Cant open Exchange 2010 mailboxes by Exchange 2013 user, using MFCMAPI tool

Similar Messages

• OWA Error after Exchange 2010 Mailbox move to 2013

  Hello,
  We have been experiencing an issue when we move a users mailbox from Exchange 2010 on-prem to Exchange 2013 on-prem.  As a domain admin I was able to access the users mailbox via OWA 2010 with out issues.  However, now that they have been
  moved over to 2013 I am getting the following error message:
  X-OWA-Error: SDServerErr;Microsoft.Exchange.Data.Storage.AccessDeniedException
  X-OWA-Version: 15.0.995.28
  X-FEServer: CASServer
  X-BEServer: Mailboxserver.domain.com
  Date: 1/29/2015 5:27:38 PM
  Full Access permissions appear on the mailbox still via the 2013 ECP console for my account.  I have tried running the
  Set-Mailbox UserName -ApplyMandatoryProperties command but receive a message that no settings have been modified.
  I have also tried to remove/re-add inheritable permissions on the users AD account to no avail.
  I have a large group of mailboxes to move over to 2013 and hoping their is a decent solution out there to prevent this from happening.
  Greatly appreciate any feedback on this request.
  Cheers

  Hi,
  Please re-add the full access permission for the administrator:
  Get-Exchange Server "servername" | Get-Mailbox | Add-MailboxPermission -User Administrator -AccessRights FullAccess
  If Administrator is still located in Exchange 2010 and has the full access permission to an Exchange 2013 mailbox ([email protected]) which is moved from Exchange 2010, please use the following URL to open the mailbox:
  https://Exch13.domain.com/owa/[email protected]/
  Then check whether the issue persists.
  Regards,
  Winnie Liang
  TechNet Community Support

• Error in moving exchange 2010 mailboxes to Exchange 2013 SP1 during migration

  Dear All,
  We were running Exchange 2010 SP3 with MBX/HT/CAS role in single server. Now we are migrating our exchange 2010 to Exchange 2013 SP1. After configuring co-existence and during the mailbox move from Exchange 2010 to Exchange 2013 SP1, we are facing below
  error. Please help to troubleshot. As per our search on net, people were suggesting that it can be due to not able to resolve NetBIOS name. We checked same and we are able to ping both servers by NetBIOS and FQDN names.
  [PS] C:\Windows\system32>New-MoveRequest -Identity
  '[email protected]' -TargetDatabase "CI-DB01"
  MapiExceptionNetworkError: Unable to make connection to the server. (hr=0x80004005, ec=2423)
  Diagnostic context:
      Lid: 14744   dwParam: 0x0 Msg: EEInfo: Status: 1722
      Lid: 9624    dwParam: 0x0 Msg: EEInfo: Detection location: 323
      Lid: 13720   dwParam: 0x0 Msg: EEInfo: Flags: 0
      Lid: 11672   dwParam: 0x0 Msg: EEInfo: NumberOfParameters: 0
      Lid: 62184
      Lid: 16280   dwParam: 0x0 Msg: EEInfo: ComputerName: n/a
      Lid: 8600    dwParam: 0x0 Msg: EEInfo: ProcessID: 6004
      Lid: 12696   dwParam: 0x0 Msg: EEInfo: Generation Time: 0414-08-21T09:10:43.8970000Z
      Lid: 10648   dwParam: 0x0 Msg: EEInfo: Generating component: 18
      Lid: 14744   dwParam: 0x0 Msg: EEInfo: Status: 1237
      Lid: 9624    dwParam: 0x0 Msg: EEInfo: Detection location: 313
      Lid: 13720   dwParam: 0x0 Msg: EEInfo: Flags: 0
      Lid: 11672   dwParam: 0x0 Msg: EEInfo: NumberOfParameters: 0
      Lid: 62184
      Lid: 16280   dwParam: 0x0 Msg: EEInfo: ComputerName: n/a
      Lid: 8600    dwParam: 0x0 Msg: EEInfo: ProcessID: 6004
      Lid: 12696   dwParam: 0x0 Msg: EEInfo: Generation Time: 0414-08-21T09:10:43.8970000Z
      Lid: 10648   dwParam: 0x0 Msg: EEInfo: Generating component: 18
      Lid: 14744   dwParam: 0x0 Msg: EEInfo: Status: 10060
      Lid: 9624    dwParam: 0x0 Msg: EEInfo: Detection location: 311
      Lid: 13720   dwParam: 0x0 Msg: EEInfo: Flags: 0
      Lid: 11672   dwParam: 0x0 Msg: EEInfo: NumberOfParameters: 3
      Lid: 12952   dwParam: 0x0 Msg: EEInfo: prm[0]: Long val: 22964
      Lid: 15000   dwParam: 0x0 Msg: EEInfo: prm[1]: Pointer val: 0x0
      Lid: 15000   dwParam: 0x0 Msg: EEInfo: prm[2]: Pointer val: 0xFE01A8C000000000
      Lid: 62184
      Lid: 16280   dwParam: 0x0 Msg: EEInfo: ComputerName: n/a
      Lid: 8600    dwParam: 0x0 Msg: EEInfo: ProcessID: 6004
      Lid: 12696   dwParam: 0x0 Msg: EEInfo: Generation Time: 0414-08-21T09:10:43.8970000Z
      Lid: 10648   dwParam: 0x0 Msg: EEInfo: Generating component: 18
      Lid: 14744   dwParam: 0x0 Msg: EEInfo: Status: 10060
      Lid: 9624    dwParam: 0x0 Msg: EEInfo: Detection location: 318
      Lid: 13720   dwParam: 0x0 Msg: EEInfo: Flags: 0
      Lid: 11672   dwParam: 0x0 Msg: EEInfo: NumberOfParameters: 0
      Lid: 53361   StoreEc: 0x977
      Lid: 51859
      Lid: 33649   StoreEc: 0x977
      Lid: 43315
      Lid: 58225   StoreEc: 0x977
      Lid: 39912   StoreEc: 0x977
      Lid: 54129   StoreEc: 0x977
      Lid: 50519
      Lid: 59735   StoreEc: 0x977
      Lid: 59199
      Lid: 27356   StoreEc: 0x977
      Lid: 65279
      Lid: 52465   StoreEc: 0x977
      Lid: 60065
      Lid: 33777   StoreEc: 0x977
      Lid: 59805
      Lid: 52487   StoreEc: 0x977
      Lid: 19778
      Lid: 27970   StoreEc: 0x977
      Lid: 17730
      Lid: 25922   StoreEc: 0x977
      + CategoryInfo          : NotSpecified: (:) [New-MoveRequest], RemoteTransientException
      + FullyQualifiedErrorId : [Server=Exch01,RequestId=f6886977-92f1-4148-991b-aa76b449aff5,TimeStamp=8/21/2014 9:1
     0:43 AM] [FailureCategory=Cmdlet-RemoteTransientException] 7FCC37,Microsoft.Exchange.Management.RecipientTasks.New
  MoveRequest
    + PSComputerName        : Exch01.domain.local
  Please help as we are stuck here!!
  Thanks in advance!!

