RE: [ActiveDir] Problem adding an Exchange User - An operations error occurred

[Mayuresh Kshirsagar]

Thanks,   Would it be worth running it on the agent machine, or the AD machine?   Regards, Mayuresh   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan Sent: Monday, August 08, 2005 1:55 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Problem adding an Exchange User - An operations error occurred   Ethereal – no question.  Get it at: www.ethereal.com Rick From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mayuresh Kshirsagar Sent: Monday, August 08, 2005 9:45 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Problem adding an Exchange User - An operations error occurred   Hi Joe,   Can you tell me a good sniffer? And of course a free one ;-)   The setup is like, the mds in installed on one machine (on a different domain) which talks to the agent which is installed on the exchange machine. The agent then uses the exchange native apis to create the mail boxes which would be added to the AD. AD and exchange servers are on same domain.   Regards, Mayuresh.     From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Saturday, August 06, 2005 2:30 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Problem adding an Exchange User - An operations error occurred   That would tell me that the homeMDB value either isn't correct or isn't being set properly. homeMDB is a linked DN attribute, it *MUST* be valid when it is set.   If the tool allows you to retreive the extended LDAP error that would be great, if not get out a network sniffer and trace the operation. If the issue is with homeMDB from the DC, you will see a CONSTRAINT_ATT_TYPE error in clear text in the return packet from the DC.   I would pull out a network sniffer   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mayuresh Kshirsagar Sent: Saturday, August 06, 2005 6:01 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Problem adding an Exchange User - An operations error occurred The only sad thing about it is that when with the same attributes minus the homeMDB, the users get created perfectly.   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Friday, August 05, 2005 11:46 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Problem adding an Exchange User - An operations error occurred   Yes, again those attributes below seem fine, there should be no issues setting them through LDAP, certainly AD won't reject them. Again I would change the mailnickname to the same as sAMAccountName but that is just me.   If you are just mailbox enabling, setting mailnickname and homemdb will do it. That whole thing is documented to be unsupported by MS but I don't know of a single large company that doesn't do it the same way. The RUS will fire with that info and set up the rest of the attributes.    Now if this is a user create from the ground up, there could be issues with creating an enabled account. I think we went hrough that before here on the list with you though didn't we?      joe     From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mayuresh Kshirsagar Sent: Friday, August 05, 2005 6:40 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Problem adding an Exchange User - An operations error occurred The meta tries to create the entry. so it creates the entry in AD and the agent is responsible for creating mailbox. Are the attributes seen for the entry correct? Also what all is required if I am creating a mailbox user from a meta or a script, etc. also  can you suggest if I can find some useful information from the exchange server? Any diagnostics, etc?   Thanks.   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Friday, August 05, 2005 4:37 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Problem adding an Exchange User - An operations error occurred   That error log isn't very good. You can't even tell if it is an error being floated back from a DC. Could be something in the meta directory tool.   As for the specific data below for the attributes to be set on the user, I don't see anything bad though I wouldn't recommend the mailnickname to have that format, I would recommend it be the same as the sAMAccountName value. I tend to put the "nice" full version of the name in the displayName and that is the only place it is.   What info specifically is the product trying to set and how is it setting it? You may have to do a network trace or something like it.           From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mayuresh Kshirsagar Sent: Friday, August 05, 2005 1:19 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Problem adding an Exchange User - An operations error occurred Hi   I am trying to use a metadirectory to add an exchange user. An agent sitting on the Exchange server machine, which will add the mail box for the user.   But when I try to add the user, I am getting the following error “An operations error occurred”   10:38:01.112: [1412.724] DataAccess: UP_AddRecord EXCH2K 10:38:01.112: [1412.724] DataAccess: EXCH2K: Operation: Mapping Add/Modify Request 10:38:01.112: [1412.724] DataAccess: EXCH2K: Operation: Mapping Add/Modify operation to Exchange operation 10:38:01.112: [1412.724] DataAccess: EXCH2K: Operation: Getting an AD Object 10:38:01.112: [1412.724] DataAccess: EXCH2K: Operation: Retrieving AD object 10:38:01.112: [1412.724] DataAccess: EXCH2K: Operation: Retrieving AD object. Bind using Configured Credentials: 10:38:01.127: [1412.724] DataAccess: EXCH2K: Operation: Retrieving AD object. Success AD Object: LDAP://cn=ZZZHHH\, ANGUS,OU=test,DC=gepurbsres01,DC=net bind=ADS_SECURE_AUTHENTICATION 10:38:01.127: [1412.724] DataAccess: EXCH2K: Operation: Getting an AD Object. Success server=rlgmfurs1ad01.gepurbsres01.net AD Object=cn=ZZZHHH\, ANGUS,OU=test,DC=gepurbsres01,DC=net 10:38:01.127: [1412.724] DataAccess: EXCH2K: Operation: Add Or Move a Mailbox 10:38:01.127: [1412.724] DataAccess: EXCH2K: Operation: Getting an AD User Object from an an AD Object 10:38:03.502: [1412.724] DataAccess: EXCH2K: Operation: Add Or Move a Mailbox Error: An operations error occurred... Server=rlgmfurs1ad01.gepurbsres01.net, User=LDAP://cn=ZZZHHH\, ANGUS,OU=test,DC=gepurbsres01,DC=net 10:38:03.502: [1412.724] DataAccess: EXCH2K: Mapping Add/Modify Request, Error: An operations error occurred... 10:38:03.502: [1412.724] DataAccess: UP_AddRecord EXCH2K Failure = EXCH2K: Mapping Add/Modify Request, Error: An operations error occurred... 10:38:03.502: [1412.724] RUPS: Muws2UPAdapter::write(EXCH2K:0:01BE0064): Call of UP_Add/Modify/Delete/RenameRecord(cn=ZZZHHH\, ANGUS,OU=test,DC=gepurbsres01,DC=net) failed , error='UP_E_ADD_FAILED' (EXCH2K: Mapping Add/Modify Request, Error: An operations error occurred...)   Pasted the part of the tarce only just in an attempt to give more information. The entry I am trying to add is as:   dn: cn=ZZZGGG\, ANGUS,OU=test,DC=gepurbsres01,DC=net objectClass: person objectClass: organizationalPerson objectClass: user userAccountControl: 544 DisplayName: ZZZGGG, ANGUS cn: ZZZGGG, ANGUS givenName: ANGUS sn: ZZZGGG sAMAccountName: ZZZGGGtest homeMDB: CN=Mailbox Store (RLGMFUMX01),CN=First Storage Group,CN=Information  Store,CN=RLGMFUMX01,CN=Servers,CN=First Administrative Group,CN=Administrat  ive Groups,CN=RBSG Retail Exchange,CN=Microsoft Exchange,CN=Services,CN=Con  figuration,DC=gepurbsres01,DC=net mailNickname: ZZZGGG, ANGUS   The homeMDB value is correct and the meta directory connects to the Exchange server machine and the AD machine using the Admin user.   Can you please help me debug this. Thanks,   Mayuresh.