Solved

New-TestCASConnectivityuser password error

Posted on 2009-07-08
4
1,352 Views
Last Modified: 2012-05-07
Hello All,
We are trying to monitor Exchange 2007 with the new native management pack which came with SCOM 2007.  One of the issues we have come across is when executing the new-testcasconnectivvityuser script on one of the mailbox clusters, we get the following error:

ClientAccessServer     :
Scenario               : Reset Credentials
ScenarioDescription    : Reset automated credentials for the Client Access test
                          user on Mailbox server S8KXMBV1.grupo.cm.es.
PerformanceCounterName :
Result                 : Failure
MailboxServer          : S8KXMBV1.grupo.cm.es
StartTime              : miércoles, 08, 07, 2009 13:21:20
Latency                : 00:00:00.2652136
SecureAccess           : True
Error                  : [Microsoft.Exchange.Monitoring.CasHealthStorageErrorEx
                         ception]: An error occurred while trying  to access ma
                         ilbox S8KXMBV1.grupo.cm.es on behalf of user grupo.cm.
                         es\CAS_a5c721419e234ddf

                          Additional information:
                          [Microsoft.Exchange.Data.Directory.ADOperationExcepti
                         on]: Active Directory operation failed on S8KCMGR1.gru
                         po.cm.es. This error is not retriable. Additional info
                         rmation: Unable to update the password. The value prov
                         ided for the new password does not meet the length, co
                         mplexity, or history requirements of the domain.
                         Active directory response: 0000052D: SvcErr: DSID-031A
                         11E5, problem 5003 (WILL_NOT_PERFORM), data 0
                          Inner error [System.DirectoryServices.Protocols.Direc
                         toryOperationException]: The server cannot handle dire
                         ctory requests.
UserName               : CAS_a5c721419e234ddf
VirtualDirectoryName   :
Url                    :
UrlType                : Unknown
EventType              : Error
Port                   : 0
ConnectionType         : Plaintext

An error occurred while trying  to access mailbox S8KXMBV1.grupo.cm.es on behal
f of user grupo.cm.es\CAS_a5c721419e234ddf

 Additional information:
 [Microsoft.Exchange.Data.Directory.ADOperationException]: Active Directory ope
ration failed on S8KCMGR1.grupo.cm.es. This error is not retriable. Additional
information: Unable to update the password. The value provided for the new pass
word does not meet the length, complexity, or history requirements of the domai
n.
Active directory response: 0000052D: SvcErr: DSID-031A11E5, problem 5003 (WILL_
NOT_PERFORM), data 0
 Inner error [System.DirectoryServices.Protocols.DirectoryOperationException]:
The server cannot handle directory requests.
Update test user permissions on:  S8KXMBV2.grupo.cm.es
Control-Break to quit or Enter to continue:

I would seem to be pretty straight forward except for the fact that in this particular domain, our password policy is four characters, non-complex, remember once.  Any help would be appreciated.
LC-J


0
Comment
Question by:MereelSkirata
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 15

Expert Comment

by:wwwally
ID: 24844265
I guess the user for the mom test mailbox account does not meet complexity requirements of you domain.
So change the password  of the account to a more complex one if you got this error on initial setup.

I haven't seen this error yet when the cmd is reseting the password but you can solve this by:
If you receive alerts that the cmdlet is not successfully resetting the passwords, you can fix the problem by rerunning the New-TestCasConnectivityUser.ps1 script on the Mailbox server.

Regards,
Walter
http://weblogwally.spaces.live.com
0
 

Author Comment

by:MereelSkirata
ID: 24847071
Thanks Wally,
We tried that and still get the same error.  A quick note: we still have Windows 2000 DCs in the domain,so its possible that maybe this is affecting the exchange enviornment.  The password policy for the domain is four characters changing every 42 days and enforce complex passwords is disabled.
LC-J
0
 
LVL 15

Expert Comment

by:wwwally
ID: 24852786
Maybe the complexity is not the problem but the password history, have a look at that.
Try setting it to 0 just as a test.
Regards,
Walter
http://weblogwally.spaces.live.com
0
 

Accepted Solution

by:
MereelSkirata earned 0 total points
ID: 24853031
Wally, after taking a look at this, it appears to be an issue with the SAM database on a Windows 2008 domain controller.  Once we get a solution for this, I´ll post it.  The interesting part of this will be whether or not this would have occurred with Windows 2003 DCs
Cheers,
LC-J
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses
Course of the Month8 days, 3 hours left to enroll

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question