[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

mailbox not Created in AD

Posted on 2008-11-04
27
Medium Priority
?
206 Views
Last Modified: 2012-05-05
Hello everyone,

we have got 2 domains with trusts set up. domain A and domain B.
exchange 2003 is setup in domainB and up until a few weeks ago when an new user was created in AD the email address was setup and everything was good for both domains

now when i setup an user in domainB the email address comes up in AD, however when i setup an User in domainA the email address does not show up in AD. when i try to send an email to that user i receive an error.

within exchange we receive these errors:
MSExchangeAL
LDAP Operations
8026
LDAP Bind was unsuccessful on directory servername.domain A for distinguished name ''. Directory returned error:[0x31] Invalid Credentials

MSExchangeAL
Service Control
8260
Could not open LDAP session to directory 'servername.domain A' using local service credentials. Cannot access Address List configuration information. Make sure the server 'servername.domain A' is running.

eveything else works with no issues.

Exchange is running an a standalone server, running Server 2003.

hope someone can help.
DJ
0
Comment
Question by:loretonh
  • 12
  • 9
  • 6
27 Comments
 
LVL 32

Expert Comment

by:gupnit
ID: 22881640
Did you have a change in any DC....Issue is with RUS ....
Follow this http://support.microsoft.com/kb/272552
Thanks
Nitin
0
 

Author Comment

by:loretonh
ID: 22881726
there were no issues with DC.. what happened is that one day the RUS could not contact the GC. so all we did was to point the RUS to a new GC.. and that was it.. there was no new DC or demoting of DCs.
the old GC stil lis the PDC Emulator and RID Master where as the new GC is not..
do you think id have to move some FSMO roles?
0
 
LVL 32

Expert Comment

by:gupnit
ID: 22881752
Hi - Use the link, it is going to help you out :-)
0
NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

 

Author Comment

by:loretonh
ID: 22881898
have followed the article and changed the DC to point to the DC that was previously there..
so i changed it to what it was before it stopped working.. am running a rebuild now.
will message back once that is done.. probably restart the server as well..

thanks
0
 
LVL 32

Expert Comment

by:gupnit
ID: 22881965
Great :-) !
0
 
LVL 33

Expert Comment

by:Exchange_Geek
ID: 22882085
Why on earth would you be thinking of running a rebuild. Why do you want all the objects in AD to get re-stamped ???

0
 
LVL 32

Expert Comment

by:gupnit
ID: 22882114
He means runing RUS....Also, I would assume they do not have 10000s of users...!!
0
 

Author Comment

by:loretonh
ID: 22882192
thats correct..
well i created a new user in domain B and after a minute or so i can see the new email address for the user.. whereas, when i create a new user in Domain A.. the email is created but it is not displayed in AD..
this is very odd..
0
 
LVL 33

Expert Comment

by:Exchange_Geek
ID: 22882198
Yep Nitin i meant also RUS rebuild - you wont see me talking of users getting re-stamped for rebuild of a box.

@loretonh:
What ever be the reason a rebuild should not be learnt as a troubleshooting step for any issue - it is left as a last resort.

All the best for working with the rebuild - remember you need to know there are always alternatives rather than rebuild - in case you face a similar issue - do not refer your notes to perform another rebuild in future.
0
 
LVL 33

Expert Comment

by:Exchange_Geek
ID: 22882203
"whereas, when i create a new user in Domain A.. the email is created but it is not displayed in AD."

Where do you see that email address if you do not see it in AD ???
0
 
LVL 32

Expert Comment

by:gupnit
ID: 22882207
?
0
 

Author Comment

by:loretonh
ID: 22882220
exchange_geek..
i know what you mean.. but this issue has been bugging me for about 2-3 weeks.. i have had other administartors look at it and even they could not figure it out.. and that is why i decided to run a rebuild.

i thank you for your advice though, will keep that in mind :)
0
 
LVL 32

Expert Comment

by:gupnit
ID: 22882232
Well, I am not sure what Excchange_Geek wants to say here....See RUS has to be up and running....and you are at no risk here...Chill Out !!!!
Nothing to worry here....object attirbutes update is an ongoing RUS activity !!
Cheers
Nitin
0
 
LVL 32

Expert Comment

by:gupnit
ID: 22882254
Rebuild will take anywhere from minutes to an hour...depending upong your setup....which I assume is not 100000s users...!! There is no reason for your to run around....thinking yuo made a mistake here....Chill!!
@Exchange_Geek - don't scare him unnecessarily !!
0
 