  Can yo ping server by name not by FQDN? e.g. ping server1.
  Make sure firewall/antivirus not blocking communication. Disable antivirus and try
  Thanks,
  MAS
  Please mark as helpful if you find my comment helpful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

• Exchange 2010 mailbox prompts for authentication to Exchange 2013 mailbox

  I am in the process of a 2010 to 2013 migration. The only issue I can't seem to manage is an authentication issue with Outlook 2010. My Outlook profile consists of my Exchange 2013 mailbox and a shared mailbox on Exchange 2010. Initially, Outlook was prompting
  for authentication to the Exchange 2010 mailbox. Regardless of whether I entered the correct credentials or simply cancelled the prompt, I still had full access to both mailboxes (including Public Folders on 2010). The authentication prompt was removed with
  the following command:
  Get-OutlookAnywhere -Server my2013exchserver | Set-OutlookAnywhere -InternalClientsRequireSsl $true
  The second issue I now have is the reverse of the above: an Exchange 2010 user is prompted for authentication to an Exchange 2013 mailbox. How do I begin to troubleshoot this problem - should I run the same command (above) on 2010? I don't quite understand
  how Outlook communicates with Exchange but I am thinking there is an incorrect setting on one of the Virtual Directories(?).
  Many thanks.

  Hi Dennis,
  Please open Outlook - press CTRL key - right click on the Outlook icon from right bottom corner taskbar –Connection Status to check the connection for your Exchange 2010 mailbox with shared 2013 mailbox. The following example in my test results:
  Please check your connection authentication. We can  run the following command to set your Outlook Anywhere for Exchange 2013:
  Set-OutlookAnywhere -Identity "E15-01\Rpc (Default Web Site)" -InternalClientAuthenticationMethod Ntlm -ExternalClientAuthenticationMethod Basic -ExternalClientsRequireSsl $True -InternalClientsRequireSsl $true
  In Outlook side, please ensure the following settings in Account Settings:
  In Security tab, make sure Always prompt for logon credentials is unchecked and Logon network security is set to Negotiate Authentication.
  Regards,
  Winnie Liang
  TechNet Community Support

• Exchange 2013 / 2010 co-existence - Outlook won't connect to Exchange 2010 mailboxes

  Greetings!  I have a lab set up at home where I have been testing co-existence of Exchange 2013 and 2010 for a future corporate upgrade project.
  I am running into some odd behavior.  Any mailbox that has been migrated to Exchange 2013 works just fine, however, when I try to set up Outlook for a mailbox still on Exchange 2010 I  receive errors.  OWA works just fine for these Exchange
  2010 mailboxes, it is just Outlook that has the problem.  This is what I am running into:
  1. Outlook uses autodiscover to locate server settings.  It fails at the 'logging on to mail server' step saying that Exchange isn't available; Outlook must be connected, etc.
  2. It then gives me the settings box for Exchange server and Mailbox.  This is auto populated with one of the Exchange 2013 servers (there are 3 of them, all have both MBX and CAS role).  If I then change the server to the Exchange 2010 CAS server,
  and hit 'check names', it underlines the very same entries (like it found them this time) that were there initially and goes on to finish the configuration.
  3. When I launch Outlook with this Exchange 2010 user, it fails to open with the error message that the set of folders couldn't be opened.
  I've been doing as much research on this as I can.  I've tried disabling IPv6 to no avail.  It seems as if perhaps the issue is with Exchange 2013 proxying the request back to the Exchange 2010 servers but I am not sure what to check in that regards. 
  Any suggestions?  Thanks in advance!

