SIES di Andrea Barbon
asked on
Installazione Exchange 2013 SP1
Buongiorno a tutti,
come si può capire dall'oggetto della domanda ho un problema con l'installazione.
L’ambiente è semplice: un domain controller 2012 R2 ed un server membro 2012 R2 nel quale vorrei installare Exchange 2013.
Una prima installazione di Exchange si è bloccata quasi alla fine e mi ha costretto a reinstallare il sistema operativo del server perché non c’era modo di disinstallare o di reinstallare Exchange, la seconda installazione è andata a buon fine ma non era possibile accedere ad ECP o OWA, anche provando a creare un nuovo certificato ssl e ricreare le cartelle ecp ed owa in iis non c’è stato verso. A quel punto ho disinstallato nuovamente Exchange e sistema operativo e ho cancellato, forse incautamente, alcuni riferimenti ad Exchange utilizzando ADSIedit.
Ora alla terza reinstallazione ho questi errori:
Error:
Global updates need to be made to Active Directory, and this user account isn't a member of the 'Enterprise Admins' group.
For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.GlobalUpdateRequired.aspx
Error:
Setup encountered a problem while validating the state of Active Directory: Couldn't find the Enterprise Organization container. See the Exchange setup log for more information on this error.
For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.AdInitErrorRule.aspx
Error:
The forest functional level of the current Active Directory forest is not Windows Server 2003 native or later. To install Exchange Server 2013, the forest functional level must be at least Windows Server 2003 native.
For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.ForestLevelNotWin2003Native.aspx
Error:
Either Active Directory doesn't exist, or it can't be contacted.
For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.CannotAccessAD.aspx
Warning:
Setup will prepare the organization for Exchange 2013 by using 'Setup /PrepareAD'. No Exchange 2007 server roles have been detected in this topology. After this operation, you will not be able to install any Exchange 2007 servers.
For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.NoE12ServerWarning.aspx
Warning:
Setup will prepare the organization for Exchange 2013 by using 'Setup /PrepareAD'. No Exchange 2010 server roles have been detected in this topology. After this operation, you will not be able to install any Exchange 2010 servers.
For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.NoE14ServerWarning.aspx
Qualcuno ha idea di cosa possa fare/cercare per risolvere il problema?
Grazie
Andrea
come si può capire dall'oggetto della domanda ho un problema con l'installazione.
L’ambiente è semplice: un domain controller 2012 R2 ed un server membro 2012 R2 nel quale vorrei installare Exchange 2013.
Una prima installazione di Exchange si è bloccata quasi alla fine e mi ha costretto a reinstallare il sistema operativo del server perché non c’era modo di disinstallare o di reinstallare Exchange, la seconda installazione è andata a buon fine ma non era possibile accedere ad ECP o OWA, anche provando a creare un nuovo certificato ssl e ricreare le cartelle ecp ed owa in iis non c’è stato verso. A quel punto ho disinstallato nuovamente Exchange e sistema operativo e ho cancellato, forse incautamente, alcuni riferimenti ad Exchange utilizzando ADSIedit.
Ora alla terza reinstallazione ho questi errori:
Error:
Global updates need to be made to Active Directory, and this user account isn't a member of the 'Enterprise Admins' group.
For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.GlobalUpdateRequired.aspx
Error:
Setup encountered a problem while validating the state of Active Directory: Couldn't find the Enterprise Organization container. See the Exchange setup log for more information on this error.
For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.AdInitErrorRule.aspx
Error:
The forest functional level of the current Active Directory forest is not Windows Server 2003 native or later. To install Exchange Server 2013, the forest functional level must be at least Windows Server 2003 native.
For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.ForestLevelNotWin2003Native.aspx
Error:
Either Active Directory doesn't exist, or it can't be contacted.
For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.CannotAccessAD.aspx
Warning:
Setup will prepare the organization for Exchange 2013 by using 'Setup /PrepareAD'. No Exchange 2007 server roles have been detected in this topology. After this operation, you will not be able to install any Exchange 2007 servers.
For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.NoE12ServerWarning.aspx
Warning:
Setup will prepare the organization for Exchange 2013 by using 'Setup /PrepareAD'. No Exchange 2010 server roles have been detected in this topology. After this operation, you will not be able to install any Exchange 2010 servers.
For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.NoE14ServerWarning.aspx
Qualcuno ha idea di cosa possa fare/cercare per risolvere il problema?
Grazie
Andrea
Hi,
Here are the below reasons and solutions for this error
1. Global updates need to be made to Active Directory, and this user account isn't a member of the 'Enterprise Admins' group.
Make Sure that the account through which you are installing exchange is a member of Enterprise Admin, Schema Admin & Domain Admin group
2. Setup encountered a problem while validating the state of Active Directory: Couldn't find the Enterprise Organization container. See the Exchange setup log for more information on this error.
This error occurs if there are duplicate microsoft exchange system objects. For resolving this error follow the below steps
Log on to the domain controller with administrative credentials.
In Administrative Tools, click Active Directory Users and Computers.
In the Active Directory Users and Computers management console pane, click View from the toolbar menu and then select Advanced Features.
Locate the duplicate Microsoft Exchange System Objects container.
Verify the duplicate Microsoft Exchange System Objects container doesn’t contain valid Active Directory objects.
Right-click the duplicate Microsoft Exchange System Objects container, and then click Delete.
Confirm the deletion by clicking Yes in the Active Directory dialog box.
3. The forest functional level of the current Active Directory forest is not Windows Server 2003 native or later. To install Exchange Server 2013, the forest functional level must be at least Windows Server 2003 native.
Seems your Forest level is set to Mixed Mode. For installing the Exchange the Forest level must be set to 2000 native. Follow the below steps
Go to Active Directory Domains & Trusts right click domain select Raise Forest Funtional Level and set it to 2000 native.
4. Either Active Directory doesn't exist, or it can't be contacted.
Follow the below steps it will resolve the issue
Make sure you Server manager > Add Features > Select Remote Server Administration tools > And select ADDS & ADLS tools and click install
5. Setup will prepare the organization for Exchange 2013 by using 'Setup /PrepareAD
To resolve this error do the following run the below command and enter the organization name of your Exchange
Setup.exe /PrepareAD /OrganizationName:"<organi zation name>" /IAcceptExchangeServerLice nseTerms.
For more information refer the below link
https://technet.microsoft.com/en-us/library/bb125224(v=exchg.150).aspx
Along with this you have to also prepare the schema run the below command for preparing the schema
Setup.exe /PrepareSchema /IAcceptExchangeServerLice nseTerms
Thanks
Manikandan
Here are the below reasons and solutions for this error
1. Global updates need to be made to Active Directory, and this user account isn't a member of the 'Enterprise Admins' group.
Make Sure that the account through which you are installing exchange is a member of Enterprise Admin, Schema Admin & Domain Admin group
2. Setup encountered a problem while validating the state of Active Directory: Couldn't find the Enterprise Organization container. See the Exchange setup log for more information on this error.
This error occurs if there are duplicate microsoft exchange system objects. For resolving this error follow the below steps
Log on to the domain controller with administrative credentials.
In Administrative Tools, click Active Directory Users and Computers.
In the Active Directory Users and Computers management console pane, click View from the toolbar menu and then select Advanced Features.
Locate the duplicate Microsoft Exchange System Objects container.
Verify the duplicate Microsoft Exchange System Objects container doesn’t contain valid Active Directory objects.
Right-click the duplicate Microsoft Exchange System Objects container, and then click Delete.
Confirm the deletion by clicking Yes in the Active Directory dialog box.
3. The forest functional level of the current Active Directory forest is not Windows Server 2003 native or later. To install Exchange Server 2013, the forest functional level must be at least Windows Server 2003 native.
Seems your Forest level is set to Mixed Mode. For installing the Exchange the Forest level must be set to 2000 native. Follow the below steps
Go to Active Directory Domains & Trusts right click domain select Raise Forest Funtional Level and set it to 2000 native.
4. Either Active Directory doesn't exist, or it can't be contacted.
Follow the below steps it will resolve the issue
Make sure you Server manager > Add Features > Select Remote Server Administration tools > And select ADDS & ADLS tools and click install
5. Setup will prepare the organization for Exchange 2013 by using 'Setup /PrepareAD
To resolve this error do the following run the below command and enter the organization name of your Exchange
Setup.exe /PrepareAD /OrganizationName:"<organi
For more information refer the below link
https://technet.microsoft.com/en-us/library/bb125224(v=exchg.150).aspx
Along with this you have to also prepare the schema run the below command for preparing the schema
Setup.exe /PrepareSchema /IAcceptExchangeServerLice
Thanks
Manikandan
ASKER
Hi Mohammed Khawaja,
thanks for your answer, the big problem is my only DC is already Windows 2012 R2 and I already installed and removed Exchange 2013 a first time.
Andrea Grespan
thanks for your answer, the big problem is my only DC is already Windows 2012 R2 and I already installed and removed Exchange 2013 a first time.
Andrea Grespan
ASKER
Hi Manikandan,
1. like I said in the previous comment I already installed Exchange 2013 in the same environment with the same user that is a member of Enterprise Admin, Schema Admin & Domain Admin.
2. I will try this one
3. See the previous comment
4. I will try tis one too
5. Already tried with more or less the same errors
Thanks
Andrea
1. like I said in the previous comment I already installed Exchange 2013 in the same environment with the same user that is a member of Enterprise Admin, Schema Admin & Domain Admin.
2. I will try this one
3. See the previous comment
4. I will try tis one too
5. Already tried with more or less the same errors
Thanks
Andrea
Hi Andrea,
could I suggest to cross-reference you steps with this wonderful guide I've used in the past?
Part1
http://www.petenetlive.com/KB/Article/0000716.htm
Part2
http://www.petenetlive.com/KB/Article/0000717.htm
Part3
http://www.petenetlive.com/KB/Article/0000730.htm
Let me know your thoughts.....
could I suggest to cross-reference you steps with this wonderful guide I've used in the past?
Part1
http://www.petenetlive.com/KB/Article/0000716.htm
Part2
http://www.petenetlive.com/KB/Article/0000717.htm
Part3
http://www.petenetlive.com/KB/Article/0000730.htm
Let me know your thoughts.....
If that is the case then the account you are using is not member of Enterprise Admin. You also need to prepare AD by running setup /preparead. As mentioned above, the account also needs schema admin and domain admin privileges.
ASKER
I did this:
Log on to the domain controller with administrative credentials.
In Administrative Tools, click Active Directory Users and Computers.
In the Active Directory Users and Computers management console pane, click View from the toolbar menu and then select Advanced Features.
Locate the duplicate Microsoft Exchange System Objects container.
Verify the duplicate Microsoft Exchange System Objects container doesn’t contain valid Active Directory objects.
Right-click the duplicate Microsoft Exchange System Objects container, and then click Delete.
Confirm the deletion by clicking Yes in the Active Directory dialog box.
and I could at least start the installation that ended at step 8 Mailbox Role with this error:
Error:
The following error was generated when "$error.Clear();
if ( ($server -eq $null) -and ($RoleIsDatacenter -ne $true) )
{
Update-RmsSharedIdentity -ServerName $RoleNetBIOSName
}
" was run: "Database is mandatory on UserMailbox.".
I will uninstall Exchange, try to delete all references to Exchange in AD and reinstall.
Log on to the domain controller with administrative credentials.
In Administrative Tools, click Active Directory Users and Computers.
In the Active Directory Users and Computers management console pane, click View from the toolbar menu and then select Advanced Features.
Locate the duplicate Microsoft Exchange System Objects container.
Verify the duplicate Microsoft Exchange System Objects container doesn’t contain valid Active Directory objects.
Right-click the duplicate Microsoft Exchange System Objects container, and then click Delete.
Confirm the deletion by clicking Yes in the Active Directory dialog box.
and I could at least start the installation that ended at step 8 Mailbox Role with this error:
Error:
The following error was generated when "$error.Clear();
if ( ($server -eq $null) -and ($RoleIsDatacenter -ne $true) )
{
Update-RmsSharedIdentity -ServerName $RoleNetBIOSName
}
" was run: "Database is mandatory on UserMailbox.".
I will uninstall Exchange, try to delete all references to Exchange in AD and reinstall.
Hi,
Don't delete wait before uninstallation please refer the below links the exact solution is given on the links mentioned below
https://exchangeshare.wordpress.com/2014/05/16/exchange-2013-sp1-install-error-database-is-mandatory-on-arbitration-mailboxes/
http://danblee.com/exchange-2013-error-during-install-database-is-mandatory-on-usermailbox-property-name-database/
Thanks
Manikandan
Don't delete wait before uninstallation please refer the below links the exact solution is given on the links mentioned below
https://exchangeshare.wordpress.com/2014/05/16/exchange-2013-sp1-install-error-database-is-mandatory-on-arbitration-mailboxes/
http://danblee.com/exchange-2013-error-during-install-database-is-mandatory-on-usermailbox-property-name-database/
Thanks
Manikandan
Hi,
The issue may occur due to one or more of the following reasons:
1. There are one or multiple System mailboxes in an inconsistent state because the HomeMDB attribute is missing.
2. The Federated mailbox is in an inconsistent state because the HomeMDB attribute is missing.
3. The Discovery Search mailboxes is in an inconsistent state because the HomeMDB attribute is missing.
In order to check to see if one of the above reasons applies, follow the steps below:
1. Run the following command in the Exchange Command Shell:
Get-Mailbox -Arbitration |fl name, alias
2. You may receive an error or errors from running the command above that one or two of the System Mailboxes and the Federated Mailbox are in an inconsistent state – see the following example results:
WARNING: The object xxxxx/xxxxx/SystemMailbox{ 1f05a927-9 daf-4003-9 bf7-036822 f96290} has been corrupted, and it's
in an inconsistent state. The following validation errors happened:
WARNING: Database is mandatory on UserMailbox.
WARNING: Database is mandatory on UserMailbox.
3. Run the following command in the Exchange Command Shell Get-Mailbox |fl name, alias on the Discovery Search Mailbox and look for the same error.
4. The error “Database is mandatory on UserMailbox” means that there is no value for the HomeMDB attribute for the mailbox in question – either one or two System Mailboxes, or the Federated Mailbox, or possibly the Discovery Search Mailbox.
RESOLUTION
1. Open ADSIEdit – go to the properties of a regular user with a mailbox on the same database as the particular System Mailbox, Federated Mailbox, or Discovery Search Mailbox and copy the correct HomeMDB attribute to the correct System Mailbox, Federated Mailbox, or Discovery Search Mailbox.
2. On the Domain Controller which you made the changes to the HomeMDB attribute for the 4 mailboxes, go to an elevated command prompt and Replicate the entire Forest using the following command:
repadmin /syncall /e - to replicate the entire forest
3. You should now successfully be able to search using the Discovery Search Mailbox using ECP.
Thanks
Manikandan
The issue may occur due to one or more of the following reasons:
1. There are one or multiple System mailboxes in an inconsistent state because the HomeMDB attribute is missing.
2. The Federated mailbox is in an inconsistent state because the HomeMDB attribute is missing.
3. The Discovery Search mailboxes is in an inconsistent state because the HomeMDB attribute is missing.
In order to check to see if one of the above reasons applies, follow the steps below:
1. Run the following command in the Exchange Command Shell:
Get-Mailbox -Arbitration |fl name, alias
2. You may receive an error or errors from running the command above that one or two of the System Mailboxes and the Federated Mailbox are in an inconsistent state – see the following example results:
WARNING: The object xxxxx/xxxxx/SystemMailbox{
in an inconsistent state. The following validation errors happened:
WARNING: Database is mandatory on UserMailbox.
WARNING: Database is mandatory on UserMailbox.
3. Run the following command in the Exchange Command Shell Get-Mailbox |fl name, alias on the Discovery Search Mailbox and look for the same error.
4. The error “Database is mandatory on UserMailbox” means that there is no value for the HomeMDB attribute for the mailbox in question – either one or two System Mailboxes, or the Federated Mailbox, or possibly the Discovery Search Mailbox.
RESOLUTION
1. Open ADSIEdit – go to the properties of a regular user with a mailbox on the same database as the particular System Mailbox, Federated Mailbox, or Discovery Search Mailbox and copy the correct HomeMDB attribute to the correct System Mailbox, Federated Mailbox, or Discovery Search Mailbox.
2. On the Domain Controller which you made the changes to the HomeMDB attribute for the 4 mailboxes, go to an elevated command prompt and Replicate the entire Forest using the following command:
repadmin /syncall /e - to replicate the entire forest
3. You should now successfully be able to search using the Discovery Search Mailbox using ECP.
Thanks
Manikandan
have you checked the health of your AD environment?
i'm seeing things like "Active Directory doesn't exist or cannot be contacted" and the forest functional level not at 2003 or higher which tells me there is something not right. Are the DNS servers correct? That forest functional message is not accurate else you wouldn't have been able to put in a 2012 R2 domain controller.
also, SP1 is the same as CU4 which is long out of support; CU8 is the latest you should be using
Cumulative Update 8 for Exchange Server 2013 (KB3030080)
http://www.microsoft.com/en-us/download/details.aspx?id=46373
i'm seeing things like "Active Directory doesn't exist or cannot be contacted" and the forest functional level not at 2003 or higher which tells me there is something not right. Are the DNS servers correct? That forest functional message is not accurate else you wouldn't have been able to put in a 2012 R2 domain controller.
also, SP1 is the same as CU4 which is long out of support; CU8 is the latest you should be using
Cumulative Update 8 for Exchange Server 2013 (KB3030080)
http://www.microsoft.com/en-us/download/details.aspx?id=46373
ASKER
Uninstalled everything with:
Setup /Mode:Uninstall /IAcceptExchangeServerLice nseTerms
Deleted the users:
Federatedemail, DiscoverySearchMailbox, HealthMailbox, Migration, SystemMailbox
Deleted OU "Microsoft Exchange Security Groups" e "Microsoft Exchange System Objects"
With ADSIedit configuration under Services deleted "Microsoft Exchange" and "Microsoft Exchange Autodiscover"
Setup /PrepareAD /OrganizationName: "My Organization" /IAcceptExchangeServerLice nseTerms
All ok until now
Run setup and at Step 10 Mailbox role Mailbox service
The following error was generated when "$error.Clear();
$name = [Microsoft.Exchange.Manage ment.Recip ientTasks. EnableMail box]::Disc overyMailb oxUniqueNa me;
$dispname = [Microsoft.Exchange.Manage ment.Recip ientTasks. EnableMail box]::Disc overyMailb oxDisplayN ame;
$dismbx = get-mailbox -Filter {name -eq $name} -IgnoreDefaultScope -resultSize 1;
if( $dismbx -ne $null)
{
$srvname = $dismbx.ServerName;
if( $dismbx.Database -ne $null -and $RoleFqdnOrName -like "$srvname.*" )
{
Write-ExchangeSetupLog -info "Setup DiscoverySearchMailbox Permission.";
$mountedMdb = get-mailboxdatabase $dismbx.Database -status | where { $_.Mounted -eq $true };
if( $mountedMdb -eq $null )
{
Write-ExchangeSetupLog -info "Mounting database before stamp DiscoverySearchMailbox Permission...";
mount-database $dismbx.Database;
}
$mountedMdb = get-mailboxdatabase $dismbx.Database -status | where { $_.Mounted -eq $true };
if( $mountedMdb -ne $null )
{
$dmRoleGroupGuid = [Microsoft.Exchange.Data.D irectory.M anagement. RoleGroup] ::Discover yManagemen t_InitInfo .WellKnown Guid;
$dmRoleGroup = Get-RoleGroup -Identity $dmRoleGroupGuid -DomainController $RoleDomainController -ErrorAction:SilentlyConti nue;
if( $dmRoleGroup -ne $null )
{
trap [Exception]
{
Add-MailboxPermission $dismbx -User $dmRoleGroup.Name -AccessRights FullAccess -DomainController $RoleDomainController -ErrorAction SilentlyContinue;
continue;
}
Add-MailboxPermission $dismbx -User $dmRoleGroup.Identity -AccessRights FullAccess -DomainController $RoleDomainController -WarningAction SilentlyContinue;
}
}
}
}
" was run: "Couldn't resolve the user or group "myorg.local/Microsoft Exchange Security Groups/Discovery Management." If the user or group is a foreign forest principal, you must have either a two-way trust or an outgoing trust.".
