"Discovery Manager" role cannot place a mailbox on hold

Similar Messages

• "Office 365 Mailbox" missing for users that are member of Ricipent Management role

  Hi,
  I have a hybrid setup with Office 365 and one exchange 2013 standard server on-premises.
  I currently have an issue with that I have a button after pressing the + under recipient to create a Office 365 mailbox from the ECP, but users that are members of the Recipient Management role don't have that button visible.
  What extra permissions are required to be able to create an Office 365 mailbox from the on-premises Exchange?

  Hi SeidKrv,
  Thanks for your update.
  Following article introuduces the permissions that need to assigned before running "New-Mailbox" command.
  Please focus on "Recipient Provisioning Permissions" session.
  Recipients Permissions
  http://technet.microsoft.com/en-us/library/dd638132(v=exchg.150).aspx
  Based on the article, it seems both Recipient Management role and Organization Management role are required.
  More detailed information on both management role as below:
  1. Administrators who are members of the Recipient Management role group have administrative access to
  create or modify Exchange 2013 recipients within the Exchange 2013 organization.
  2. Administrators that are members of the Organization Management role group have administrative access to the entire Exchange 2013 organization and
  can perform almost any task against any Exchange 2013 object, with some exceptions. By default, members of this role group can't perform mailbox searches and management of unscoped top-level management
  roles.
  Thanks
  Mavis Huang
  TechNet Community Support

• Cannot access Exchange Mgmt Shell - user "Domain\Administrator" isn't assigned to any management roles

  This is a new domain-joined Server 2012 member server with no data. Domain Administrator account is in the Organization Management group. Domain functional level is Server 2012.
  Setup /m:RecoverServer fails because "...server roles are already installed..."
  Uninstall fails because the "mailbox database contains one or more mailboxes..." which I can't delete.

  Hi,
  I recommend you refer to the following article to troubleshoot the issue:
  https://social.technet.microsoft.com/wiki/contents/articles/14874.error-the-user-domain-localusersadministrator-isnt-assigned-to-any-management-roles-on-exchange-2010-management-console.aspx
  we may try to propagate the RBAC permissions for the user again! procedure is as below:
  1.
  Open Windows Powershell as  “Run As Administrator”
  2.
  Load the setup Snapin with the command: Add-Pssnapin *Setup*
  3.
  Run the commands one after the other to propagate the RBAC to the user who is logged on to the Exchange Server.
  a. Install-CannedRbacRoleAssignments  –InvocationMode Install
  b.
  Install-CannedRbacRoles
  c.
  Install-CannedRbackRoleAssignmentsRAP
  d.
  Install-CannedAddressLists
  Thanks.
  Niko Cheng
  TechNet Community Support

• Custom Distribution Group management role (manager excpeiton)

