You create a linked mailbox (MB1) on a Microsoft Exchange Server 2010 mailbox server in an Active Directory forest (forest A).
MB1 is associated with a disabled account user A in the forest A.
MB1 is linked to a linked master account user B in the trust forest B.
User A is a member of the domain local group.
You assign Full Access permission for another linked mailbox (MB2) in forest A to user B.
User B tries to access MB2 by using Microsoft Office Outlook.
In this scenario, user B can access MB2 as an additional mailbox. However, user B cannot use a new profile to access MB2 as a primary mailbox. Additionally, the credential window pops up when user B types in credentials.
This issue occurs because the Authz API that the Client Access server uses performs an access check on the domain local group account in an incorrect way.
To resolve this issue, install the following update rollup:
2645995 Description of Update Rollup 1 for Exchange Server 2010 Service Pack 2
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
For more information about how to create a linked mailbox, visit the following Microsoft website: