• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1528
  • Last Modified:

Exchange 2003 Recipient Policy error preventing Exchange 2007 migration (event id 8325)

Current Evironment:  Exchange 2003 SP2 running on Windows Server 2003 which is also a GC/DC (I know it's not recommended, which is why we are migrating).  I have installed Exchange 2007 w/SP1 'Typical Installation' (MB, HUB, CA).  When I attempt to move or create a user on the Exchange 2007 server I receive the following error:  
Summary: 1 item(s). 0 succeeded, 1 failed.
Elapsed time: 00:00:00
MS Test
Failed
Error:
The Exchange server address list service failed to respond. This could be because of an address list or email address policy configuration error.
Exchange Management Shell command attempted:
New-Mailbox -Name 'MS Test' -Alias 'mstest' -OrganizationalUnit 'internal.xxx.com/Users' -UserPrincipalName 'mstest@internal.xxx.com' -SamAccountName 'mstest' -FirstName 'MS' -Initials '' -LastName 'Test' -Password 'System.Security.SecureString' -ResetPasswordOnNextLogon $false -Database 'SERVERNAME\XXX Storage Group\XXX_Mail_DB'
**************************

And the following events appear in the App log of the 2007 server pointing to two recipient policies which are defined on the 2003 Server (one for each domain which assign a unique proxy address to each using an LDAP query):
The service can't work properly because Email Address Policy 'CN=XXX Recipient Policy,CN=Recipient Policies,CN=My Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=internal,DC=XXX,DC=com'  has an invalid filter rule (PurportedSearch). The error is 'Invalid token.'.  Use the Exchange Management Console to correct this problem.  New users, contacts, and groups won't be fully provisioned until this is fixed.
************************

Here is the value in the (Purported Search) field that the error above complains about:

(&((objectclass=*)(homemdb=CN=XXX Mailbox Store (SERVER03),CN=XXX Storage Group,CN=InformationStore,CN=SERVER03,CN=Servers,CN=First Administrative Group,CN=Administrative Groups,CN=My Organization,CN=Services,CN=Configuration,DC=internal,DC=XXX,DC=com)))
*********************

I believe the problem lies with the LDAP query used to create these policies that Exchange 2007 does not like.  But for the life of me I can't find one that Exchange 2007 is happy with.  I can't move forward with this migration until this problem is resolved.  Any help would be appreciated.  Thanks!




0
Mr-Moody
Asked:
Mr-Moody
  • 2
1 Solution
 
Mr-MoodyAuthor Commented:
Thanks for the quick response!  

Yes, I have been through both articles (and probably every other article on the subject Google could dig up) which is what finally brought me to EE.  All the information that I have been able to gather seems to point to an invalid character in the LDAP query but unfortunately I can't find that invalid character and none of these articles have I been able find anything specific enough to help me.  The queries are valid for Exchange 2003 as they properly build the list of users.  I guess what I really need is assistance building an LDAP query that will distinguish users by either Information Store or better yet, AD domains, that 2007 won't complain about.  Thank you for you help!
0
 
Mr-MoodyAuthor Commented:
I was able to resolve the problem by recreating the LDAP query as follows:
(&(&(&(& (mailnickname=*) (| (&(objectCategory=person)(objectClass=user)(|(homeMDB=*)(msExchHomeServerName=*))) )))(objectCategory=user)(userPrincipalName=*@internal.xxx.com)))

I beleive the issue was that my search string was referring to a mailbox store name on the Ech2k3 server, but I can't be sure.

I don't beleive the question was answered since my question was specific to the LDAP query.
0
 
NetworkRangersCommented:
We had the same issue when installing Exchange 2007 mailbox role.  It would not finish installing and complained about 4 of our recipient policies.  All the policies it complained about had to do with the policy including a specified store in it.  We removed the store part of the policy and then install went just fine.  Note however that some policies that did have stores included in the query didn't throw the error so it isn't safe to say that ALL policies that include a store in the query won't work.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now