Incoming Email in MOSS 2007
From: <CCGovMat at discussions.microsoft dot com>
Subject: Incoming Email in MOSS 2007
Date: Mon, 28 Aug 2006 15:50:02 -0700
Newsgroups: microsoft.public.sharepoint.setup_and_administration
A gold star to anyone who has incoming email working under MOSS 2007.
I have posted to several other threads of people who are having the same problem. I have now repeated the error on two separate installations. The only documentation to enable the feature is listed at www.combined-knowledge.com from Steve Smith.
If you have incoming email setup for a SharePoint list, please take a look Steve’s instructions and help me identify the missing pieces. I am pretty sure it has to do with permissions, but the question is where.
Any insights would be greatly appreciated as this is week 3 of trying to get answers on this issue.
Thanks,
Mat
**************************************
From: <Jay at discussions.microsoft dot com>
Subject: RE: Incoming Email in MOSS 2007
Date: Mon, 28 Aug 2006 15:54:01 -0700
Newsgroups: microsoft.public.sharepoint.setup_and_administration
I used the same instructions and have it working. The only problem I found was that you needed to use Outlook or the attachments would not show up.
I was using Thunderbird and nothing seemed to work, I switched to Outlook and like magic my attachments started to show up.
**************************************
From: <CCGovMat discussions.microsoft com>
Subject: RE: Incoming Email in MOSS 2007
Date: Mon, 28 Aug 2006 16:06:02 -0700
Newsgroups: microsoft.public.sharepoint.setup_and_administration
Great! Now I just need to figure out what I do doing different. I am having a problem with MOSS creating the contacts in AD. Every time I go to email enable the list I get an error 'Error in the application'.
May I inquire to what you did in AD? Did you create a separate OU? How did you set the permissions for the OU?
Thanks,
Mat
**************************************
From: <Jay discussions microsoft com>
Subject: RE: Incoming Email in MOSS 2007
Date: Mon, 28 Aug 2006 16:20:02 -0700
Newsgroups: microsoft.public.sharepoint.setup_and_administration
I created a new OU called SharePoint and gave the user that is running the SharePoint services (in my case shptadmin) R/W capabilities to the new OU. After that when I create an email document group, a contact entry is created in AD for that Library in my OU.
You also need to specify the Full OU (ou=SharePoint,ou=Lists,dc=ad,dc=amcc,dc=com) in the "Active Directory Settings for E-Mail Web Service" page in the Operations Section of the Admin GUI.
**************************************
From: <CCGovMat discussions microsoft com>
Subject: RE: Incoming Email in MOSS 2007
Date: Mon, 28 Aug 2006 17:29:01 -0700
Newsgroups: microsoft.public.sharepoint.setup_and_administration
Okay. I did all that and even went so far as to grant full permissions to everyone just in case I didn't identify the MOSS Admin Account correctly. Still not able to create a contact in AD through MOSS. I can however create a contact in OU using the user directly running the MMC. So I am still at a loss.
I just went back through the directions again and double the sandbox environment as well as my production develpoment environment and I continue to get the same error that other s are getting.
Jay, did you do anything in the DNS server or Exchange that was not in the documentation?
Thanks, Mat
**************************************
From: "Steve Smith" <steve combined-knowledge com>
Subject: Re: Incoming Email in MOSS 2007
Date: Tue, 29 Aug 2006 14:13:21 +0100
Newsgroups: microsoft.public.sharepoint.setup_and_administration
Hi Mat , I am feeling your pain. it sounds like you have everything set up right yet the Directory management service does not seem to be completing the process in regards to AD. Can I just confirm you are using Exchange 2003 and not 2007 ? We know 2007 has issues with this.
I know this sounds daft but did you double check the spelling for the asmx page when configuring incoming mail in central admin ? I fell for that one myself once.
Cheers
Steve Smith
www.combined-knowledge.com
**************************************
From: <CCGovMat discussions microsoft com>
Subject: Re: Incoming Email in MOSS 2007
Date: Tue, 29 Aug 2006 09:25:01 -0700
Newsgroups: microsoft.public.sharepoint.setup_and_administration
Steve,
On my main environment we are using Exchange 2003. To verify that it was not an enterprise issue with AD or Exchange I created a sandbox in Microsoft Virtual Server of one system running the DC on W2K3 server and a second W2K3 server running MOSS and SQL2005. The sandbox environment did not have exchange installed at all. The same error occurs in the email-enabled list setup. Based on my troubleshooting skills, that eliminates AD and Exchange. I am left with the MOSS install, MOSS setup, and W2K3. I think I can throw out W2K3. That leaves me with a MOSS install or setup issue.
Apparently this is a common enough problem that others have fallen into the same trap. I have the server setup as advanced versus basic standalone. All services and DB are running on a single box for development purposes. So if Directory Management is the issue, which sounds likely since it would be the process that works with AD, what settings could affect it?
