none
Error during setup.com /prepareAD

    Întrebare

  • Hello,

    We were just starting to prepare the active directory (setup.com /preparead) after prepping the legacyexchangepermissions and the schema when we ran into this error.

         The following error was generated when "$error.Clear(); $arbMbxname = "Syst
    emMailbox{1f05a927-" + [System.Guid]::NewGuid().ToString().Substring(9) + "}"; $
    arbMbxLastName = "MSExchApproval 1f05a927-3be2-4fb9-aa03-b59fe3b56f4c"; $arbUser
     = @(Get-User -Filter {LastName -eq $arbMbxLastName} -IgnoreDefaultScope -Result
    Size 1); if ($arbUser.Length -eq 0) { $arbUser = @(Get-User -Arbitration -Filter
     {LastName -eq $arbMbxLastName} -IgnoreDefaultScope -ResultSize 1); } if ($arbUs
    er.Length -eq 0) { Install-UserAccount -Name $arbMbxname -LastName $arbMbxLastNa
    me; }" was run: "An error occuried while granting full access permission to the
    Organization Management role group on the mailbox "mydomain.com/Users/SystemM
    ailbox{1f05a927-0269-4a47-b134-f6f7a6a73e74}". Error details: Group "29a962c2-91
    d6-4ab7-9e06-8728f8f842ea" wasn't found. Please make sure you have typed the nam
    e correctly.".

    For rollback purposes we turned off the replication on the schema master. Could this explain the behavior we are seeing here?

    Anyone have any ideas?

    20 februarie 2012 16:35

Răspunsuri

  • Hi

    >> For rollback purposes we turned off the replication on the schema master

    This isn't a good idea and isn't a very effective method of rolling back anyway.  If you have a good backup of AD then you could use that to roll back if required.

    Enable replication again, wait a few minutes and then run setup /preparead again.

    If you like you can search on your various DCs and you will see that the group "Organization Management" either appears on all of them except for the Schema master or only on that DC.

    Cheers, Steve

    • Marcat ca răspuns de Rutger Klomp 21 februarie 2012 12:33
    20 februarie 2012 16:43

Toate mesajele

  • Hi

    >> For rollback purposes we turned off the replication on the schema master

    This isn't a good idea and isn't a very effective method of rolling back anyway.  If you have a good backup of AD then you could use that to roll back if required.

    Enable replication again, wait a few minutes and then run setup /preparead again.

    If you like you can search on your various DCs and you will see that the group "Organization Management" either appears on all of them except for the Schema master or only on that DC.

    Cheers, Steve

    • Marcat ca răspuns de Rutger Klomp 21 februarie 2012 12:33
    20 februarie 2012 16:43
  • What permissions/rights do you got on the installation/preparation account?

    Do you have any update on the status?

    Did you find the group Steve mentioned?


    Jonas Andersson | Microsoft Community Contributor Award 2011 | MCITP: EMA 2007/2010 | Blog: http://www.testlabs.se/blog | Follow me on twitter: jonand82

    21 februarie 2012 08:50
  • The "organization Management" group does not appear on any domain controllers besides the schema master. I guess this clears things up. I will turn the replication back on and try again.

    I will post back when the preparead step is completed.

    21 februarie 2012 09:19
  • Fixed it by turning replication back on again. Thanks!
    • Propus ca răspuns de Ben Whitmore 19 septembrie 2012 09:47
    21 februarie 2012 12:33
  • There is always a danger of switching off replication, some MS techs say this is ok and some advise against it. If you do decide to go down this root, ensure the DC you are running setup.com /adprep against has a Global Catalog. NOTE - As I understand, because of MS best practive guidelines for AD server role placement, a Global Catalog shouldn't be present on a DC holding FSMO roll infrastructure in the first place (unless ALL AD servers are Global Catalog Servers). So if you dont have a global catalog on the server you have disabled outbound replication on and then try to run setup.com /adprep then you will get errors similar to the one above. Check your exchange setup logs to see what Global Catalog server it is trying to communicate with.

    But in summary, switching replication back on at this point will resolve the error.

    19 septembrie 2012 09:57