Thanks, Would it be worth running it on the agent machine,
or the AD machine? Regards, Mayuresh From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mayuresh Kshirsagar Hi Joe, Can you tell me a good sniffer? And of
course a free one ;-) The setup is like, the mds in installed on
one machine (on a different domain) which talks to the agent which is installed
on the exchange machine. The agent then uses the exchange native apis to create
the mail boxes which would be added to the AD. AD and exchange servers are on
same domain. Regards, Mayuresh. From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe That would tell me that the homeMDB value
either isn't correct or isn't being set properly. homeMDB is a linked DN
attribute, it *MUST* be valid when it is set. If the tool allows you to retreive the
extended LDAP error that would be great, if not get out a network sniffer and
trace the operation. If the issue is with homeMDB from the DC, you will see a
CONSTRAINT_ATT_TYPE error in clear text in the return packet from the DC. I would pull out a network sniffer From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mayuresh Kshirsagar The only sad thing about it is that when
with the same attributes minus the homeMDB, the users get created perfectly. From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Yes, again those attributes below seem
fine, there should be no issues setting them through LDAP, certainly AD won't
reject them. Again I would change the mailnickname to the same as
sAMAccountName but that is just me. If you are just mailbox enabling, setting
mailnickname and homemdb will do it. That whole thing is documented to be
unsupported by MS but I don't know of a single large company that doesn't do it
the same way. The RUS will fire with that info and set up the rest of the
attributes. Now if this is a user create from the
ground up, there could be issues with creating an enabled account. I
think we went hrough that before here on the list with you though
didn't we? joe From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mayuresh Kshirsagar The meta tries to create the entry. so it
creates the entry in AD and the agent is responsible for creating mailbox. Are
the attributes seen for the entry correct? Also what all is required if I am
creating a mailbox user from a meta or a script, etc. also can you
suggest if I can find some useful information from the exchange server? Any
diagnostics, etc? Thanks. From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe That error log isn't very good. You can't
even tell if it is an error being floated back from a DC. Could be something in
the meta directory tool. As for the specific data below for the
attributes to be set on the user, I don't see anything bad though I wouldn't
recommend the mailnickname to have that format, I would recommend it be the
same as the sAMAccountName value. I tend to put the "nice" full
version of the name in the displayName and that is the only place it is. What info specifically is the product
trying to set and how is it setting it? You may have to do a network trace or
something like it. From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mayuresh Kshirsagar Hi I am trying to use a metadirectory to add an exchange user.
An agent sitting on the Exchange server machine, which will add the mail box
for the user. But when I try to add the user, I am getting the following
error “An operations error occurred” 10:38:01.112: [1412.724] DataAccess: UP_AddRecord EXCH2K 10:38:01.112: [1412.724] DataAccess: EXCH2K: Operation:
Mapping Add/Modify Request 10:38:01.112: [1412.724] DataAccess: EXCH2K: Operation:
Mapping Add/Modify operation to Exchange operation 10:38:01.112: [1412.724] DataAccess: EXCH2K: Operation:
Getting an AD Object 10:38:01.112: [1412.724] DataAccess: EXCH2K: Operation:
Retrieving AD object 10:38:01.112: [1412.724] DataAccess: EXCH2K: Operation:
Retrieving AD object. Bind using Configured Credentials: 10:38:01.127: [1412.724] DataAccess: EXCH2K: Operation:
Retrieving AD object. Success AD Object: LDAP://cn=ZZZHHH\,
ANGUS,OU=test,DC=gepurbsres01,DC=net bind=ADS_SECURE_AUTHENTICATION 10:38:01.127: [1412.724] DataAccess: EXCH2K: Operation:
Getting an AD Object. Success server=rlgmfurs1ad01.gepurbsres01.net AD
Object=cn=ZZZHHH\, ANGUS,OU=test,DC=gepurbsres01,DC=net 10:38:01.127: [1412.724] DataAccess: EXCH2K: Operation: Add
Or Move a Mailbox 10:38:01.127: [1412.724] DataAccess: EXCH2K: Operation:
Getting an AD User Object from an an AD Object 10:38:03.502: [1412.724] DataAccess: EXCH2K: Operation: Add
Or Move a Mailbox Error: An operations error occurred...
Server=rlgmfurs1ad01.gepurbsres01.net, User=LDAP://cn=ZZZHHH\,
ANGUS,OU=test,DC=gepurbsres01,DC=net 10:38:03.502: [1412.724] DataAccess: EXCH2K: Mapping
Add/Modify Request, Error: An operations error occurred... 10:38:03.502: [1412.724] DataAccess: UP_AddRecord EXCH2K
Failure = EXCH2K: Mapping Add/Modify Request, Error: An operations error
occurred... 10:38:03.502: [1412.724] RUPS:
Muws2UPAdapter::write(EXCH2K:0:01BE0064): Call of
UP_Add/Modify/Delete/RenameRecord(cn=ZZZHHH\,
ANGUS,OU=test,DC=gepurbsres01,DC=net) failed , error='UP_E_ADD_FAILED' (EXCH2K:
Mapping Add/Modify Request, Error: An operations error occurred...) Pasted the part of the tarce only just in an attempt to give
more information. The entry I am trying to add is as: dn: cn=ZZZGGG\, ANGUS,OU=test,DC=gepurbsres01,DC=net objectClass: person objectClass: organizationalPerson objectClass: user userAccountControl: 544 DisplayName: ZZZGGG, ANGUS cn: ZZZGGG, ANGUS givenName: ANGUS sn: ZZZGGG sAMAccountName: ZZZGGGtest homeMDB: CN=Mailbox Store (RLGMFUMX01),CN=First Storage
Group,CN=Information Store,CN=RLGMFUMX01,CN=Servers,CN=First Administrative
Group,CN=Administrat ive Groups,CN=RBSG Retail Exchange,CN=Microsoft
Exchange,CN=Services,CN=Con figuration,DC=gepurbsres01,DC=net mailNickname: ZZZGGG, ANGUS The homeMDB value is correct and the meta directory connects
to the Exchange server machine and the AD machine using the Admin user. Can you please help me debug this. Thanks, Mayuresh. |
- RE: [ActiveDir] Problem adding an Exchange User - An o... Mayuresh Kshirsagar