This project has moved and is read-only. For the latest updates, please go here.

LDAPCP and Incoming email

Feb 16, 2015 at 10:08 PM
Could LDAPCP influence the claims resolution from the Timer service when using incoming email?

I'm having a problem where the incoming email feature of document libraries always rejects and email from the posting in the document library when the user who sent it has rights to the document library via an Trusted Claims Provider. The system says the user does not have rights, but they plainly do.

I've been working with Microsoft on it for a while.

I am wondering if LDAPCP could be at play here, or not. Thanks!
Feb 16, 2015 at 10:53 PM
Did some more testing and it seems that yes, LDAPCP is at play here and it does seem to cause a problem...
Feb 16, 2015 at 11:22 PM
I've logged this issue. Thanks
Feb 17, 2015 at 8:22 AM
your scenario is definitely possible to implement, I did it before (quite a long time ago with SharePoint 2010).
The 1st step, as you mentioned, is to run those cmdlets:

$farm = Get-SPFarm
$farm.Properties["disable-active-directory-resolve"] = "true"
$farm.Properties["enable-trusted-resolve"] = "true"
recycle timer service

Then, the important thing is to ensure that trusted users and WinClaims users DO NOT have the same email address.
The easiest way to ensure that is to clear email address of WinClaims users from UPA and sync this to all site collections.

Can you please try and let us know the result?
Marked as answer by Yvand on 2/17/2015 at 7:25 AM
Feb 17, 2015 at 2:04 PM

Thanks for the suggestion.

Upon further review I've found that the one test user I was using did have a duplicate email in their WinClaim.

I removed the email via UPS and also had to purge the user from the site collection I was testing with. After I did these things and implemented the farm properties change, the incoming email started functioning as expected!

Thanks for your help and the software. It is greatly appreciated!
Marked as answer by Yvand on 2/17/2015 at 7:25 AM