  My organization is medium size with multiple support groups (15+) that each support a subset of users (350+). I want to create a management role that is scoped so each support group can manage the distribution groups in their respective OU space.
  By manage I mean edit the group membership. I realize I can achieve this with AD permissions but I’d like to achieve this in a way that leverages RBAC so the support groups can use OWA. I also want to leverage RBAC\OWA because not all my support groups are
  technical, some are office admins. Anyways, below is what I’ve tried in my lab scoped to one of my support groups.
  Using the cmdlets below I’ve created a custom management scope, role and group. However, this does not work. While it lets my sales support group view and edit some random attributes on the group, it fails when they try to edit the group membership. In other
  words, they can logon to OWA, click options\see all options\manage your organization\distribution groups\open the group\edit description etc. but when they select “Add…” under membership then select the user and hit ok\save they get the error “you don’t have
  sufficient permissions. this operation can only be performed by a manger of the group”.
  New-ManagementScope -Name “Sales Support DG MScope” -RecipientRestrictionFilter {RecipientType -eq "MailUniversalSecurityGroup"} -RecipientRoot “lab.com/sales”
  New-ManagementRole -name “Sales Support DG MRole” -Parent "Distribution Groups"
  New-RoleGroup -name “Sales “Sales Support DG MGroup” -Roles "Sales Support DG MRole" -CustomRecipientWriteScope "Sales Support DG MScope"
  When I do as the error asks (i.e. add my support user as a manager of the group via the EMC), then my support user is able to edit the group's membership in OWA. The problem with this solution is that it would require me to add my support users to my role
  group “Sales Support DG MGroup” AND as a manager of the DG and every DG that is created down the line. Not ideal. Any ideas, some RBAC magic I’m missing?
  Below confirms by scope.
  Get-Group -OrganizationalUnit “lab.com/sales” | ?{$_.RecipientType -eq "MailUniversalSecurityGroup"}
  Name DisplayName SamAccountName GroupType
  distro1 distro1 distro1 Universal, SecurityEnabled
  distro2 distro2 distro2 Universal, SecurityEnabled
  distro3 distro3 distro3 Universal, SecurityEnabled
  On a side note, I realize by sourcing my management role off of distribution groups gives me more cmdlets\access than my support group needs (see below). I’m first just trying to get it to work :).
  Get-ManagementRole “Sales Support DG MRole” | Get-ManagementRoleEntry | select name
  Name
  Add-DistributionGroupMember
  Disable-DistributionGroup
  Enable-DistributionGroup
  Get-ADServerSettings
  Get-AcceptedDomain
  Get-DistributionGroup
  Get-DistributionGroupMember
  Get-DomainController
  Get-DynamicDistributionGroup
  Get-Group
  Get-MailUser
  Get-Mailbox
  Get-OrganizationalUnit
  Get-Recipient
  Get-ResourceConfig
  Get-User
  New-DistributionGroup
  New-DynamicDistributionGroup
  Remove-DistributionGroup
  Remove-DistributionGroupMember
  Remove-DynamicDistributionGroup
  Set-ADServerSettings
  Set-DistributionGroup
  Set-DynamicDistributionGroup
  Set-Group
  Set-OrganizationConfig
  Update-DistributionGroupMember
  Write-AdminAuditLog

  Hello,
  I understand that you have create custom management scope for each group and assigned a custom role to it.
  But whenever user try to edit (add/remove membership ) ,it shows errors "you dont have sufficient permissions". I face similar problem when we move from 2007 to 2010, 2010 by default disabled editing options for Dl membership.
  You can enable it by Graphic mode or powershell. Would suggest that you have created custom role, you follow powershell mode. I had written a blog on that.
  Check below link. http://exchange2010cmd.blogspot.de/
  You have created new management role “Sales Support DG MRole”, but you need to assign this role to users/administrators in your case through role assignment policy.
  You can either use existing default policy or create new policy and assign this management role to it.
  Use below cmd: New-ManagementRoleAssignment -Role “Sales Support DG MRole” –Policy “Default Role Assignment Policy”
  NOTE: If you are creating new policy , place that name instead of default policy name".
  I recommend you continue with defalut policy. After this check with any admin, he should have rights to edit membership.
  Now, regarding your second concern, that your custon role has to many role entries.
  You can remove unwanted role entries.
  Use this cmd: Get-ManagemenRoleEntry “Sales Support DG MRole\*” | where{ $_.name –like “Set-distributionGroup” } | remove-managementroleentry
  Before linking management role to email policy, remove unwanted role entry from role.
  I tried to explain it in easy way, but still it is not understood, write back to me. I am new to technet forum, I started few days back replying to questions. If you get your answer,dont forget to propose it as answer.

• Modifying a precanned RBAC management role

  I'm trying to revert a precanned management role "Mailbox Import Export" to the default out-of-the-box state. Some time ago, someone removed a handful of parameters and entries from it.
  When I try to just add them back I get an error "The precanned management role "Mailbox Import Export" can't be modified."
  I understand that it's not normally done, and some people think its not possible to do. But someone figured out how to remove entries in the past -- now I have to figure out how to put them back.
  Anyone have any experience with this?
  Also, is it possible to modify assigned management roles? This role is already a member of a group & has some assignments. If possible, I'd like to modify it in-place.

