When I am trying to install Exchange Server 2013 SP1 on Server 2012r2, I am getting this error at Mailbox Role: Mailbox Services.  We will be doing a migration from Exchange 2010 SP3.

Error:

The following error was generated when "$error.Clear();

          if ($RoleIsDatacenter -ne $true -and $RoleIsDatacenterDedicated -ne $true)

          {

          if (Test-ExchangeServersWriteAccess -DomainController $RoleDomainController -ErrorAction SilentlyContinue)

          {

          $sysMbx = $null;

          $name = "SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c}";

          $dispName = "Microsoft Exchange";

          Write-ExchangeSetupLog -Info ("Retrieving mailboxes with Name=$name.");

          $mbxs = @(Get-Mailbox -Arbitration -Filter {name -eq $name} -IgnoreDefaultScope -ResultSize 1 );

          if ($mbxs.Length -eq 0)

          {

          Write-ExchangeSetupLog -Info ("Retrieving mailbox databases on Server=$RoleFqdnOrName.");

          $dbs = @(Get-MailboxDatabase -Server:$RoleFqdnOrName -DomainController $RoleDomainController);

          if ($dbs.Length -ne 0)

          {

          Write-ExchangeSetupLog -Info ("Retrieving users with Name=$name.");

          $arbUsers = @(Get-User -Filter {name -eq $name} -IgnoreDefaultScope -ResultSize 1);

          if ($arbUsers.Length -ne 0)

          {

          Write-ExchangeSetupLog -Info ("Enabling mailbox $name.");

          $sysMbx = Enable-Mailbox -Arbitration -Identity $arbUsers[0] -DisplayName $dispName -database $dbs[0].Identity;

          }

          }

          }

          else

          {

          if ($mbxs[0].DisplayName -ne $dispName )

          {

          Write-ExchangeSetupLog -Info ("Setting DisplayName=$dispName.");

          Set-Mailbox -Arbitration -Identity $mbxs[0] -DisplayName $dispName -Force;

          }

          $sysMbx = $mbxs[0];

          }

          # Set the Organization Capabilities needed for this mailbox

          if ($sysMbx -ne $null)

          {

          # We need 1 GB for uploading large OAB files to the organization mailbox

          Write-ExchangeSetupLog -Info ("Setting mailbox properties.");

          set-mailbox -Arbitration -identity $sysMbx -UMGrammar:$true -OABGen:$true -GMGen:$true -ClientExtensions:$true -MailRouting:$true -MessageTracking:$true -PstProvider:$true -MaxSendSize 1GB -Force;

          }

          else

          {

          Write-ExchangeSetupLog -Info ("Cannot find arbitration mailbox with name=$name.");

          }

          }

          else

          {

          Write-ExchangeSetupLog -Info "Skipping creating E15 System Mailbox because of insufficient permission."

          }

          }

        " was run: "Database is mandatory on UserMailbox.".

Error:

The following error was generated when "$error.Clear();

          if ($RoleIsDatacenter -ne $true -and $RoleIsDatacenterDedicated -ne $true)

          {

          if (Test-ExchangeServersWriteAccess -DomainController $RoleDomainController -ErrorAction SilentlyContinue)

          {

          $sysMbx = $null;

          $name = "SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c}";

          $dispName = "Microsoft Exchange";

          Write-ExchangeSetupLog -Info ("Retrieving mailboxes with Name=$name.");

          $mbxs = @(Get-Mailbox -Arbitration -Filter {name -eq $name} -IgnoreDefaultScope -ResultSize 1 );

          if ($mbxs.Length -eq 0)

          {

          Write-ExchangeSetupLog -Info ("Retrieving mailbox databases on Server=$RoleFqdnOrName.");

          $dbs = @(Get-MailboxDatabase -Server:$RoleFqdnOrName -DomainController $RoleDomainController);

          if ($dbs.Length -ne 0)

          {

          Write-ExchangeSetupLog -Info ("Retrieving users with Name=$name.");

          $arbUsers = @(Get-User -Filter {name -eq $name} -IgnoreDefaultScope -ResultSize 1);

          if ($arbUsers.Length -ne 0)

          {

          Write-ExchangeSetupLog -Info ("Enabling mailbox $name.");

          $sysMbx = Enable-Mailbox -Arbitration -Identity $arbUsers[0] -DisplayName $dispName -database $dbs[0].Identity;

          }

          }

          }

          else

          {

          if ($mbxs[0].DisplayName -ne $dispName )