  Hi,
  Don´t disable IPV6 on an Exchange Server, it is, in my opinion not necessary - also applies for AD.
  You can use your original SSL Cert for your new Ex 2013 environment.
  In dns you want two host A records: mail.domain.com and autodiscover.domain.com
  On your 2013 set your internal and external virtual directories to mail.domain.com
  leave autodiscover and Powershell alone.
  Also set the autodiscover URI to your Certificate name ie. mail.domain.com
  Set-ClientAccessServer -Identity "YourCASServer" -AutoDiscoverServiceInternalUri "https://mail.domain.com/autodiscover/autodiscover.xml"
  Thanks.  I wanted to give some additional info before I run any commands.  I currently have an A record for autodiscover and it is pointed to the Exchange 2013 DAG/cluster IP.  I have a 3 entries for mail.domain, for DNS round robin; basically
  it is listed 3 times for the IP of each of my Exchange 2013 servers.  Does any of this sound problematic?

• Exchange 2010 mailbox not able to access auto-mapped Exchange 2013 CU3 mailbox

  Hi,
  We are in co-existence with Exchange 2010 SP3 and Exchange 2013 CU3.
  Outlook Anywhere and Autodiscover pointed towards Exchange 2013 CAS servers.  Everything works fine irrespective where is mailbox is located Exchange 2010 or 2013.
  When I tried to access auto-mapped mailbox from Exchange 2010 as primary mailbox accessing auto-mapped Exchange 2013 mailbox "Cannot expand the folder. The set of folders cannot be opened. Microsoft Exchange is not available. Either there are network
  problems or the Exchange server is down for maintenance".
  Exchange 2013 OutlookAnywhere "Externalclientauthenticationmethod" is Basic and "Internalclientauthencitcationmethod" is NTLM.  Everything is setup as per the Tech-net recommendations.
  Checked both these articles but still it is not working:
  http://support.microsoft.com/kb/2839517
  http://support.microsoft.com/kb/2834139
  Please let me know if there are any other ideas.
  Raman

  Hi,
  I recommend you refer to the following articles to troubleshoot the issue:
  Troubleshooting Mailbox Auto-Mapping : Autodiscover
  Details about the shared mailbox that is to be accessed will be returned to the Outlook client by the autodiscover process. This is really handy to know if you are ever in the position where you need to troubleshoot why the auto-mapping feature isn’t working
  correctly
  Troubleshooting Mailbox Auto-Mapping : Permissions
  When you use either the Exchange Management Console or the Exchange Management Shell to grant a user with full access permission against another mailbox, permissions changes are made to allow this as you might expect. Certain Active Directory attributes
  are also updated to reflect both the Active Directory account of the mailbox being accessed as well as the Active Directory account of the accessing mailbox. Specifically, you can check the contents of the msExchDelegateListLink and msExchDelegateListBL Active
  Directory attributes to see these details and it is worth checking these if you have any suspicions that things aren’t working correctly.
  Hope this helps!
  Thanks.
  Niko Cheng
  TechNet Community Support

• Auto-Mapping Exchange 2013 Mailboxs in an Exchange 2010 Mailbox

  We're in the middle of migrating mailboxes from Exchange 2010 to Exchange 2013. Many of our users have Auto-Mapped mailboxes as well. In my testing, I've found that I cannot Auto-Map a mailbox that's on Exchange 2013 in a Exchange 2010 mailbox. I can manually
  add it and it works fine. Is this by design with this type of coexistence or is there a fix for it? Our current Exchange 2010 environment is at SP3 with UR2.
  Orange County District Attorney

  This issues is fixed in UR5 so suggest you to upgrade Exchange 2010 to SP3 UR5.
  Reference Thread: http://social.technet.microsoft.com/Forums/exchange/en-US/a2aa4163-f74b-401f-aec5-13324e6b29c8/exchange-2010-mailbox-not-able-to-access-automapped-exchange-2013-cu3-mailbox?forum=exchangesvradmin
  Blog |
  Get Your Exchange Powershell Tip of the Day from here