  Everything is stored in AD so ADSIEdit will be your friend but it's not recommended (or probably supported too) to modify this via raw AD editors...
  Configuration -> Services -> Microsoft Exchange -> YourExOrgName -> RBAC -> Roles -> Mailbox Import Export -> msExchRoleEntries is the attribute with proper formatted values...
  I strongly recommend you to test this in a Test environment first and take backup of AD before doing any modification in production environment...
  Blog |
  Get Your Exchange Powershell Tip of the Day from here

• Active Manager failed to mount database Mailbox Database?

  So we had our stuff working fine with exchange 2010 rc and 08 r2 rtm... We installed antivirus on our server and now get the below message.... Everything "seems" to work though... We get two of these messages per reboot though... one with the main box database and one for the public folder one....
  Again all seems to work okay, we have tried to remove AV but didnt fix.
  Any suggestions?
  Active Manager failed to mount database Mailbox Database 0539218550 on server main-server.hq.local. Error: An Active Manager operation failed with a transient error. Please retry the operation. Error A transient error occurred during discovery of the database availability group topology. Error: Database action failed with transient error. Error: A transient error occurred during a database operation. Error: MapiExceptionNetworkError: Unable to make admin interface connection to server. (hr=0x80040115, ec=-2147221227)
  Diagnostic context:
  Lid: 12696 dwParam: 0x6D9 Msg: EEInfo: Generation Time: 2009-09-04 16:40:25:54
  Lid: 10648 dwParam: 0x6D9 Msg: EEInfo: Generating component: 2
  Lid: 14744 dwParam: 0x6D9 Msg: EEInfo: Status: 1753
  Lid: 9624 dwParam: 0x6D9 Msg: EEInfo: Detection location: 501
  Lid: 13720 dwParam: 0x6D9 Msg: EEInfo: Flags: 0
  Lid: 11672 dwParam: 0x6D9 Msg: EEInfo: NumberOfParameters: 4
  Lid: 8856 dwParam: 0x6D9 Msg: EEInfo: prm[0]: Unicode string: ncalrpc
  Lid: 8856 dwParam: 0x6D9 Msg: EEInfo: prm[1]: Unicode string:
  Lid: 12952 dwParam: 0x6D9 Msg: EEInfo: prm[2]: Long val: -1988875570
  Lid: 12952 dwParam: 0x6D9 Msg: EEInfo: prm[3]: Long val: 382312662
  Lid: 24060 StoreEc: 0x80040115
  Lid: 23746
  Lid: 31938 StoreEc: 0x80040115
  Lid: 19650
  Lid: 27842 StoreEc: 0x80040115
  Lid: 20866
  Lid: 29058 StoreEc: 0x80040115.