Now fingers crossed I'll download CU8....
Setup /Mode:Uninstall /IAcceptExchangeServerLice
Deleted the users:
Federatedemail, DiscoverySearchMailbox, HealthMailbox, Migration, SystemMailbox
Deleted OU "Microsoft Exchange Security Groups" e "Microsoft Exchange System Objects"
With ADSIedit configuration under Services deleted "Microsoft Exchange" and "Microsoft Exchange Autodiscover"
Setup /PrepareAD /OrganizationName: "My Organization" /IAcceptExchangeServerLice
All ok until now
Run setup and at Step 10 Mailbox role Mailbox service
The following error was generated when "$error.Clear();
$name = [Microsoft.Exchange.Manage
$dispname = [Microsoft.Exchange.Manage
$dismbx = get-mailbox -Filter {name -eq $name} -IgnoreDefaultScope -resultSize 1;
if( $dismbx -ne $null)
{
$srvname = $dismbx.ServerName;
if( $dismbx.Database -ne $null -and $RoleFqdnOrName -like "$srvname.*" )
{
Write-ExchangeSetupLog -info "Setup DiscoverySearchMailbox Permission.";
$mountedMdb = get-mailboxdatabase $dismbx.Database -status | where { $_.Mounted -eq $true };
if( $mountedMdb -eq $null )
{
Write-ExchangeSetupLog -info "Mounting database before stamp DiscoverySearchMailbox Permission...";
mount-database $dismbx.Database;
}
$mountedMdb = get-mailboxdatabase $dismbx.Database -status | where { $_.Mounted -eq $true };
if( $mountedMdb -ne $null )
{
$dmRoleGroupGuid = [Microsoft.Exchange.Data.D
$dmRoleGroup = Get-RoleGroup -Identity $dmRoleGroupGuid -DomainController $RoleDomainController -ErrorAction:SilentlyConti
if( $dmRoleGroup -ne $null )
{
trap [Exception]
{
Add-MailboxPermission $dismbx -User $dmRoleGroup.Name -AccessRights FullAccess -DomainController $RoleDomainController -ErrorAction SilentlyContinue;
continue;
}
Add-MailboxPermission $dismbx -User $dmRoleGroup.Identity -AccessRights FullAccess -DomainController $RoleDomainController -WarningAction SilentlyContinue;
}
}
}
}
" was run: "Couldn't resolve the user or group "myorg.local/Microsoft Exchange Security Groups/Discovery Management." If the user or group is a foreign forest principal, you must have either a two-way trust or an outgoing trust.".
Now fingers crossed I'll download CU8....
Hi,
The solution is to remove the Discovery Mailbox user account created as part of the PrepareAD and to run the Exchange setup again.
The Discovery mailbox user has to be re-created and a mailbox needs to be provisioned after Exchange installs successfully. I will explain the steps for that in my next post.
Here is how to re-create the Discovery Search Mailbox:
1. re-create the mailbox using:
Enable-Mailbox "DiscoverySearchMailbox {D919BA05-46A6-415f-80AD-7 E09334BB85 2}" -Arbitration
2. Add permissions to the Discovery Search Mailbox:
Add-MailboxPermission -Identity:”mydomain.local/ Users/Disc overySearc hMailbox {D919BA05-46A6-415f-80AD-7 E09334BB85 2}” -User:”Discovery Management” -AccessRights:”FullAccess”
Thanks
Manikandan
The solution is to remove the Discovery Mailbox user account created as part of the PrepareAD and to run the Exchange setup again.