• Exchange 2010 coexist with exchange 2013

  Hi All ,
  Planning to have a coexistence scenario in my environment which is mentioned below
  Exchange 2010 - ambiguous url in place - OA enabled 
  For mapi/rpc traffic - mail.domain.in -  exchange 2010
  For https traffic - mail.domain.in - exchange 2010
  mail.domain.in will get resolved in to cas array in exchange 2010 .
  After coexistence On our side we are not going to move the mail.domain.in namespace to exchange 2013 , Instead of that we are going to use a new namespace in exchange 2013 for internal outlook anywhere and it will be outlookmail.domain.in and for the remaining
  exchange 2013 services like pop,imap,owa,active sync url's,external OA will be having mail.domain.in as same as exchange 2010 namespace.
  just consider outlookmail.domain.in is available on the san certificate installed in exchange 2013.
  Note : 
  On my ide I would assume Internal outlook 2010 mapi users will connect directly to exchange 2010 servers on the namespace mail.domain.in
  Likewise i would assume Internal outlook anywhere 2013 users will connect directly to exchange 2013 servers on the namespace outlookmail.domain.in
  Services like pop,imap,owa,active sync ,external OA connections for both exchange 2010 and exchange 2013 from the external world will be routed from firewall to exchange 2013 servers .Then https traffic for exchange 2010 mailbox users will be proxied to 2010
  exchange server via exchange 2013 server.
  question : I would like to know above mentioned scenario is possible or not ?
  On my side I know in my environment i am having ambiguous url's in place and at the same time i don't want the exchange 2010 internal outlook users to connect via exchange 2013 rpc over http even though OA is enabled on exchange 2010.
  So simply i can say i need my internal exchange 2010 mailbox users has to connect via tcp/ip.
  All of you tell me your valuable suggestions.
  Regards
  S.Nithyanandham

  Hi,
  Going Straight to the point... and answering your question...
  The scenario above IS possible For a while... But going ahead in the migration process, You'd face problems once the Exch2013 doesn't know how to handle MAPI connections:
  As per Exchange Team...
  In this scenario where both the MAPI/RPC and HTTP workloads are using the same FQDN you cannot successfully move the FQDN to CAS 2013 without
  breaking your MAPI/RPC client connectivity entirely. I repeat, your MAPI/RPC clients will start failing to connect via MAPI/RPC once
  their DNS cache expires after the shared FQDN is moved to CAS 2013.
  As their recommendation, and I would tell you too by experience, the best option is to really use different internal and external URLs for the clients to connect to.
  change your design to use a specific internal-only FQDN for MAPI/RPC clients. If you are in the middle of a 2010 deployment using an Ambiguous
  URL I recommend you change your ClientAccessArray FQDN to a unique name and update the mailbox database RpcClientAccessServer values
  on all Exchange 2010 mailbox databases accordingly. Fixing this item mid-migration to Exchange 2010 or even in your fully migrated environment will ensure any newly created or manually repaired Outlook profiles are protected, but it will not automatically
  fix existing Outlook clients with the old value in the server field. 
  So the overall for this first point is to enable the OA for all internal users, so as to ease the migration process in the future, even if for the time being its not necessary.
  Also another point you should take into consideration is the version of yours OLK versions, as the minimum supported are as per below:
  Outlook 2007: 12.0.6665.5000 (SP3 + the November 2012 Public Update or any later PU)
  Outlook 2010: 14.0.6126.5000 (SP1 + the November 2012 Public Update or any later PU)
  Outlook 2013: 15.0.4420.1017 (RTM or later)
  I don't know the size of you network, but it might be necessary for you to use an inventory tool in order to identify that.
  As advised, its really worthy to have a look at the following article, thus to clarify your view about this issue.
  Ambiguous URLs and their effect on Exchange 2010 to Exchange 2013 Migrations
  From <http://blogs.technet.com/b/exchange/archive/2013/07/17/3574451.aspx> 
  Hope it can help you!
  Cheers,
  Think before you ask, give detail as much as possible, then ask and you will get help! Always have in mind, people do not guess! :)

• Exchange 2010 in a Exchange 2013 Environment

  I am trying to install Exchange 2010 in an Exchange 2013 environment which was migrated from Exchange 2007 earlier.
  Exchange 2010 sp1 Mailbox and Hub roles installed fine however I cannot install the CAS role. Saw some references to change the OAB to a non exchange 2013 version - however that is the only version we have = OAB 2013.
  This is the error I get:-
  Error:
  The following error was generated when "$error.Clear();
          get-OfflineAddressBook -DomainController $RoleDomainController | where { $_.IsDefault } | Enable-OabWebDistribution
          " was run: "The object is read-only because it was created in a version of Exchange later than Exchange 0.20 (15.0.0.0). Current supported version is 0.10 (14.0.100.0).".
  The object is read-only because it was created in a version of Exchange later than Exchange 0.20 (15.0.0.0). Current supported version is 0.10 (14.0.100.0).
  Click here for help...
  http://technet.microsoft.com/en-US/library/ms.exch.err.default(EXCHG.141).aspx?v=14.1.218.11&e=ms.exch.err.Ex88D115&l=0&cl=cp
  Elapsed Time: 00:02:15
  Finalizing Setup
  Cancelled
  Regards, Vik Singh "If this thread answered your question, please click on "Mark as Answer"

  Hi,
  Please temporary remove all the OAB objects then try re-install the CAS server again.
  After installing CAS server, we can re-build the OAB on Exchange 2013.
  More details in the following articles:
  Remove-OabVirtualDirectory
  http://technet.microsoft.com/en-us/library/aa995963(v=exchg.150).aspx
  New-OabVirtualDirectory
  http://technet.microsoft.com/en-us/library/bb123735(v=exchg.150).aspx
  Hope it is helpful.
  If the CAS server still cannot be installed, please post the details of setup log. 
  Thanks
  Mavis

• Moving Exchange 2010 Mailbox replicated databases path in DAG environments.