  I get this as well - two exchange 2010 SP1 UR2 servers. they host all roles on each, non-dag members as of now. Every time I reboot either server I get the same thing. MSExchangeRepl 3154 Service
  Log Name:      Application
  Source:        MSExchangeRepl
  Date:          1/3/2011 10:54:07 PM
  Event ID:      3154
  Task Category: Service
  Level:         Error
  Keywords:      Classic
  User:          N/A
  Computer:      mail.mydomain.com
  Description:
  Active Manager failed to mount database Exchange DB on server mail.mydomain.com. Error: An Active Manager operation failed with a transient error. Please retry the operation. Error: Database action failed with transient error. Error: A transient error
  occurred during a database operation. Error: MapiExceptionNetworkError: Unable to make admin interface connection to server. (hr=0x80040115, ec=-2147221227)
  Diagnostic context:
      Lid: 12696   dwParam: 0x6D9      Msg: EEInfo: Generation Time: 2011-01-04 03:54:07:310
      Lid: 10648   dwParam: 0x6D9      Msg: EEInfo: Generating component: 2
      Lid: 14744   dwParam: 0x6D9      Msg: EEInfo: Status: 1753
      Lid: 9624    dwParam: 0x6D9      Msg: EEInfo: Detection location: 501
      Lid: 13720   dwParam: 0x6D9      Msg: EEInfo: Flags: 0
      Lid: 11672   dwParam: 0x6D9      Msg: EEInfo: NumberOfParameters: 4
      Lid: 8856    dwParam: 0x6D9      Msg: EEInfo: prm[0]: Unicode string: ncalrpc
      Lid: 8856    dwParam: 0x6D9      Msg: EEInfo: prm[1]: Unicode string: 
      Lid: 12952   dwParam: 0x6D9      Msg: EEInfo: prm[2]: Long val: -1988875570
      Lid: 12952   dwParam: 0x6D9      Msg: EEInfo: prm[3]: Long val: 382312662
      Lid: 24060   StoreEc: 0x80040115
      Lid: 23746  
      Lid: 31938   StoreEc: 0x80040115
      Lid: 19650  
      Lid: 27842   StoreEc: 0x80040115
      Lid: 20866  
      Lid: 29058   StoreEc: 0x80040115
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
      <Provider Name="MSExchangeRepl" />
      <EventID Qualifiers="49156">3154</EventID>
      <Level>2</Level>
      <Task>1</Task>
      <Keywords>0x80000000000000</Keywords>
      <TimeCreated SystemTime="2011-01-04T03:54:07.000000000Z" />
      <EventRecordID>8851</EventRecordID>
      <Channel>Application</Channel>
      <Computer>mail.mydomain.com</Computer>
      <Security />
    </System>
    <EventData>
      <Data>Exchange DB</Data>
      <Data>mail.mydomain.com</Data>
      <Data>An Active Manager operation failed with a transient error. Please retry the operation. Error: Database action failed with transient error. Error: A transient error occurred during a database operation. Error: MapiExceptionNetworkError:
  Unable to make admin interface connection to server. (hr=0x80040115, ec=-2147221227)
  Diagnostic context:
      Lid: 12696   dwParam: 0x6D9      Msg: EEInfo: Generation Time: 2011-01-04 03:54:07:310
      Lid: 10648   dwParam: 0x6D9      Msg: EEInfo: Generating component: 2
      Lid: 14744   dwParam: 0x6D9      Msg: EEInfo: Status: 1753
      Lid: 9624    dwParam: 0x6D9      Msg: EEInfo: Detection location: 501
      Lid: 13720   dwParam: 0x6D9      Msg: EEInfo: Flags: 0
      Lid: 11672   dwParam: 0x6D9      Msg: EEInfo: NumberOfParameters: 4
      Lid: 8856    dwParam: 0x6D9      Msg: EEInfo: prm[0]: Unicode string: ncalrpc
      Lid: 8856    dwParam: 0x6D9      Msg: EEInfo: prm[1]: Unicode string: 
      Lid: 12952   dwParam: 0x6D9      Msg: EEInfo: prm[2]: Long val: -1988875570
      Lid: 12952   dwParam: 0x6D9      Msg: EEInfo: prm[3]: Long val: 382312662
      Lid: 24060   StoreEc: 0x80040115
      Lid: 23746  
      Lid: 31938   StoreEc: 0x80040115
      Lid: 19650  
      Lid: 27842   StoreEc: 0x80040115
