mailbox not Created in AD

Hello everyone,

we have got 2 domains with trusts set up. domain A and domain B.
exchange 2003 is setup in domainB and up until a few weeks ago when an new user was created in AD the email address was setup and everything was good for both domains

now when i setup an user in domainB the email address comes up in AD, however when i setup an User in domainA the email address does not show up in AD. when i try to send an email to that user i receive an error.

within exchange we receive these errors:
MSExchangeAL
LDAP Operations
8026
LDAP Bind was unsuccessful on directory servername.domain A for distinguished name ''. Directory returned error:[0x31] Invalid Credentials

MSExchangeAL
Service Control
8260
Could not open LDAP session to directory 'servername.domain A' using local service credentials. Cannot access Address List configuration information. Make sure the server 'servername.domain A' is running.

eveything else works with no issues.

Exchange is running an a standalone server, running Server 2003.

hope someone can help.
DJ
loretonhAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

gupnitCommented:
Did you have a change in any DC....Issue is with RUS ....
Follow this http://support.microsoft.com/kb/272552
Thanks
Nitin
0
loretonhAuthor Commented:
there were no issues with DC.. what happened is that one day the RUS could not contact the GC. so all we did was to point the RUS to a new GC.. and that was it.. there was no new DC or demoting of DCs.
the old GC stil lis the PDC Emulator and RID Master where as the new GC is not..
do you think id have to move some FSMO roles?
0
gupnitCommented:
Hi - Use the link, it is going to help you out :-)
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

loretonhAuthor Commented:
have followed the article and changed the DC to point to the DC that was previously there..
so i changed it to what it was before it stopped working.. am running a rebuild now.
will message back once that is done.. probably restart the server as well..

thanks
0
gupnitCommented:
Great :-) !
0
Exchange_GeekCommented:
Why on earth would you be thinking of running a rebuild. Why do you want all the objects in AD to get re-stamped ???

0
gupnitCommented:
He means runing RUS....Also, I would assume they do not have 10000s of users...!!
0
loretonhAuthor Commented:
thats correct..
well i created a new user in domain B and after a minute or so i can see the new email address for the user.. whereas, when i create a new user in Domain A.. the email is created but it is not displayed in AD..
this is very odd..
0
Exchange_GeekCommented:
Yep Nitin i meant also RUS rebuild - you wont see me talking of users getting re-stamped for rebuild of a box.

@loretonh:
What ever be the reason a rebuild should not be learnt as a troubleshooting step for any issue - it is left as a last resort.

All the best for working with the rebuild - remember you need to know there are always alternatives rather than rebuild - in case you face a similar issue - do not refer your notes to perform another rebuild in future.
0
Exchange_GeekCommented:
"whereas, when i create a new user in Domain A.. the email is created but it is not displayed in AD."

Where do you see that email address if you do not see it in AD ???
0
gupnitCommented:
?
0
loretonhAuthor Commented:
exchange_geek..
i know what you mean.. but this issue has been bugging me for about 2-3 weeks.. i have had other administartors look at it and even they could not figure it out.. and that is why i decided to run a rebuild.

i thank you for your advice though, will keep that in mind :)
0
gupnitCommented:
Well, I am not sure what Excchange_Geek wants to say here....See RUS has to be up and running....and you are at no risk here...Chill Out !!!!
Nothing to worry here....object attirbutes update is an ongoing RUS activity !!
Cheers
Nitin
0
gupnitCommented:
Rebuild will take anywhere from minutes to an hour...depending upong your setup....which I assume is not 100000s users...!! There is no reason for your to run around....thinking yuo made a mistake here....Chill!!
@Exchange_Geek - don't scare him unnecessarily !!
0
loretonhAuthor Commented:
the mailbox is in Exchange system manager.. hope that im making sense.
so i create an user and its mailbox.. no issues. i check ESM and the mailbox is there.. i go to AD and the user has got no email displayed..
0
gupnitCommented:
See RUS was referring to wrong DC and that wass causing the errors. Address Book was not getting updated. So ideally if you would have changed the DC and then had done RUS update it would have been fine.
Cheers
Nitin
0
loretonhAuthor Commented:
lol thats alright...
well we have got about 1000 users..
i changed the DC run an update and it still seems to be the same issue..
do you think it could be some kind of permission issue?
the weird thin is that AD allows be to manipulate with the mailbox (ie. move it) but it does not actually display it under 'email addresses'...
0
gupnitCommented:
I am getting confused now....Can you explain where can't you see the email address.....under properties in ADUC? or in your Outlook?
0
loretonhAuthor Commented:
sorry mate..
i cant see the email address under ADUC
0
Exchange_GeekCommented:
Well, can you please do us a favour by confirming few things.

Have you created a separate domain RUS for domain B. This would mean you should be able to see 3 RUS in total.
Rus (Enterprise)
Rus (domain A)
Rus (domain B)

First. RUS (domain B) is pointing to an existing Exchange server.
Second, RUS (domain B) is pointing to your Global Catalog Server.
Third, RUS (domain B) is set to "Always Run" in its schedule
Fourth, if possible please do restart your System Attendant Service
Fifth, please run Exchange Best Practice Analyzer tool (www.exbpa.com) in health check mode.



Let us reach up till here and later we can have advanced troubleshooting being done for it.

Thanks.
0
loretonhAuthor Commented:
that is correct.. there are a total of 3 RUS.. the rest i will have to double check when i go back to the office. which will be tomorrow.

will keep you posted.

thanks
0
loretonhAuthor Commented:
all the configs seem to be ok..
i ran the EBA tool and it found a few things that need looking at:

"The 'gatewayProxy' attribute for Recipient Update Service 'Recipient Update Service (Enterprise Configuration)' contains old data that was not fully processed..and should be manually removed to avoid accidental changes to user addresses"

the other messages wanr that rebuild could take some time

thanks

0
Exchange_GeekCommented:
"The 'gatewayProxy' attribute for Recipient Update Service 'Recipient Update Service (Enterprise Configuration)' contains old data that was not fully processed..and should be manually removed to avoid accidental changes to user addresses"

If you click on the link "tell me more...." - it might take you to a link similar to this one.
http://support.microsoft.com/kb/821743

"the other messages want that rebuild could take some time"
This message means that the rebuild which you had ran earlier - has not yet completed. So wait for the rebuild to get over - that was the reason if you had read earlier i had written - do not run rebuild.



0
loretonhAuthor Commented:
i followed the link and did as it says...

will leave it over the weekend and let you know back on monday of how things are going..

thanks
0
loretonhAuthor Commented:
checked everything today.. still the same issue
are tehre any other tests that i could run?

thanks
0
loretonhAuthor Commented:
exchange_geek and gupnit...

i have found the problem :)
the issue was that the Domain Controllers were not part of the Domain Controllers OU in AD.
i moved the DCs to the DC OU replicated the DCs and now the users emails come up :)

still receive the 8260 and 8026 errors but can create emails now for both domains..

thank you both for trying to help..
appreciate it
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Exchange_GeekCommented:
Your welcome, incase you want to troubleshoot 8260 and 8026 events - you may want to open a new thread and we would love to assist again.

Take Care.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.