Solved

Exchange 2003 Recipient Policy error preventing Exchange 2007 migration (event id 8325)

Posted on 2008-06-19
4
1,502 Views
Last Modified: 2011-10-03
Current Evironment:  Exchange 2003 SP2 running on Windows Server 2003 which is also a GC/DC (I know it's not recommended, which is why we are migrating).  I have installed Exchange 2007 w/SP1 'Typical Installation' (MB, HUB, CA).  When I attempt to move or create a user on the Exchange 2007 server I receive the following error:  
Summary: 1 item(s). 0 succeeded, 1 failed.
Elapsed time: 00:00:00
MS Test
Failed
Error:
The Exchange server address list service failed to respond. This could be because of an address list or email address policy configuration error.
Exchange Management Shell command attempted:
New-Mailbox -Name 'MS Test' -Alias 'mstest' -OrganizationalUnit 'internal.xxx.com/Users' -UserPrincipalName 'mstest@internal.xxx.com' -SamAccountName 'mstest' -FirstName 'MS' -Initials '' -LastName 'Test' -Password 'System.Security.SecureString' -ResetPasswordOnNextLogon $false -Database 'SERVERNAME\XXX Storage Group\XXX_Mail_DB'
**************************

And the following events appear in the App log of the 2007 server pointing to two recipient policies which are defined on the 2003 Server (one for each domain which assign a unique proxy address to each using an LDAP query):
The service can't work properly because Email Address Policy 'CN=XXX Recipient Policy,CN=Recipient Policies,CN=My Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=internal,DC=XXX,DC=com'  has an invalid filter rule (PurportedSearch). The error is 'Invalid token.'.  Use the Exchange Management Console to correct this problem.  New users, contacts, and groups won't be fully provisioned until this is fixed.
************************

Here is the value in the (Purported Search) field that the error above complains about:

(&((objectclass=*)(homemdb=CN=XXX Mailbox Store (SERVER03),CN=XXX Storage Group,CN=InformationStore,CN=SERVER03,CN=Servers,CN=First Administrative Group,CN=Administrative Groups,CN=My Organization,CN=Services,CN=Configuration,DC=internal,DC=XXX,DC=com)))
*********************

I believe the problem lies with the LDAP query used to create these policies that Exchange 2007 does not like.  But for the life of me I can't find one that Exchange 2007 is happy with.  I can't move forward with this migration until this problem is resolved.  Any help would be appreciated.  Thanks!




0
Comment
Question by:Mr-Moody
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 

Author Comment

by:Mr-Moody
ID: 21827254
Thanks for the quick response!  

Yes, I have been through both articles (and probably every other article on the subject Google could dig up) which is what finally brought me to EE.  All the information that I have been able to gather seems to point to an invalid character in the LDAP query but unfortunately I can't find that invalid character and none of these articles have I been able find anything specific enough to help me.  The queries are valid for Exchange 2003 as they properly build the list of users.  I guess what I really need is assistance building an LDAP query that will distinguish users by either Information Store or better yet, AD domains, that 2007 won't complain about.  Thank you for you help!
0
 

Accepted Solution

by:
Mr-Moody earned 0 total points
ID: 21879557
I was able to resolve the problem by recreating the LDAP query as follows:
(&(&(&(& (mailnickname=*) (| (&(objectCategory=person)(objectClass=user)(|(homeMDB=*)(msExchHomeServerName=*))) )))(objectCategory=user)(userPrincipalName=*@internal.xxx.com)))

I beleive the issue was that my search string was referring to a mailbox store name on the Ech2k3 server, but I can't be sure.

I don't beleive the question was answered since my question was specific to the LDAP query.
0
 

Expert Comment

by:NetworkRangers
ID: 22185595
We had the same issue when installing Exchange 2007 mailbox role.  It would not finish installing and complained about 4 of our recipient policies.  All the policies it complained about had to do with the policy including a specified store in it.  We removed the store part of the policy and then install went just fine.  Note however that some policies that did have stores included in the query didn't throw the error so it isn't safe to say that ALL policies that include a store in the query won't work.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question