      Lid: 20866  
      Lid: 29058   StoreEc: 0x80040115</Data>
    </EventData>
  </Event>
  Log Name:      Application
  Source:        MSExchangeRepl
  Date:          1/3/2011 10:54:06 PM
  Event ID:      3154
  Task Category: Service
  Level:         Error
  Keywords:      Classic
  User:          N/A
  Computer:     mail.mydomain.com
  Description:
  Active Manager failed to mount database Public on server mail.mydomain.com. Error: An Active Manager operation failed with a transient error. Please retry the operation. Error: Database action failed with transient error. Error: A transient error occurred
  during a database operation. Error: MapiExceptionNetworkError: Unable to make admin interface connection to server. (hr=0x80040115, ec=-2147221227)
  Diagnostic context:
      Lid: 12696   dwParam: 0x6D9      Msg: EEInfo: Generation Time: 2011-01-04 03:54:05:732
      Lid: 10648   dwParam: 0x6D9      Msg: EEInfo: Generating component: 2
      Lid: 14744   dwParam: 0x6D9      Msg: EEInfo: Status: 1753
      Lid: 9624    dwParam: 0x6D9      Msg: EEInfo: Detection location: 501
      Lid: 13720   dwParam: 0x6D9      Msg: EEInfo: Flags: 0
      Lid: 11672   dwParam: 0x6D9      Msg: EEInfo: NumberOfParameters: 4
      Lid: 8856    dwParam: 0x6D9      Msg: EEInfo: prm[0]: Unicode string: ncalrpc
      Lid: 8856    dwParam: 0x6D9      Msg: EEInfo: prm[1]: Unicode string: 
      Lid: 12952   dwParam: 0x6D9      Msg: EEInfo: prm[2]: Long val: -1988875570
      Lid: 12952   dwParam: 0x6D9      Msg: EEInfo: prm[3]: Long val: 382312662
      Lid: 24060   StoreEc: 0x80040115
      Lid: 23746  
      Lid: 31938   StoreEc: 0x80040115
      Lid: 19650  
      Lid: 27842   StoreEc: 0x80040115
      Lid: 20866  
      Lid: 29058   StoreEc: 0x80040115
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
      <Provider Name="MSExchangeRepl" />
      <EventID Qualifiers="49156">3154</EventID>
      <Level>2</Level>
      <Task>1</Task>
      <Keywords>0x80000000000000</Keywords>
      <TimeCreated SystemTime="2011-01-04T03:54:06.000000000Z" />
      <EventRecordID>8850</EventRecordID>
      <Channel>Application</Channel>
      <Computer>Gmail.mydomain.com</Computer>
      <Security />
    </System>
    <EventData>
      <Data>Public</Data>
      <Data>mail.mydomain.com</Data>
      <Data>An Active Manager operation failed with a transient error. Please retry the operation. Error: Database action failed with transient error. Error: A transient error occurred during a database operation. Error: MapiExceptionNetworkError:
  Unable to make admin interface connection to server. (hr=0x80040115, ec=-2147221227)
  Diagnostic context:
      Lid: 12696   dwParam: 0x6D9      Msg: EEInfo: Generation Time: 2011-01-04 03:54:05:732
      Lid: 10648   dwParam: 0x6D9      Msg: EEInfo: Generating component: 2
      Lid: 14744   dwParam: 0x6D9      Msg: EEInfo: Status: 1753
      Lid: 9624    dwParam: 0x6D9      Msg: EEInfo: Detection location: 501
      Lid: 13720   dwParam: 0x6D9      Msg: EEInfo: Flags: 0
      Lid: 11672   dwParam: 0x6D9      Msg: EEInfo: NumberOfParameters: 4
      Lid: 8856    dwParam: 0x6D9      Msg: EEInfo: prm[0]: Unicode string: ncalrpc
      Lid: 8856    dwParam: 0x6D9      Msg: EEInfo: prm[1]: Unicode string: 
      Lid: 12952   dwParam: 0x6D9      Msg: EEInfo: prm[2]: Long val: -1988875570
      Lid: 12952   dwParam: 0x6D9      Msg: EEInfo: prm[3]: Long val: 382312662
      Lid: 24060   StoreEc: 0x80040115
      Lid: 23746  
      Lid: 31938   StoreEc: 0x80040115
      Lid: 19650  
      Lid: 27842   StoreEc: 0x80040115
      Lid: 20866  
      Lid: 29058   StoreEc: 0x80040115</Data>
    </EventData>
  </Event>