The Discovery mailbox user has to be re-created and a mailbox needs to be provisioned after Exchange installs successfully. I will explain the steps for that in my next post.
Here is how to re-create the Discovery Search Mailbox:
1. re-create the mailbox using:
Enable-Mailbox "DiscoverySearchMailbox {D919BA05-46A6-415f-80AD-7
2. Add permissions to the Discovery Search Mailbox:
Add-MailboxPermission -Identity:”mydomain.local/
Thanks
Manikandan
ASKER
Hi,
I removed all the users created by Exchange and the only outcome I got a was a different error.
I updated the DC and downloaded Exchange CU8, today I will try a new installation in a new installed Windows 2012 machine.
I removed all the users created by Exchange and the only outcome I got a was a different error.
I updated the DC and downloaded Exchange CU8, today I will try a new installation in a new installed Windows 2012 machine.
ASKER
Now I get this error during mailbox role installation:
Error:
The following error was generated when "$error.Clear();
$name = [Microsoft.Exchange.Manage ment.Recip ientTasks. EnableMail box]::Disc overyMailb oxUniqueNa me;
$dispname = [Microsoft.Exchange.Manage ment.Recip ientTasks. EnableMail box]::Disc overyMailb oxDisplayN ame;
$dismbx = get-mailbox -Filter {name -eq $name} -IgnoreDefaultScope -resultSize 1;
if( $dismbx -ne $null)
{
$srvname = $dismbx.ServerName;
if( $dismbx.Database -ne $null -and $RoleFqdnOrName -like "$srvname.*" )
{
Write-ExchangeSetupLog -info "Setup DiscoverySearchMailbox Permission.";
$mountedMdb = get-mailboxdatabase $dismbx.Database -status | where { $_.Mounted -eq $true };
if( $mountedMdb -eq $null )
{
Write-ExchangeSetupLog -info "Mounting database before stamp DiscoverySearchMailbox Permission...";
mount-database $dismbx.Database;
}
$mountedMdb = get-mailboxdatabase $dismbx.Database -status | where { $_.Mounted -eq $true };
if( $mountedMdb -ne $null )
{
$dmRoleGroupGuid = [Microsoft.Exchange.Data.D irectory.M anagement. RoleGroup] ::Discover yManagemen t_InitInfo .WellKnown Guid;
$dmRoleGroup = Get-RoleGroup -Identity $dmRoleGroupGuid -DomainController $RoleDomainController -ErrorAction:SilentlyConti nue;
if( $dmRoleGroup -ne $null )
{
trap [Exception]
{
Add-MailboxPermission $dismbx -User $dmRoleGroup.Name -AccessRights FullAccess -DomainController $RoleDomainController -ErrorAction SilentlyContinue;
continue;
}
Add-MailboxPermission $dismbx -User $dmRoleGroup.Identity -AccessRights FullAccess -DomainController $RoleDomainController -WarningAction SilentlyContinue;
}
}
}
}
" was run: "Microsoft.Exchange.Data.C ommon.Loca lizedExcep tion: Couldn't resolve the user or group "donelligroup.local/Micros oft Exchange Security Groups/Discovery Management." If the user or group is a foreign forest principal, you must have either a two-way trust or an outgoing trust. ---> System.SystemException: The trust relationship between the primary domain and the trusted domain failed.