  Hi there,
  I’m trying to get some feedback on the topic of moving Exchange 2010 Mailbox replicated databases path in DAG environments.
  Here is the situation: I currently have a 3-Node DAG (Node 1 and Node 2 are in my main datacenter, and Node 3 in my Disaster Recovery (DR) site in a remote location.
  I have DB copies in Node 2 and Node 3. The thing is that the DB copies in Node 2 are in an older storage box and since we got a new storage box, I need to move the DBs and related logs of Node 2 to the new storage box
  I have found some information about how to deal with this (below I’m listing a KB link) but I would like to reconfirm a couple of things to make sure I’m understanding this correctly
  Move the Mailbox Database Path for a Mailbox Database Copy:
  https://technet.microsoft.com/en-us/library/dd979782%28v=exchg.141%29.aspx
  According to the KB: “If the mailbox database being moved is replicated to one or more mailbox database copies, you must follow the procedure in this topic to move the mailbox
  database path”
  Would this apply to my case even when I’m moving the BDs copies and Logs on Node 2 as opposed to Node 1 where the source DBs are?
  On step #3 in the procedure, you are supposed to “Remove all mailbox database copies for the database being moved. After all copies are removed, preserve the database and transaction log files from each server from which the database copy is being removed
  by moving them to another location. These files are being preserved so the database copies do not require re-seeding after they have been re-added.”
  Then in Step # 7, you are supposed to “Add all of the database copies that were removed in Step #3”
  As far as I know, when you add a copy of a database, Exchange creates the copy DB and starts to seed the replica servers with an up to date copy of the DB and all the current transaction logs at that point…according to the instructions
  above, you are supposed to re-add the DB copied we preserved...does it mean that we need to wait for the DBs seed process to finish after “adding the DB copy” and then replace the new DBs copies and logs created by the “Add database copy” function with the
  DB and logs preserved in Step #3?
  Thanks in advance for your feedback!
  FT
  FT

  Hi there,
  What the article is stating is that once you have removed the copies you can keep the existing transaction log files and database edb file to allow you not to have to do a full seed. You can do this by using the -seedingpostponed parameter in
  Add-MailboxDatabaseCopy
  However, and quite honestly, if your database isn't that big and your are not worried about performing a full copy of the database again to the other DAG members once you have moved your database to its preferred new location, just add the copy in the normal
  way and remove the legacy files afterwards.
  Oliver Moazzezi | Exchange MVP, MCSA:M, MCITP:Exchange 2010,Exchange 2013, BA (Hons) Anim | http://www.exchange2010.com | http://www.cobweb.com | http://twitter.com/OliverMoazzezi

• Exchange 2010 Mailbox automapping issues after updated to Rollup 5 for Exchange Server 2010 SP3

  Hi,
  i have problem with Outlook Uses who have Full Access on other mailbox.
  An authentication window pop up very time a user start Outlook.
  If i remove the access everything is ok.
  if i insert manual the mailbox everything is ok
  The System was for 3 days ago updated to Rollup 5 for Exchange Server 2010 SP3
  Before the update, was no issue.
  i will appreciated any help
  Thanks

  Same issue here. Ever since we installed Update Rollup 5 for SP3 Exchange 2010 mailboxes that were auto mapped are not accessible. They all get the same error.
  Cannot expand the folder. The set of folders cannot be opened. The attempt to log on to the Microsoft Exchange has failed.
  What I have been doing is removing the users permission, then adding them back using the noautomap switch in Powershell. After doing that, the user manually adds the mailbox and all is well.
  Just a note here, I suspect it may have something to do with the version of Outlook 2010. We are running an older version here. I think only SP1 with no other incremental updates. Office is up to SP2. Also, one of the users I was working with could not access
  the mailbox no matter what we tried but she can walk over to another workstation and open Outlook and access the very same mailbox so that pretty much proves its software related particularly with Outlook.
  I cannot reproduce the problem on a workstation (XP) with a newer version of Outlook.
  This has been wearing me out and I suspected the Update Rollup all long. Now I am confident as others are having the same problem. If you find out anything on how to fix this other than the steps above, let me know.