• On 10.4.11 Mac Mail I get this: Mail cannot update your mailboxes because your home directory is full. You must free up space in your home folder before using Mail. Delete unnedded documents or move documents to another volume. I can't open mail.

  On 10.4.11 iMac Mac Mail I get this message: "Mail cannot update your mailboxes because your home directory is full. You must free up space in your home folder before using Mail. Delete unneeded documents or move documents to another volume." I can't open mail to do this. I have reinstalled software but no effect. How do I get into Mail to delete?

  Found this on the "more like this" Worked like a charm!
  With the Mail.app quit and using the Finder, go to Home > Library > Mail. Copy the Mail folder and place the copy on the Desktop for backup purposes.
  Go to Home > Library > Mail > Envelope Index. Move the Envelope Index file to the Desktop.
  Launch Mail and you will be prompted to import mailboxes. Select OK and allow the import process to complete.
  After confirming all mailboxes were successfully imported and available, you can delete the copy of the Mail folder and old Envelope Index file from the Desktop and this should resolve the problem.

• I have another issue. Everytime I add a new mailbox , I get an error message in owa 2010 that it cannot access the mailbox

  I go into the 2008 r2 dc and add a user. The 2003 dc has all of the fsmo roles. Then I go into the exchange server and add the new mailbox through the GUI. It runs the cmdlet and creates the new mailbox without any errors. Then I go in and try to access
  the mailbox through owa and cannot access the mailbox. It says the mailbox does not exist. Both my 2003 dc(which I want to decommission) and 2008 servers are replicating. I see the user object on both servers. I have the email server pointed to the 2003 dns
  server as my preferred dns. This just started happenning a couple of days ago. I dont know if a windows update caused this but everything was fine before Wednesday. All of the other users can access their mailboxes through owa just any new ones I created cannot.
  In fact when I send a test email to the new account, I immediately get a bounce back so I dont think I would be able to access the new mailbox through outlook.
  visualbasicfrustrated

  Hello,
  I recommend you check your exchange server using windows server 2003 DC or windows server 2008 DC.
  Please use repadmin /showrepl command to check DC replication status.
  Please check if there is related error in application log.
  Cara Chen
  TechNet Community Support

• Solution Manager EWA - cannot create session in satellite system

  "Hi,
  I want to configure EWA self service using Solman 4.0. I succesfully did the following :
  a. Maintained SMSY and create the required trusted RFC connections from SM to satellite system. All connection and authorization passed in SM59. I used SAP_ALL/SDCCN_ALL role and assigned objects S_RFC*.
  b. Assigned the system to a logical system.
  c. Created the a new solution and activate "Solutions Monitoring > Earlywatch Alert"
  d. Activated and maintained required RFC in SDCCN in satallite system.
  My problem is that the create EWA alert request (Red Flag with a specific session number ) coulnd be pass to the satelitte system even though all the trusted RFC and authorization is set. When i execute the SESSION_REFRESH in the satellite system, the session is not created.
  Did I miss out any steps. Can any one share any help ?
  FYI, there is no connection to SAPOSS yet, so i did not manage to run RTCCTOOL completed, but i doubt this is required for EWA self service."
  I  have the same problem as Solution Manager EWA - cannot create session in satellite system
  tried all of solutions,  but it does not help... Created the CM (high) for SAP, but get 1 response for 1 week from them:(

  Dear Sapbcer,
  Have you tried the following option :
  Execute SMSY and from the Server entry Execute the "Read System Data Remote" option in change mode.
  Save the data captured and then try using Refresh Session Task from SDCCN of the satellite system. Do select the RFC for Solution Manager while performing this task.
  Hope this helps.
  Regards
  Amit

• Cannot disable a mailbox in Exchange 2013 CU6!?!?!?!

  I cannot disable a mailbox in Exchange 2013 CU6. I get the following error:
  Anyone seen this error? As you know, I just want to remove the Exchange attributes from the user object in Active Directory. Of course, deleting the user object works just fine but don't want to go that route. 

