We're using Exchange 2007 sp2 In the past year a lot of mailboxes where deleted from our email system (and are not in the Disconnected Mailboxes anymore) However it now turns out lots of users have set lots of other users as delegates When people now invite these users they get a '#550 5.1.1 RESOLVER.ADR.RecipNotFound; not found ##' message back This message does NOT contain the name of the person forwarding user, so the only way to determine who is causing this is by using messagetracking and determine the original recipients Powershell can show the resourcedelegates for a user, however it does not show the deleted mailboxes Also Exchange does not automatically clean them once a mailbox is deleted When you check in Outlook under delegates is will show you lines like /O=OurOrganisation/OU=Exsite1/cn=Recipients/cn=@GRF_FO /o=OurOrganisation/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=witte.gebouw When using Get-MailboxCalendarSettings users@ourorganisation | select ResourceDelegates these are not shown Can anybody help me determine which mailboxes are forwarding to no longer existing users and better remove the invalid delegates without having to take full access to every mailbox? Thanks, Rob

uset the MFCPAI tool to remove the stale delegate entry this question has been answered earlier http://social.technet.microsoft.com/forums/en-US/exchangesvrgeneral/thread/8ef3fa80-7692-4402-b788-39774a2e81e9/ get MFCMAPI from http://www.microsoft.com/downloads/details.aspx?FamilyId=55FDFFD7-1878-4637-9808-1E21ABB3AE37&displaylang=en Thank you Dhruva

uset the MFCPAI tool to remove the stale delegate entry this question has been answered earlier http://social.technet.microsoft.com/forums/en-US/exchangesvrgeneral/thread/8ef3fa80-7692-4402-b788-39774a2e81e9/ get MFCMAPI from http://www.microsoft.com/downloads/details.aspx?FamilyId=55FDFFD7-1878-4637-9808-1E21ABB3AE37&displaylang=en Thank you Dhruva

. Download the MFCMAPI tool to managers’s computer. (We can also do this in your if you can configure a profile for manager’s mailbox in your client) http://www.microsoft.com/downloads/details.aspx?FamilyID=55fdffd7-1878-4637-9808-1e21abb3ae37&DisplayLang=en 2. Extract it then start MFCMAPI by double clicking it. 3. Click OK on the about screen & get to the main UI window. 4. From the main UI window, go to the "Session" menu option and select "Logon and Display Store Table". Select the Manager’s profile then click OK. 5. In the Mailbox window you'll see the Mailbox & Public Folders instances. Double click the Mailbox. This will open the mailbox in a seperate window. 6. Click the "+" next to the Root-Mailbox object. Here you will see the various objects within the Mailbox (like the IPM_SUBTREE, CommonViews, Shortcuts, etc. 7. Click the "+" next to "IPM_SUBTREE". You will now see the folders that are a part of the mailbox (like the Inbox, Outbox, Sent Items, etc). 8. Highlight the Inbox folder, right click and choose "Display Rules Table". This will open a new windows and will display the rules configured on this mailbox. The rules will be listed in the top half of this window. 9. In the top window of the Rules table, scroll all the way to the right till you see a column titled “PR_RULE_PROVIDER::0X6681001E:PT_STRING8". This column lists the TYPE of rule configured. The name of the rule should be “Schedule+EMS Interface”. click the Delegate Rule mentioned above ("Schedule+EMS Interface") and then chose Delete. This will delete the rule from the mailbox. 10. After that, for all the delegates of the Manager, we need to remove them then add them back again. Dinesh

Thanks for the reply, but cleaning the delegates or rules is NOT the problem I can take over the mailbox of the users and just remove the phantom delegate from the list, so I don't need to hack the rules database. (the users still show there in an /o= format) My problem is I need to determine which users still have phantom delegates, as there are still a number of them left and we don't now who they are except by debugging every NDR message

Hello Rob, The delegates are listed on each account under the attribute "publicDelegates" in Active Directory. Using this attribute we can do an export via LDFIDE or CSVDE to get a list. Just off the top of my head, the below command using CSVDE will get you an export of every mail enabled object and their publicDelegates. You can then open this in Excel and either filter or sort. csvde -m -f publicdelegates_export.csv -s NAMEOFMYGLOBALCATALOG -t 3268 -r "(mailnickname=*)" -l name,publicDelegates Note: Make sure to replace "NAMEOFMYGLOBALCATALOG" with your actual global catalog server's name. Upon completion of this command you can then open publicdelegates_export.csv and sort or search for deleted objects. (They may be listed in here as "DEL:/") I'm sure there are more creative ways to export exactly what you need, but this should do the trick. This will include system accounts, basically every single mail-enabled object, but it will give you a complete list of every mail-enabled object and their delegate. Through sorting or searching you should be able to identify the deleted ones quickly by locating "DEL:/". Let me know if this works/helps. Thanks, Kevin Ca - MSFT

Tried that, but unfortunaly the unknown users are not in the PublicDelegates field Would have been to simpel ;-) As said, determining the persons with invalid delegates turns out to be the real problem I did find a few users where the delegates where in the form X'434e3d45696a6e64656e5c2c204c2e5c2c2076616e2064656e2028426f7577666f6e6473204f6e7477696b6b656c696e675c2c20486f6576656c616b656e292c4f553d4b6e6f776c6564676520576f726b6572732c4f553d4d616e616765642055736572732c4f553d5256472c44433d636f72702c44433d626f7577666f6e64732c44433d636f6d';X'434e3d Checked a few, but the are all valid users No DEL: somewhere in the delegates Also did check in the past for known problem users and there both adsiedit and powershell did not show the invalid delegates, only outlook did So it seems to be hiding in the store somewhere Regards, Rob