• Outlook 2007 Clients Cannot Access Free/Busy Calendar info. for Exchange 2010 Mailbox

  Hi:
  I have Outlook 2007 clients that cannot access Free/Busy Calendar info. for Exchange 2010 mailboxes.  They receive error like "...you do not have appropriate permissions..."
  If those same users logon to a machine running Outlook 2010 then they can view the free/busy info. of the other user's mailbox, so I believe the permissions are set correctly on the mailbox to allow the viewing.
  Any insights are greatly appreciated!
  Thank you!
  Bob Herman IT Tropolis

  Hi Herman,
  As you said, it seems users have proper permissions on mailbox.
  Please make sure users has Reviewer permission on Outlook 2007.
  Please try to run Outlook 2007 under safe mode or re-create profile.
  Also try to turn Outlook 2007 to Exchange Online mode from Cached mode.
  Thanks
  Mavis Huang
  TechNet Community Support

• Can't move Exchange 2003 mailbox to Exchange 2010 Resource forest (Linked Mailbox)

  Problem Description:
  Can’t move Exchange 2003 mailbox to Exchange 2010 resource forest
  Error message:
  Failed to reconnect to Active Directory server SRVUMVMDC02.umfolozi.local. Make sure the server is available, and that you have used the correct credentials.
  Source Environment Configuration:
  Active Directory
  FQDN: umfolozi.local
  Domain name (pre-Windows 2000): UMFOLOZI
  Domain Function Level: Windows Server 2003
  Domain Controllers:
  Hostname
  OS
  Operation Master
  SRVUMVMDC01.umfolozi.local
  Windows Server 2008 R2 Standard SP1
  Schema Master, Domain Naming, RID, PDC
  SRVUMVMDC01.umfolozi.local
  Windows Server 2008 R2 Standard SP1
  Infrastructure
  Exchange
  Version: Microsoft Exchange 2003 Standard SP2 Build 7638.2
  Server Information:
  Hostname
  OS
  TUSKUMFMAIL.umfolozi.local
  Windows Server 2003 R2 SP2
  DNS Zones
  Zone Name
  Zone Type
  Domain Controllers
  umfolozi.local
  Active Directory-Integrated (Primary)
  SRVUMVMDC01.umfolozi.local
  SRVUMVMDC01.umfolozi.local
  peermont.com
  Secondary
  SRVPGVMDC01.peermont.com
  SRVPGVMDC02.peermont.com
  Trusts
  Domain Name
  Trust Type
  Transitive
  Validated
  peermont.com
  Forest
  Yes
  Yes
  Target Environment Configuration:
  Active Directory
  FQDN: peermont.com
  Domain name (pre-Windows 2000): PG
  Domain Functional Level: Windows Server 2008 R2
  Domain Controllers:
  Hostname
  OS
  Operation Master
  SRVPGVMDC01.peermont.com
  Windows Server 2008 R2 Std SP1
  SRVPGVMDC02.peermont.com
  Windows Server 2008 R2 Std SP1
  Domain naming, RID, PDC, Infrastructure, Schema Master
  Exchange
  Resource Exchange Forest
  Server Information:
  Hostname
  OS
  Role
  Version
  Client Access Array
  SRVPGVMEXCH01.peermont.com
  Windows Server 2012 Std
  HUB, CAS
  Version 14.3 (Build 123.4)
  exchange.peermont.com
  SRVPGVMEXCH02.peermont.com
  Windows Server 2012 Std
  HUB, CAS
  Version 14.3 (Build 123.4)
  exchange.peermont.com
  Hostname
  OS
  Role
  Version
  Database Availibility Group
  SRVPGVMEXCH03.peermont.com
  Windows Server 2012 Std
  MBX
  Version 14.3 (Build 123.4)
  PeermontDAG
  SRVPGVMEXCH04.peermont.com
  Windows Server 2012 Std
  MBX
  Version 14.3 (Build 123.4)
  PeermontDAG
  DNS Zones
  Zone Name
  Zone Type
  Domain Controllers
  peermont.com
  Active Directory-Integrated (Primary)
  SRVPGVMDC01.peermont.com
  SRVPGVMDC02.peermont.com
  umfolozi.local
  Secondary
  SRVUMVMDC01.umfolozi.local
  SRVUMVMDC01.umfolozi.local
  Trusts       
  Domain Name
  Trust Type
  Transitive
  Validated
  umfolozi.local
  Forest
  Yes
  Yes
  Migration Process
  Task
  Description
  Successful/Error
  1
  SYNC AD Domain account from source forest (umfolozi.local) to target forest (peermont.com) using BinaryTree SMART Directory Sync (ADMT can be used as alternative)
  Successful
  2
  Create mailed enabled user
  Successful
  3
  Run Prepare-MoveRepuest with –OverWriteLocalObject
  Command Example:
  .\Prepare-MoveRequest.ps1 -Identity [email protected] -RemoteForestDomainController SRVUMVMDC01.umfolozi.local
  -RemoteForestCredential $RemoteCredentials -UseLocalObject -LocalForestDomainController SRVPGVMDC01.peermont.com -LocalForestCredential $LocalCredentials -OverWriteLocalObject
  Successful
  4
  Submit mailbox request
  Command Example:
  New-MoveRequest -Identity "0fa7d17e-3637-4708-a51b-f14eaae17968" -BadItemLimit "50" -TargetDeliveryDomain
  "internal.peermont.com" -TargetDatabase "{c5d6ea95-07b3-4a52-9868-e41e808a76fe}" -RemoteCredential (Get-Credential "umfolozi\svcmigration") -RemoteGlobalCatalog "SRVUMVMDC02.umfolozi.local" -RemoteLegacy:$True
  Error