  I tried with the EMS (Powershell) and I still get an error:
  [PS] C:\>disable-mailbox [email protected]
  Confirm
  Are you sure you want to perform this action?
  Disabling mailbox "[email protected]" will remove the Exchange properties from the Active Directory user object and mark the mailbox in the database for removal. If the mailbox has an archive or remote archive, the archive will also
  be 
  marked for removal. In the case of remote archives, this action is permanent. You can't reconnect this user to the remote archive again.
  [Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is "Y"): 
  Y
  Active Directory operation failed on LocalDCName.local.com. This error is not retriable. Additional information: The parameter is incorrect.
  Active directory response: 00000057: LdapErr: DSID-0C090CB9, comment: Error in attribute conversion operation, data 0, v2580
      + CategoryInfo          : NotSpecified: (:) [Disable-Mailbox], ADOperationException
      + FullyQualifiedErrorId : [Server=LA-MBX01Server,RequestId=6ed97c1e-ae68-4670-a097-c4e65f683274,TimeStamp=11/18/2014 7:50:07 PM] [FailureCategory=Cmdlet-ADOperationException] 8D6C0FEB,Microsoft.Exchange.Management.RecipientTasks.Disable 
     Mailbox
      + PSComputerName        : LocalDCName.local.com
  I captured everything with the START-TRANSCRIPT cmdlet and changed the specific values to our organization (i.e., "[email protected]" and "LocalDCName.Local.com"). I've tried this on other mailboxes and I receive the same error whether
  I use EMC or EMS. I believe this might be AD schema related just not sure where.

• Cannot Create New Mailbox

  Hi all,
  First of all I already create a similar thread : http://social.technet.microsoft.com/Forums/en-US/b8f88745-ca79-43f9-8857-3b87781e5c19/rbac-to-create-mailbox?forum=exchangesvradmin 
  I got a problem in my Exchange Server 2013 environment. I cannot create new mailbox (new user) from ECP. But I can create new mailbox and choose existing user.
  Active Directory operation failed on DC.mydomain.com. This error is not retriable. Additional information: Access is denied. Active directory response: 00000005: SecErr: DSID-031A121F, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0 
  already try with no luck :
  re-inherit the permission.
  setup /prepareAD
  I create new user and assign Org Management & Domain Admin
  how to check whether the permission in my AD is correct ? or any idea should I start troubleshooting ?
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
  Krisna Ismayanto | My blogs: Krisna Ismayanto | Twitter:
  @ikrisna

  solved by executing setup.exe /preparedomain
  and I found one of the server in container ADSIEdit were disabled inheritance. execute setup.exe /prepareAD, reboot the server (because it
  ask for it), then execute setup.exe /preparedomain
  cheers ! :)
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
  Krisna Ismayanto | My blogs: Krisna Ismayanto | Twitter:
  @ikrisna

• Reg: Hiring Manager role in E-Recuitment EHP4

  Hi all,
             i am working with Ehp4 . My business package for  Recruiter is Recruiter1.4.1  . I am trying to create a requisition from the recruiter login . I have a field HIRING MANAGER . Wat is the role tat we should assign for the Hiring Manager. 
  Thanks
  Priya

  Hi,
  I have the same problem on ERECRUIT604 EHP4 SP4. I cannot retrieve managers using Find Hiring Manager search on the Create Requisition page.
  I have though found out that there are 2 cases.
  On the one-instance solution with HR and ER on the same server an employee is retrieved as a Manager if there are following relationsships to his CP object:
  B     207     Is identic     BP
  B     208     Is identic     US
  B     209     Has employ     P
  B     650     Has candid     NA
  Especially the relationship CP B208 US is critical. The problem is though that this relationship is not created automatically be the system as on the one-instance solution the user is retrieved from IT105 subtype 0001 via P object, so you have to create this relationsship manually. Or am I wrong?
  On the two-instance solution with HR on one machine and ER on another the above solution does not work at all. Here the relationship CP B208 US is created via ALE, but it does not help for retrival of Hiring Managers.
  I have also added the 'manager' role to the employee, the employee is the manager in the Organizational Structure, and still I cannot retrieve him.
  Maybe it's a bug in the system. Anyway I cannot find any hints telling what are the assumptions for using this functionality.
  Waiting for an answer
  Best regards,
  Beata