          {

          Write-ExchangeSetupLog -Info ("Setting DisplayName=$dispName.");

          Set-Mailbox -Arbitration -Identity $mbxs[0] -DisplayName $dispName -Force;

          }

          $sysMbx = $mbxs[0];

          }

          # Set the Organization Capabilities needed for this mailbox

          if ($sysMbx -ne $null)

          {

          # We need 1 GB for uploading large OAB files to the organization mailbox

          Write-ExchangeSetupLog -Info ("Setting mailbox properties.");

          set-mailbox -Arbitration -identity $sysMbx -UMGrammar:$true -OABGen:$true -GMGen:$true -ClientExtensions:$true -MailRouting:$true -MessageTracking:$true -PstProvider:$true -MaxSendSize 1GB -Force;

          }

          else

          {

          Write-ExchangeSetupLog -Info ("Cannot find arbitration mailbox with name=$name.");

          }

          }

          else

          {

          Write-ExchangeSetupLog -Info "Skipping creating E15 System Mailbox because of insufficient permission."

          }

          }

        " was run: "Database is mandatory on UserMailbox.".

I finally got my Exchange server installed and mostly configured and then I tried to create a self signed certificate using the EAC. It responds with:

The Exchange Certificate operation has failed with an exception on server EXCHANGE. The error message is: Unknown error (0xe0434352)

Can anyone shed any light on this?

Hello,

Exchange 2010 SP3 and Exchange 2013 Version 15.0 (Build 913.22) Living in Co-Existence mode.

When I move a test mail box from 2010 to 2013 the outlook client continues to look for the old CAS server. IT appear recycling Exchange Application pools and/or a forced AD replication solves the issue. repadmin /syncall. I would like to have this resolved. I have thousands of mailboxes and recycling or replicating after each mailbox is moved is not acceptable. I see multiple posts on these forums that talk about the issue but none with a solid solution. Can any one point me in the right direction?

Hello,

I am migrating all on-premise exchange 2010 SP3 to Exchange 2013 SP1. I am testing mailbox migrations, each mailbox that gets moved to 2013 the user keeps getting prompted for credentials. I have read several posts in the forums yet none which solve my problem. Can someone point me in the right direction. All 2013 setting are currently at default.

Hello,

I wish all contents(Send,Receive,..etc) older than '06/21/2014' from all mailboxes should be exported to pst.

What to include additional to this cmdlet -

New-MailboxExportRequest -Mailbox <alias> -FilePath"\\Server\ShareFolder\<alias>.pst"

Please Guide.

Few details-

Name of Test mailbox - Demo

Mailbox Created on 06/10/2014

1) When I use the normal cmdlet,

New-MailboxExportReuqest -Mailbox Demo -FilePath "\\Server's IP\ShareFolder\Demo.pst it generates a pst of1505 KB.

2) When I use the cmdlet specifying today's date (For maximum output)

New-MailboxExportReuqest -Mailbox Demo -ContentFilter {(Received -lt "07/23/2014")} -FilePath "\\Server's IP\ShareFolder\Demo.pstit generates a pst only of 265 KB. (It means something is wrong somewhere)

3) Now the Strange thing is, the mailbox is created on 06/10/2014 (1.5 months old), when I use the cmdlet specifying the far previous date (3 months old)

New-MailboxExportReuqest -Mailbox Demo -ContentFilter {(Received -lt "04/23/2014")} -FilePath "\\Server's IP\ShareFolder\Demo.pstit again generates a pst of 265 KB. (It means something is wrong somewhere again)

Please Guide.

Thanks, Divyaprakash Koli

When I log on as Administrator to either .../ecp or .../owa, authenticaion, I believe, succeeds but then I get HTTP 500.

When I do this on another server hosting the Exchange server for the same Organisation, I succeed - can get into both the mailbox and the Exchange server ECP interface. Unlike the first server, this Exchange server does not host any mailboxes but otherwise has identical Exchange roles installed.

When I log on as another non-administrator user to the first server that hosts mailboxes, I again succeed.

The problem seems to relate the administrative interface that the first server somehow fails to display but what could be the reason for that?

Thank you.

How many NICS do I need for Exchange 2013 ETR, and what is the best practice for their configurations. and can I use Exchange 2013 ETRs with Exchange 2010

i installed a dc and a mem. installed exchange on the mem, but moving the database doesn't work.

Am getting an error that the dabase cannot befound on the dc,

anyone who can tell me what i am doing wrong?

Hi,

I renewed our Exchange certificate today with GoDaddy. They are pushing a new policy of NOT allowing internal domains in certificates.

