[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Exchange 2003 Recipient Policy error preventing Exchange 2007 migration (event id 8325)

Posted on 2008-06-19
4
Medium Priority
?
1,518 Views
Last Modified: 2011-10-03
Current Evironment:  Exchange 2003 SP2 running on Windows Server 2003 which is also a GC/DC (I know it's not recommended, which is why we are migrating).  I have installed Exchange 2007 w/SP1 'Typical Installation' (MB, HUB, CA).  When I attempt to move or create a user on the Exchange 2007 server I receive the following error:  
Summary: 1 item(s). 0 succeeded, 1 failed.
Elapsed time: 00:00:00
MS Test
Failed
Error:
The Exchange server address list service failed to respond. This could be because of an address list or email address policy configuration error.
Exchange Management Shell command attempted:
New-Mailbox -Name 'MS Test' -Alias 'mstest' -OrganizationalUnit 'internal.xxx.com/Users' -UserPrincipalName 'mstest@internal.xxx.com' -SamAccountName 'mstest' -FirstName 'MS' -Initials '' -LastName 'Test' -Password 'System.Security.SecureString' -ResetPasswordOnNextLogon $false -Database 'SERVERNAME\XXX Storage Group\XXX_Mail_DB'
**************************

And the following events appear in the App log of the 2007 server pointing to two recipient policies which are defined on the 2003 Server (one for each domain which assign a unique proxy address to each using an LDAP query):
The service can't work properly because Email Address Policy 'CN=XXX Recipient Policy,CN=Recipient Policies,CN=My Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=internal,DC=XXX,DC=com'  has an invalid filter rule (PurportedSearch). The error is 'Invalid token.'.  Use the Exchange Management Console to correct this problem.  New users, contacts, and groups won't be fully provisioned until this is fixed.
************************

Here is the value in the (Purported Search) field that the error above complains about:

(&((objectclass=*)(homemdb=CN=XXX Mailbox Store (SERVER03),CN=XXX Storage Group,CN=InformationStore,CN=SERVER03,CN=Servers,CN=First Administrative Group,CN=Administrative Groups,CN=My Organization,CN=Services,CN=Configuration,DC=internal,DC=XXX,DC=com)))
*********************

I believe the problem lies with the LDAP query used to create these policies that Exchange 2007 does not like.  But for the life of me I can't find one that Exchange 2007 is happy with.  I can't move forward with this migration until this problem is resolved.  Any help would be appreciated.  Thanks!




0
Comment
Question by:Mr-Moody
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 

Author Comment

by:Mr-Moody
ID: 21827254
Thanks for the quick response!  

Yes, I have been through both articles (and probably every other article on the subject Google could dig up) which is what finally brought me to EE.  All the information that I have been able to gather seems to point to an invalid character in the LDAP query but unfortunately I can't find that invalid character and none of these articles have I been able find anything specific enough to help me.  The queries are valid for Exchange 2003 as they properly build the list of users.  I guess what I really need is assistance building an LDAP query that will distinguish users by either Information Store or better yet, AD domains, that 2007 won't complain about.  Thank you for you help!
0
 

Accepted Solution

by:
Mr-Moody earned 0 total points
ID: 21879557
I was able to resolve the problem by recreating the LDAP query as follows:
(&(&(&(& (mailnickname=*) (| (&(objectCategory=person)(objectClass=user)(|(homeMDB=*)(msExchHomeServerName=*))) )))(objectCategory=user)(userPrincipalName=*@internal.xxx.com)))

I beleive the issue was that my search string was referring to a mailbox store name on the Ech2k3 server, but I can't be sure.

I don't beleive the question was answered since my question was specific to the LDAP query.
0
 

Expert Comment

by:NetworkRangers
ID: 22185595
We had the same issue when installing Exchange 2007 mailbox role.  It would not finish installing and complained about 4 of our recipient policies.  All the policies it complained about had to do with the policy including a specified store in it.  We removed the store part of the policy and then install went just fine.  Note however that some policies that did have stores included in the query didn't throw the error so it isn't safe to say that ALL policies that include a store in the query won't work.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
As much as Microsoft wants to kill off PST file support, just as they tried to do with public folders, there are still times when it is useful or downright necessary to export Exchange mailboxes to PST files. Thankfully, it is still possible to e…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question