• Exchange 2010 Management Role loading slowness

  Hello,
  I'm new to the company I currently work for and relatively new into IT, and one of the first issues I have noticed here is how incredibly slow Exchange 2010 is when loading. 
  I'm aware there are numerous topics covering this issue after having done many checks on search engines, however most of them seem to advise going to IE and un-checking the boxes defining Certificate Revocation or other solutions that I haven't found to
  be applicable, at least not to my knowledge. I have tried the first suggestion but found this made no difference.
  We don't get any error messages when loading but it is generally a little slow, however the issue is where it says "Getting management role information for: domain/user info etc...", at the end of the progress bar. It will sit there for
  6 minutes before finally loading and allowing me in. This happens every time you use it also, not just the first time, whether it's on the local machine of anyone in IT or on the server.
  I've checked the server's available resources and it seems to be more than enough, although it is a virtual server so I'm not sure whether that changes what the issue could be.
  Would anyone be able to help point me in the right direction of what I could be checking for? Sorry if this is a really vague question or I've not provided enough detailed information, but any help would be really appreciated. I'm sure one of the more experienced
  members of my new team could take a look but I figured I'd try and make a good impression!
  Apologies if this is in the wrong forum section also.
  Thanks very much

  Hi
  Thanks for the reply.
  We're on Exchange Server 2010 SP3 (14.03.0158.001), as far as I can tell it's all up to date.
  Server specs:
  OS - Server 2008 R2 Enterprise, 64bit
  RAM - 32GB
  Processor - Intel Xeon E5-2690 @ 2.90GZ, 16 Cores, 16 Logical Processors
  There's 433 mailboxes in total, spread over 19 databases (a database for each department), 17 of those being mounted and active.
  Once I'm into the management console and can use the various features, the performance is generally fine, it's just that initial loading where it hangs.
  Thanks

• Mail cannot access your mailbox information because it is in use

  I have my mail on a Truecrypt drive and I have an alias pointing to that drive in my library and so sometimes I get this message:
  "Mail cannot access your mailbox information because it is in use."
  Options are:
  "Quit and rebuild Information" or "Quit"
  If I rebuild then I was losing all my sent messages which is a drag and it takes a while to re-download all the messages. So what I tried was deleting the Envelope Index.lock file and then launch mail and it started up with no problems.
  I think the reason this is happening is that it is possible that when I shut my computer down, Truecrypt dismounts the drive while Mail is accessing the mail folder (hence the lock file) and so when I start up again and remount the truecrypt drive that lock file is still there and I have to delete it or Mail thinks some other program is using the mail folder. Just a guess.
  Hope this helps someone else if they Google this error.

  I do but I do it from another computer -- that is the whole point of IMAP, by the way. I don't see how my accessing the IMAP server from another computer should cause Mail.app to think that my mailboxes on my local host, which are just copies, need to be rebuilt. I filed a bug on this and Apple gave me the annoying "Known issue" response, which means maybe they'll fix it, maybe not, thank you very much. It went away for a while, and now it's back again... sigh.

• "Mail cannot update your mailboxes because your home directory is full"

  I have a 250 GB hard disk, 4.34 GB of which is in my "Home" folder. (Total HD usage is about 27 GB.) This happened suddenly after Mail had been working fine for eons. I deleted a bunch of files (107 MB) in a "Drafts" folder (none show up in the Mail app's "Drafts" icon), but it made no difference. I re-installed the Mac OS X 10.4.11 combo update... no difference. Mail version is 2.1.3.
  Any help here? I cannot use Mail at all.
  Message was edited by: Bill Strohm

  Hey there,
  Have you had a chance to look at this Apple support document relating directly to this issue. Hope it helps.
  [Mac OS X 10.4: "Mail cannot update your mailboxes because your home directory is full" alert|http://support.apple.com/kb/TA24486?viewlocale=en_US]
  B-rock