locked
Problem Creating Exchange 2007 Linked Mailbox RRS feed

  • Question

  • I can't create a linked mailbox with the Exchange 2007 Management Console or Management Shell.

     

    Environment:

    My environment conisist of 2 AD domains at the same site. A 2-way external trust has been established and verified.

    One domain hosts our Exchange 2007 server including some email enabled user accounts from that domain. The other domain does not have an Exchange server, and wants to start using it to receive email.

     

    Both AD domains are running at the Windows 2000 native functional level, but also have Server 2003 R2 SP2 AD servers which hold all FSMO roles.

     

    Problem:

    When I get to the point of selecting the linked domain controller in the new linked mailbox wizard, nothing is listed in the "select domain controller" window. The progress bar just "spins" at the bottom-right with "0 objects found."

     

    Eventually the window will timeout with an error showing all of the domain controllers in the trusted (account)forest, stating that the "client side timeout limit was exceeded."


    The odd thing is that I'm able to select the trusted domain in the first field of the window, so I know that the trust is visible to the server. Since I have 3 or 4 trusted accounts from the new account domain that were transitioned from my old Exchange 2000 server during installation, I'm certain that the trust is working.

    I've tried using the Domain Admin credentials for both AD domains (exchange domain and other user account domain) and the "select domain controller" window does the same thing.

     

    When I try to use the Management Console, I get the following error:

     

    "Failed to resolve the linked master account and verify that it exists in a forest that is different from the forest that hosts Microsoft Exchange.

    Error message: Active Directory operation failed on <ourserver.domain.com>. This error is not retriable. The operation was aborted because the client side timeout limit was exceeded."

    I feel like this is a permission issue somewhere, but have had no luck in finding any documentation to help. I have read the MS info regarding the deployment of an Exchange Resource Forest and can't find anything relevant other than establishing and verifying a domain trust.

     

    Do I need to run Setup.com /PrepareSchema and Setup.com /PrepareAD in the Active Directory domain that hosts user accounts? As far as I can tell, I should not have to do this unless I'm installing a second Exchange server for that AD domain.

     

    If anyone can please offer assistance, it would be greatly appreciated.
    Wednesday, April 23, 2008 8:40 PM

Answers

  • Problem solved.

    I upgraded the remaining Windows 2000 AD servers in the trusted domain to Server 2003 and raised the domain functional level to Windows 2003.

    As soon as I did this, I was able to browse the domain controllers from the exchange server when setting up the trusted account.
    Friday, April 25, 2008 8:30 PM

All replies

  • Hi,

     

    Is name resolution working?

     

    Can you ping a domain controller in the trusted domain from the exchange server using FQDN??

     

    You don't need to run any exchange related commands in the trusted domain.

     

    Leif

     

    Wednesday, April 23, 2008 9:21 PM
  •  

    Thanks for responding.

     

    Yes, name resolution is working properly.

     

    I can ping/access all workstations/servers/DCs from the exchange server to the trusted domain and vice versa.

     

     

    Thursday, April 24, 2008 12:00 AM
  • Problem solved.

    I upgraded the remaining Windows 2000 AD servers in the trusted domain to Server 2003 and raised the domain functional level to Windows 2003.

    As soon as I did this, I was able to browse the domain controllers from the exchange server when setting up the trusted account.
    Friday, April 25, 2008 8:30 PM