Author Comment

by:loretonh
ID: 22882267
the mailbox is in Exchange system manager.. hope that im making sense.
so i create an user and its mailbox.. no issues. i check ESM and the mailbox is there.. i go to AD and the user has got no email displayed..
0
 
LVL 32

Expert Comment

by:gupnit
ID: 22882281
See RUS was referring to wrong DC and that wass causing the errors. Address Book was not getting updated. So ideally if you would have changed the DC and then had done RUS update it would have been fine.
Cheers
Nitin
0
 

Author Comment

by:loretonh
ID: 22882338
lol thats alright...
well we have got about 1000 users..
i changed the DC run an update and it still seems to be the same issue..
do you think it could be some kind of permission issue?
the weird thin is that AD allows be to manipulate with the mailbox (ie. move it) but it does not actually display it under 'email addresses'...
0
 
LVL 32

Expert Comment

by:gupnit
ID: 22882355
I am getting confused now....Can you explain where can't you see the email address.....under properties in ADUC? or in your Outlook?
0
 

Author Comment

by:loretonh
ID: 22882368
sorry mate..
i cant see the email address under ADUC
0
 
LVL 33

Expert Comment

by:Exchange_Geek
ID: 22883560
Well, can you please do us a favour by confirming few things.

Have you created a separate domain RUS for domain B. This would mean you should be able to see 3 RUS in total.
Rus (Enterprise)
Rus (domain A)
Rus (domain B)

First. RUS (domain B) is pointing to an existing Exchange server.
Second, RUS (domain B) is pointing to your Global Catalog Server.
Third, RUS (domain B) is set to "Always Run" in its schedule
Fourth, if possible please do restart your System Attendant Service
Fifth, please run Exchange Best Practice Analyzer tool (www.exbpa.com) in health check mode.



Let us reach up till here and later we can have advanced troubleshooting being done for it.

Thanks.
0
 

Author Comment

by:loretonh
ID: 22891454
that is correct.. there are a total of 3 RUS.. the rest i will have to double check when i go back to the office. which will be tomorrow.

will keep you posted.

thanks
0
 

Author Comment

by:loretonh
ID: 22901080
all the configs seem to be ok..
i ran the EBA tool and it found a few things that need looking at:

"The 'gatewayProxy' attribute for Recipient Update Service 'Recipient Update Service (Enterprise Configuration)' contains old data that was not fully processed..and should be manually removed to avoid accidental changes to user addresses"

the other messages wanr that rebuild could take some time

thanks

0
 
LVL 33

Assisted Solution

by:Exchange_Geek
Exchange_Geek earned 200 total points
ID: 22902336
"The 'gatewayProxy' attribute for Recipient Update Service 'Recipient Update Service (Enterprise Configuration)' contains old data that was not fully processed..and should be manually removed to avoid accidental changes to user addresses"

If you click on the link "tell me more...." - it might take you to a link similar to this one.
http://support.microsoft.com/kb/821743

"the other messages want that rebuild could take some time"
This message means that the rebuild which you had ran earlier - has not yet completed. So wait for the rebuild to get over - that was the reason if you had read earlier i had written - do not run rebuild.



0
 

Author Comment

by:loretonh
ID: 22909780
i followed the link and did as it says...

will leave it over the weekend and let you know back on monday of how things are going..

thanks
0
 

Author Comment

by:loretonh
ID: 22917932
checked everything today.. still the same issue
are tehre any other tests that i could run?

thanks
0
 

Accepted Solution

by:
loretonh earned 0 total points
ID: 22918896
exchange_geek and gupnit...

i have found the problem :)
the issue was that the Domain Controllers were not part of the Domain Controllers OU in AD.
i moved the DCs to the DC OU replicated the DCs and now the users emails come up :)

still receive the 8260 and 8026 errors but can create emails now for both domains..

thank you both for trying to help..
appreciate it
0
 
LVL 33

Expert Comment

by:Exchange_Geek
ID: 22958177
Your welcome, incase you want to troubleshoot 8260 and 8026 events - you may want to open a new thread and we would love to assist again.

Take Care.
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to effectively resolve the number one email related issue received by helpdesks.
Steps to fix error: “Couldn’t mount the database that you specified. Specified database: HU-DB; Error code: An Active Manager operation fail”
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question