Our previous UCC certificate covered the following address

webmail.domain.co.uk
autodiscover.domain.co.uk
exchange1.domain.local

This worked fine. When renewing today, I needed to drop 'exchange1.domain.local' from the UCC cert. 

I thought I would create an internal certificate for Exchange1, authorised by my domain's CA, which I have done and disctributed to all clients using group policy. 

My UCC renewal with GoDaddy therefore only had webmail.domain.co.uk and autodiscover.domain.co.uk. When this cert was issued, I added to IIS on Exchange1. I set the binding to https for this new certificate and tested by visiting webmail.domain.co.uk, which showed the new certificate.

However, shortly after, my internal clients then called complaining about certificate warnings in Outlook. I see that Outlook is connecting to exchange1.domain.local but being presented with the 'web' certificate I just renewed with GoDaddy. I understand Outlook communicates over HTTP/S now so how do I overcome the problem I have and secure my internal server name (exchange1.domain.local) without using this name in the GoDaddy UCC cert?

Many thanks

Hi,

I am busy with a migration of mailboxes from Exchange 2003 to Exchange 2013.  I have migrated all the mailboxes from Exchange 2003 to 2010 and then uninstalled the Exchange 2003 server.  I am currently migrating from Exchange 2010 to Exchange 2013 and I am experiencing some problems that I have not seen before.

I migrated a few small mailboxes, the in progress time show as 4.5 hrs. The migration completed with errors.  I have had a look at the report and the error is as follows:

"Warning: Failed to set RehomeRequest on some of the requests related to the mailbox after the move. Error details: Too many cleanup retries, giving up."

Please can someone assist in resolving this, I have no idea where to look now.

Hello...

Coming son, we'll deploy Exchange 2013 with high availability in all roles. The CAS and Hub Transport roles, are with a HLB; and the Mailbox with DAG. The infrastructure is formed by:

Citi1:

- AD Site 1

- 1 Hardware Load Balance: HLB01 to load balance the CAS and Hub Transport of Exc01 and Exc02

- 2 Exchange: Exc01 and Exc02 multiroles Exchange Server 2013

- 1 DAG for Citi1 databases: conformed by the Exc01 and Exc02

Citi2:

- AD Site 2

- 1 Hardware Load Balance: HLB02 to load balance the CAS and Hub Transport of Exc03 and Exc04

- 2 Exchange: Exc03 and Exc04 multiroles Exchange Server 2013

- 1 DAG for Citi2 databases: conformed by the Exc03 and Exc04

The Active Directory is one forest with one domain. The Domain Controllers are Windows Server 2012. The Site1 and Site 2 are connected by a WAN link. The accepted domain is domain.com. The smtp address is @domain.com

How to make that users of Citi1 always connect throught the HLB01 to their mailboxes; and the users of Citi2 always connect throught the HLB02 to their mailboxes if the autodiscover.domain.com is the same for all users?

I have not founddocumentationabout this architecture. Please help me.

Thank you very much.

Best regards, Javier Uribe

Hi All, 

I was hoping to get some information around which of these values are applied by the client for outlook anywhere connections: 

ExternalClientAuthenticationMethod or InternalClientAuthenticationMethod

We have tested externally and found that NTLM works for mail but fails when trying to auth the directory connection in outlook. So we would like to have external set to basic (Works without issues) and internal to NTLM (Fine within the network) 

Our HLB is F5 and with the source addresses coming from the SNAT local IP I was wondering if the external Auth value will do anything? 

Do we know how client works out whether they are internal or external and which auth setting is used? 

Thanks

Joshua Bines

Here's a fun one that hopefully someone can give me a hand with.

2008 R2 servers, Exchange 2013.

three years ago setup internal domain as M***.com.  Email was hosted on web under their domain of M****acceptance.com with all their emails as such.  Fast forward to January this year.  Setting up Exchange 2013 on system, external (Internet facing) is mail.m****acceptance.com, but the internal names are still mail.m***.com.  We don't own the m***.com domain but there is no mail.m***.com operating either, which was a lucky break.  Our security certificates cover the m***acceptance.com domains, but can't cover the m***.com domain since we don't own it.  I have pretty much worked around the security certificate mismatch warnings since the only thing wrong is m***.com is not on the certificate.  