I have reverified that the Directory Management Service URL is correct by pasting into the browser. Does the user on the corresponding website with the email-enabled list need certain permissions to access the DMS under central administration?
Any thoughts would help.
Thanks, Mat
**************************************
From: "Steve Smith" <steve combined-knowledge com>
Subject: Re: Incoming Email in MOSS 2007
Date: Wed, 30 Aug 2006 00:54:28 +0100
Newsgroups: microsoft.public.sharepoint.setup_and_administration
Your last question is a great one and I wish I knew the answer. Let me see if I can find out a bit more about what is going on with the directory management service as, like you, I think this could be a possible issue that others, as you mentioned, are having. Just to clarify though, whenever I set this up in a test envoironment, I always have seperate boxes for AD,
Exchange , SQL and Moss; and using an admin account, I have never had a problem getting it to work. I have seen several postings and private e-mails where problems happen when everything is on one box , again this may be the directory service itself that is having an issue. Lets see what I get back from MS this week.
I will keep you posted. ( no pun intended !! )
Steve Smith
**************************************
From: "Steve Smith" <steve combined-knowledge com>
Subject: Re: Incoming Email in MOSS 2007
Date: Thu, 31 Aug 2006 01:29:57 +0100
Newsgroups: microsoft.public.sharepoint.setup_and_administration
Hey Mat,
Try running a network monitor on your AD Box to see if you capture any traffic coming from Moss at the time of the contact trying to be created?
Steve Smith
**************************************
From: <CCGovMat discussions microsoft com>
Subject: Re: Incoming Email in MOSS 2007
Date: Wed, 6 Sep 2006 14:15:01 -0700
Newsgroups: microsoft.public.sharepoint.setup_and_administration
Okay! Big new updates on the email enabled lists front. I actually have it working, so I guess you are wondering where I strayed from the beaten path?
The answer to the mystery is a permissions issue (isn't it always). Now I will try not to go on a rant about taking the easy road and installing everything with Admin privileges, but the documentation provided by Microsoft about “Least Privilege†users has caused me nothing but troubles with the MOSS Beta 2 setup. (Refer to my previous posts regarding My Sites not working and the app pool account).
Steve, I have found three things for you to add to your documentation:
*Step 0.5: Make sure the app pool account for the web application you are trying to mail enable is running as the MOSS Administrator account you are running Central Administration under.
*Step 1.5: Grant rights to the OU you have created in AD to the app pool account you setup in step 0.5.
*Step 4.5: Create a SMTP connector in Exchange to deliver mail to machine.domain.name where your MOSS SMTP service is running.
Once those steps are completed you will be able to use this awesome feature.
So there you have it. If you take the sysadmin path of spending time and working on security, you end up back at the beginning with an open application. Woops, there I go again with the rant. I do hope that someone at Microsoft brings this to the team’s attention if they aren’t already aware of this for the next technical release. I would prefer that path of least privilege, but I will settle for now.
**************************************
From: <CCGovMat discussions microsoft com>
Subject: Re: Incoming Email in MOSS 2007
Date: Wed, 6 Sep 2006 14:19:03 -0700
Newsgroups: microsoft.public.sharepoint.setup_and_administration
I have added some more background information for those interested in my long journey to getting this feature working. I tried to recreate the problem in my sandbox and received the following error when app pool account was correct, but no Exchange Server was attached to the system:
09/05/2006 10:37:32.71 w3wp.exe (0x0C88) 0x0D30
0
0 Exception SPEWSADManager::CreateContact
System.DirectoryServices.DirectoryServicesCOMException (0x8007200A): The
specified directory service attribute or value does not exist. (Exception
from HRESULT: 0x8007200A) at
System.DirectoryServices.DirectoryEntry.CommitChanges() at
Microsoft.SharePoint.EmailIntegration.SPEWSADManager.CreateContact(String
Alias, String FirstName, String LastName, String ForwardingEmail,
ContactFlags Flags)
This error helped me to understand that without Exchange installed you will run into problems with WSS trying to create items in AD. Directory Service will error since the schema must have the right fields in place for WSS to insert into. This is appears to me the only reason for needing SharePoint. My guess that if you just extended the AD schema to support these fields you could use any mail package.
I would like to continue with more helpful error messages that you find in your MOSS/WSS logs, but the enigma behind the problem is that no errors appear in logs either at the web/app or in the AD logs. Since the error lies in the app pool permissions somewhere. All you will see on the screen is a generic "Error in Application" message.
The last issue you may experience is the "Access Denied" error. This just means that you have both the app pool user and the AD permissions misconfigured. It is important that you have both sets of permissions correct. If only one is correct you get the generic error in application.
**************************************
From: <Jay discussions microsoft com>
Subject: RE: Incoming Email in MOSS 2007
Date: Tue, 29 Aug 2006 15:00:01 -0700
Newsgroups: microsoft.public.sharepoint.setup_and_administration
If you send me your email, I will send you screen shots of my config.
jayz at amcc dot com
Posted using 