at System.Security.Principal. NTAccount. TranslateT oSids(Iden tityRefere nceCollect ion sourceAccounts, Boolean& someFailed)
at System.Security.Principal. NTAccount. Translate( IdentityRe ferenceCol lection sourceAccounts, Type targetType, Boolean forceSuccess)
at System.Security.Principal. NTAccount. Translate( Type targetType)
at Microsoft.Exchange.Configu ration.Tas ks.Securit yPrincipal IdParamete r.GetUserS idAsSAMAcc ount(Secur ityPrincip alIdParame ter user, TaskErrorLoggingDelegate logError, TaskVerboseLoggingDelegate logVerbose)
--- End of inner exception stack trace ---
at Microsoft.Exchange.Configu ration.Tas ks.Task.Th rowError(E xception exception, ErrorCategory errorCategory, Object target, String helpUrl)
at Microsoft.Exchange.Configu ration.Tas ks.Task.Wr iteError(E xception exception, ErrorCategory category, Object target)
at Microsoft.Exchange.Configu ration.Tas ks.Securit yPrincipal IdParamete r.GetUserS idAsSAMAcc ount(Secur ityPrincip alIdParame ter user, TaskErrorLoggingDelegate logError, TaskVerboseLoggingDelegate logVerbose)
at Microsoft.Exchange.Configu ration.Tas ks.Securit yPrincipal IdParamete r.GetSecur ityPrincip al(IRecipi entSession session, SecurityPrincipalIdParamet er user, TaskErrorLoggingDelegate logError, TaskVerboseLoggingDelegate logVerbose)
at Microsoft.Exchange.Managem ent.Recipi entTasks.S etMailboxP ermissionT askBase.In ternalVali date()
at Microsoft.Exchange.Managem ent.Recipi entTasks.A ddMailboxP ermission. InternalVa lidate()
at Microsoft.Exchange.Configu ration.Tas ks.Task.<P rocessReco rd>b__b()
at Microsoft.Exchange.Configu ration.Tas ks.Task.In vokeRetrya bleFunc(St ring funcName, Action func, Boolean terminatePipelineIfFailed) ".
Error:
The following error was generated when "$error.Clear();
$name = [Microsoft.Exchange.Manage
$dispname = [Microsoft.Exchange.Manage
$dismbx = get-mailbox -Filter {name -eq $name} -IgnoreDefaultScope -resultSize 1;
if( $dismbx -ne $null)
{
$srvname = $dismbx.ServerName;
if( $dismbx.Database -ne $null -and $RoleFqdnOrName -like "$srvname.*" )
{
Write-ExchangeSetupLog -info "Setup DiscoverySearchMailbox Permission.";
$mountedMdb = get-mailboxdatabase $dismbx.Database -status | where { $_.Mounted -eq $true };
if( $mountedMdb -eq $null )
{
Write-ExchangeSetupLog -info "Mounting database before stamp DiscoverySearchMailbox Permission...";
mount-database $dismbx.Database;
}
$mountedMdb = get-mailboxdatabase $dismbx.Database -status | where { $_.Mounted -eq $true };
if( $mountedMdb -ne $null )
{
$dmRoleGroupGuid = [Microsoft.Exchange.Data.D
$dmRoleGroup = Get-RoleGroup -Identity $dmRoleGroupGuid -DomainController $RoleDomainController -ErrorAction:SilentlyConti
if( $dmRoleGroup -ne $null )
{
trap [Exception]
{
Add-MailboxPermission $dismbx -User $dmRoleGroup.Name -AccessRights FullAccess -DomainController $RoleDomainController -ErrorAction SilentlyContinue;
continue;
}
Add-MailboxPermission $dismbx -User $dmRoleGroup.Identity -AccessRights FullAccess -DomainController $RoleDomainController -WarningAction SilentlyContinue;
}
}
}
}
" was run: "Microsoft.Exchange.Data.C
at System.Security.Principal.
at System.Security.Principal.
at System.Security.Principal.
at Microsoft.Exchange.Configu
--- End of inner exception stack trace ---
at Microsoft.Exchange.Configu
at Microsoft.Exchange.Configu
at Microsoft.Exchange.Configu
at Microsoft.Exchange.Configu
at Microsoft.Exchange.Managem
at Microsoft.Exchange.Managem
at Microsoft.Exchange.Configu
at Microsoft.Exchange.Configu
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The AD was so compromised I had to reinstall all the system
1. Upgrade your DC to 2008 or 2012
2. Decommission older DCs by moving FSMO rights to new DC(s)
3. Install Exchange