  All the standard migration task works as expected until the mailbox migration move request is submitted. See move request verbose detail below:
  [PS] C:\Windows\system32>New-MoveRequest -Identity "0fa7d17e-3637-4708-a51b-f14eaae17968" -BadItemLimit "50" -TargetDeli
  veryDomain "internal.peermont.com" -TargetDatabase "{c5d6ea95-07b3-4a52-9868-e41e808a76fe}" -RemoteCredential (Get-Crede
  ntial "umfolozi\svcmigration") -RemoteGlobalCatalog "SRVUMVMDC02.umfolozi.local" -RemoteLegacy:$True -Verbose
  VERBOSE: [11:34:27.346 GMT] New-MoveRequest : Active Directory session settings for 'New-MoveRequest' are: View Entire
  Forest: 'False', Default Scope: 'peermont.com', Configuration Domain Controller: 'SRVPGVMDC02.peermont.com', Preferred
  Global Catalog: 'SRVPGVMDC02.peermont.com', Preferred Domain Controllers: '{ SRVPGVMDC02.peermont.com }'
  VERBOSE: [11:34:27.362 GMT] New-MoveRequest : Runspace context: Executing user: peermont.com/Admin/Users/Admin
  Accounts/Information Technology/SoarSoft/Johann Van Schalkwyk, Executing user organization: , Current organization: ,
  RBAC-enabled: Enabled.
  VERBOSE: [11:34:27.362 GMT] New-MoveRequest : Beginning processing &
  VERBOSE: [11:34:27.362 GMT] New-MoveRequest : Instantiating handler with index 0 for cmdlet extension agent "Admin
  Audit Log Agent".
  WARNING: When an item can't be read from the source database or it can't be written to the destination database, it
  will be considered corrupted. By specifying a non-zero BadItemLimit, you are requesting that Exchange not copy such
  items to the destination mailbox. At move completion, these corrupted items won't be available in the destination
  mailbox.
  VERBOSE: [11:34:27.362 GMT] New-MoveRequest : Searching objects "{c5d6ea95-07b3-4a52-9868-e41e808a76fe}" of type
  "MailboxDatabase" under the root "$null".
  VERBOSE: [11:34:27.362 GMT] New-MoveRequest : Previous operation run on domain controller 'SRVPGVMDC02.peermont.com'.
  VERBOSE: [11:34:27.393 GMT] New-MoveRequest : Current ScopeSet is: { Recipient Read Scope: {{, }}, Recipient Write
  Scopes: {{, }}, Configuration Read Scope: {{, }}, Configuration Write Scope(s): {{, }, }, Exclusive Recipient Scope(s):
   {}, Exclusive Configuration Scope(s): {} }
  VERBOSE: [11:34:27.393 GMT] New-MoveRequest : Searching objects "0fa7d17e-3637-4708-a51b-f14eaae17968" of type "ADUser"
   under the root "$null".
  VERBOSE: [11:34:27.471 GMT] New-MoveRequest : Previous operation run on domain controller 'SRVPGVMDC02.peermont.com'.
  VERBOSE: [11:34:27.471 GMT] New-MoveRequest : Processing object "$null".
  VERBOSE: [11:34:27.487 GMT] New-MoveRequest : [DEBUG] No RequestJob messages found.
  VERBOSE: [11:34:27.487 GMT] New-MoveRequest : [DEBUG] MDB c5d6ea95-07b3-4a52-9868-e41e808a76fe found to belong to Site:
   peermont.com/Configuration/Sites/Peermont
  VERBOSE: [11:34:27.487 GMT] New-MoveRequest : [DEBUG] MRSClient: attempting to connect to 'SRVPGVMEXCH02.peermont.com'
  VERBOSE: [11:34:27.627 GMT] New-MoveRequest : [DEBUG] MRSClient: connected to 'SRVPGVMEXCH02.peermont.com', version
  14.3.178.0 caps:07
  VERBOSE: [11:34:27.627 GMT] New-MoveRequest : [DEBUG] Loading source mailbox info
  VERBOSE: [11:34:28.844 GMT] New-MoveRequest : Failed to reconnect to Active Directory server
  SRVUMVMDC02.umfolozi.local. Make sure the server is available, and that you have used the correct credentials. --> A
  local error occurred.
  VERBOSE: [11:34:28.844 GMT] New-MoveRequest : Admin Audit Log: Entered Handler:OnComplete.
  Failed to reconnect to Active Directory server SRVUMVMDC02.umfolozi.local. Make sure the server is available, and that
  you have used the correct credentials.
      + CategoryInfo          : NotSpecified: (0:Int32) [New-MoveRequest], RemoteTransientException
      + FullyQualifiedErrorId : F48FD74B,Microsoft.Exchange.Management.RecipientTasks.NewMoveRequest
      + PSComputerName        : srvpgvmexch02.peermont.com
  VERBOSE: [11:34:28.859 GMT] New-MoveRequest : Ending processing &
  Troubleshooting Performed
  1. When submitting mailbox move request tried the following credential inputs:
  1.1. DOMAIN\Username
  1.2. FQDN\Username
  1.3. userPrincipalName
  2. Confirmed domain trust between source and target domain is in place and validated.
  3. Confirmed name resolution in source and target domain is functioning as expected.
  4. Confirmed network connectivity between source and target domain controllers as well as source and target exchange servers.
  5. Tried to create new Linked Mailbox to account in source forest, can’t select Global Catologue via the wizard;
  Tried to specify the credentials for the account forest and got the following error when tried to select Global Catalog from wizard:

