.
4. In addition you need to locate and install the “Evolution support for the groupware suite”.
7. You can restore form a backup, but I’ve not got one > Continue.
8. Type in your name and email address > Continue.
9. Now change the server to “Exchange MAPI” > Give it the name/IP of your Exchange server and your domain details > Authenticate > Enter your domain password > And it should say successful > Continue.
10. Set your email account requirements > Continue.
11. Give the account a name, by default it will be your email address, but you can change it > Continue.
12. Apply.
13. Before Evolution launches it will ask for your domain password (Mine never changes so I’m ticking the remember password option, you might NOT want to do this) > And I’m setting Evolution as the default email client.
14. An there is my inbox.
15. And it will pull down the GAL from Exchange, as well as your personal contacts.
16. After a short while it will also sync and display your Exchange calendar.
In this example I’m using Ubuntu version 10
1. First you need to add in the “evolution-mapi” package > System > Administration > Synaptic Package Manager. (You may need to provide a password to proceed).
2. Locate the “evolution-mapi” package.
3. Mark it for installation.
4. You may have to agree to install some dependant packages > do so.
5. Ensure that evolution-mapi is now ticked and click “Apply”.
6. The packages will download and install.
7. Now you can launch Evolution > It should run the “Setup Assistant” > Forward. (Note: If you’re adding an additional account simply open Evolution > Edit > Preferences > Mail accounts > Add).
8. We are not restoring > Forward.
9. Type in your name and email address, this is going to be or default account so leave the default option ticked > Forward.
10. Change the server type to “Exchange MAPI” > Enter the server name/IP address, your domain user name, and the name of the domain > Authenticate.
11. Enter the correct password for your domain account, tick the option to remember the password (Note: if you domain password changes often you might not want to do that) > OK.
12. All being well, you should see a successful result > OK > Forward.
13. Set the options as you require, these would be my personal preference > Forward.
14. Give the mail account a sensible name > Forward.
15. After a couple of minutes there’s your mailbox.
16. And Your Exchange 2010 Calendar sync’d.
17. And your contacts and address lists. (Note: The Exchange Global Address List, can take a couple of restarts before it starts to sync properly).
Related Articles, References, Credits, or External Links