So I thought, why not just go through and rename the domain (all the desktops are virtual on one of the servers) since it primarily affected the servers.  Wow, all of a sudden red flags everywhere about not renaming domains, but I found a bunch of conflicting ways to handle this issue.  

so what I am asking is, how do I change the internal domain with an Exchange 2013 server on it, to a name that the Exchange server is already using for communications (m***acceptance.com).  mail.m***acceptance.com is already a resolved FQDN on the internet.

So, if I am successful in changing the internal domain, it will stop the 200ms TCP latency between the servers because of the constant security certificate issues, and smooth operations since I won't have two different domains to mess with on the same server (external and internal). 

Paul Clemmons, Owner, MCP PC Networks Inc MPN

Hello,

I cant find my solution that woks.

I have a fresh install of windows 2012R2 server.

I was installing exchange 2013 R1 on the server and i got the error:

Error:
The following error was generated when "$error.Clear();
          Install-ExchangeCertificate -WebSiteName "Exchange Back End" -services "IIS, POP, IMAP" -DomainController $RoleDomainController -InstallInTrustedRootCAIfSelfSigned $true
          if ($RoleIsDatacenter -ne $true -And $RoleIsPartnerHosted -ne $true)
          {
            Install-AuthCertificate -DomainController $RoleDomainController
          }
        " was run: "Could not grant Network Service access to the certificate with thumbprint 9A9744EF8A9251AF974C6D8C25466D602D08B82C because a cryptographic exception was thrown.".

I think the error has to do with a certicate??

I dont know.

Greetings,

Albert Koenders

So first, before you flame me, this is in QA!

We installed 2013 into a 2007 environment, then due to shifting business demand, cleanly removed 2013. Now we are trying to install 2010 CAS servers and it goes in fine, reports no errors, but I do not have 'server configuration' on the left pane of EMC, but I can run any related EMS cmdlet (so not permissions).  On the org health page all the info is listed as 'unavailable'. I'm thinking something is left over in AD's config container, but I can't find it. Help?

i have a server running server standard 2012 r2 recently upgraded from server standard 2003

it is a dc,dchp,dns.

i am trying to install exchange server 2013 standard during the installation i get the following error message.

and am unable to continue.

The following error was generated when "$error.Clear();
    install-ExchangeSchema -LdapFileName ($roleInstallPath + "Setup\Data\"+$RoleSchemaPrefix + "schema0.ldf")

" was run: "There was an error while running 'ldifde.exe' to import the schema file 'C:\Windows\Temp\ExchangeSetup\Setup\Data\PostWindows2003_schema0.ldf'. The error code is: 8224. More details can be found in the error file: 'C:\Users\Administrator.example\AppData\Local\Temp\ldif.err'".

After succesfull moving mailboxes from Exchange 2010 to Exchange 2013 (single all role servers in same Forest/AD) error messages are displayed in the eventviewer:

source: MSExchange Management Application
id: 5000

I do have installed a valid 3rd party certificate, all works well on both servers (2010 and 2013). How to fix this before I migrate all other mailboxes from 2010 to 2013?

Thnx Remco

We had an problem with the database where the mailbox of the admin user is located. I have fixed the mailbox, run the checks and received no errors.

Then i started a migrationbatch again and this was running so i started 3 more. Then the first batch i started hangs on completing. with the following error:
Error:MigrationTransientException: An error caused a change in the current set of domain controllers. --> An error caused a change in the current set of domain controllers.

I cannot find how i can stop this batch or give it a kickstart so it will complete the batch.

Kind regards,
Ben

P.S. Sorry for the poor English I'm Dutch.

Hello,

I have a new Exchange 2013 installation on a small corporate network. We us an external web and email hosting company.  We would like to continue receiving our incoming email through the external email host for SPAM, antivirus, and intrusion protection. In the past we have used the MAPI Labs mail connector to poll the external mail server for email and deliver it to our internal exchange system. Previously, outgoing email was sent via SMTP directly from the client PC. I would like it so the outgoing mail was routed through Exchange and ideally, only those with external email accounts count send outside the organization.

What I have done so far is have the external email host setup a secondary MX record on the external domain (ourserver.domain.com, which differs from their mail.domain.com). ourserver.domain.com points to our public network IP address.  I then had our internet ISP create a PTR for our IP that pointed back to ourserver.domain.com. In ECP I have send connector set to use MX records with a FQDN of ourserver.domain.com; however outgoing mail is slow to deliver and is identified as SPAM using my outlook.com personal mail.

How can I get my outgoing mail to stop getting flagged as spam?  I am still using a self signed certificate for testing and get certificate errors locally, but I do not think that is related. Am I going about this correctly?

Mike Orlando