  The error talk about the credential. Did you check the credential
  Did you tried this command?
  New-MoveRequest -Identity "Distinguished name of User in Target Forest" -RemoteLegacy -TargetDatabase "E2K10 Mailbox Database Name" -RemoteGlobalCatalog "FQDN of Source DC" -RemoteCredential $Remote -TargetDeliveryDomain "Target
  domain name"
  http://blogs.technet.com/b/exchange/archive/2010/08/10/3410619.aspx
  Cheers,
  Gulab Prasad
  Technology Consultant
  Blog:
  http://www.exchangeranger.com    Twitter:
    LinkedIn:
     Check out CodeTwo’s tools for Exchange admins
  Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

• Migration From Exchange 2010 Hybrid to Exchange 2013 Hybrid Deployment

  hi,
  I have existing Exchange Server 2010 Hybrid Deployment. Planning to migrate to Exchange 2013. However, while schema update, i am facing some errors/warnings as can be seen in attached screenshot. 
  I have already checked and current functional level in DC is Windows Server 2003. What could be the best steps to troubleshoot the problems and proceed further with Exchange 2013 installation?
  Thanks

  Hi Muhammad
  Can you please give few more information about your environment  so that people around here can help you out
  I have existing Exchange Server 2010 Hybrid Deployment - Do you have Exchange 2010 and Office 365 in a
  hybrid setup now ?
  Are you trying to upgrade your on premise Exchange 2010 servers to Exchange 2013 ?
  Or Are you trying to migrate your on premise Exchange 2010 to a different forest to Exchange 2013 ?
  You can try the below suggestions-
  I would better suggest you to follow Microsoft Exchange Server Deployment Assistant - http://technet.microsoft.com/en-us/office/dn756393.aspx
  Also i would recommend you to check the prerequisites for hybrid deployment with office 365 
  http://technet.microsoft.com/en-us/library/hh534377(v=exchg.150).aspx
  Cheers !!!
  Remember to mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you Check out my latest blog posts on http://exchangequery.com Thanks Sathish
  (MVP)

• How to monitor particular individual Exchange 2010 mailbox

  Hi
  Is it possible to monitor a particular individual Exchange 2010 mailbox? If so please send me the script or steps to to accomplish this
  Donald D'souza (http://donald-scom.blogspot.com/)

  The Exchange 2010 MP has had some issues of late and is once again unavailable. Hopefully this should be rectified soon. Keep an eye on the Management Pack forum and someone should post there once it is back.
  I appreciate the Exchange team are looking for ways to get extra monitoring from SCOM and I'm certainly not saying you can't do mailbox monitoring with SCOM. I'm just saying be careful. I have seen one enterprise write a discovery to discover the
  mailboxes they wanted to monitor. The discovery captured data that changed every iteration that the discovery ran. They then wondered why SCOM stopped working, ignoring the fact that they had discovered thousands of objects whose properties changed every
  time discovery ran, causing huge numbers of state change events and massive database growth.
  If you are looking for in-depth exchange mailbox monitoring then SCOM is not the tool for it. Quest and Sirana do dedicated enterprise tools. If you take a look at the links and say that is what your team want then I'd suggest evaluating those
  products. Developing SCOM to deliver that would not be cost efficient.
  Hope you don't mind but I'll ask again - what specifically do you want to monitor? Mailbox Size? Number of emails sent \ received? size of message sent? destination? number of attachments? size of attachments? blocked messages? If you need deep detail
  along the lines of the following then you really need to evaluate the following:
  http://www.sirana.com/exchange/reporting
  If you end up writing scripts to do all the above then you will likely severely impact performance of either SCOM or your Exchange server or possibly both.
  Sadly (for budgeting) SCOM doesn't necessarily replace specialist tools - it just complements them. Likewise, if you want deep dive SQL then you'll still need Quest or Idera based tools. Probably fewer licenses and better targetted at servers with known
  issues.
  Cheers
  Graham
  Regards Graham New System Center 2012 Blog! -
  http://www.systemcentersolutions.co.uk
  View OpsMgr tips and tricks at
  http://systemcentersolutions.wordpress.com/