none
enable-mailbox -organization RRS feed

Answers

  • From the warning above, my guess is that you are trying to move a mailbox that you created in the root into the Org and just change the some of the AD attribute as I can see the address list is pointing to the root address list. That will definitely not work and will break address list segregation and security. You shouldn't do that.

    Anyway, like I said, do wait for the migration guidance to come up to ensure what you are trying to do is supported and not going to create issue for you in the future.

    Thanks.

     


    Regards, Kip Ng - http://blogs.technet.com/b/provtest/
    Thursday, August 19, 2010 4:09 PM
    Answerer

All replies

  • Hi Hilavienka,

    While the cmdlet has no -organization switch, you can still enable-mailbox, as long as you set the right context, such as,

    Get-User -Organization Tailspin User1 | Enable-Mailbox

     

     


    Regards, Kip Ng - http://blogs.technet.com/b/provtest/
    Tuesday, August 17, 2010 3:39 PM
    Answerer
  • Hi Kip,

    thanks for your answer.

    But how can you get "organization", when existing users in AD don't have set this atribute yet?

    Organization set only cmdlet new-mailbox I mean.

     It set a lot of atributes. I saw over Adsiedit for example ( msExchCU, msExchMailboxTemplateLink,  msExchParentPlanLink, ...)

     

    Wednesday, August 18, 2010 7:04 AM
  • Yes, that's true.

    My question will be then, how did you create the user in the first place?

    Just like HMC, when a user is created, it goes through a series of tasks to stamp the appropriate attribute, RBAC, permissions, ensuring that it is in the right OU and etc. My example above will allow you to disable a specific mailbox and re-enable them, provided of course it was created properly in the first place using New-Mailbox.

    In short, I would say it is never advisable to create the user manually through DSA and then move it from one Org to another then enable the mailbox. Not to say that it won't work or can't be done but like you already figure out, there are some pre-conditions for this to work, and post tasks after creation and you need to know what to do (almost like reverse engineer the whole process).

    In short, I would say, it will almost be like HMC where Microsoft will not like supporting user creation, mailbox move, user removal through DSA. Everything should goes through the MPS.

     


    Regards, Kip Ng - http://blogs.technet.com/b/provtest/
    Wednesday, August 18, 2010 3:01 PM
    Answerer
  • We have existing AD domain where users use EX2010/Sharepoint/OCS/and ERP applications over terminal services.
    We don't offer just Exchange

    We will to need reinstall in future EX2010 with /hosting switch, enable mailbox and restore mailboxes.
    Whitout enable-mailox with -organization option we have a big problem I mean.

     

    Wednesday, August 18, 2010 3:17 PM
  • I understand. If you are running HMC 4.5, a guidance will be provided to migrate user to the new Exchange 2010 hosting environment. So, I would say, just hang on there.

    If you are not running HMC 4.5, I would still say, wait for that guidance as it will most likely provide steps that you can use to do the move and mailbox migration.

    In your situation, I would say, enable-mailbox with -Organization isn't what you should be concern of, rather it is new-user creation that you will want it to properly tie it with the organization. Or when you use ADMT, you need to figure out how to tie that to the organization. Once it is tied, then you can enable the mailbox using what I mentioned earlier.

    So, tying the user to the organization, you will most likiely need to look at populating some of those attributes you mentioned such as msExchCU, msExchOURoot, UserPrincipalName and etc. manually.

     


    Regards, Kip Ng - http://blogs.technet.com/b/provtest/
    Wednesday, August 18, 2010 4:23 PM
    Answerer
  • We will to need to the future eneble mailbox additional, because some users can to use a few month just Sharepoin or ERP system and then you will whant email services.

    I tested to set organization manualy by write value to msExchCU, msExchOURoot, UserPrincipalName and etc. , and add to security groups, but it isn't enought.

    when I run get-mailbox test1 -organization Contoso

    WARNING: The object outsourcing.acme.com/Microsoft Exchange Hosted Organizations/Contoso/Test user1 has been
    corrupted, and it's in an inconsistent state. The following validation errors happened:
    WARNING: Object 'outsourcing.acme.com/Microsoft Exchange Hosted Organizations/Contoso/Test user1' in organization
    outsourcing.acme.com/Microsoft Exchange Hosted Organizations/Contoso -
    outsourcing.acme.com/Configuration/Services/Microsoft Exchange/ConfigurationUnits/Contoso/Configuration: the linked object
     of property 'AddressListMembership' is '\Mailboxes(VLV)', which doesn't exist in the same organization with the
    object.
    WARNING: Object 'outsourcing.acme.com/Microsoft Exchange Hosted Organizations/Contoso/Test user1' in organization
    outsourcing.acme.com/Microsoft Exchange Hosted Organizations/Contoso -
    outsourcing.acme.com/Configuration/Services/Microsoft Exchange/ConfigurationUnits/Contoso/Configuration: the linked object
     of property 'AddressListMembership' is '\All Mailboxes(VLV)', which doesn't exist in the same organization with the
    object.
    WARNING: Object 'outsourcing.acme.com/Microsoft Exchange Hosted Organizations/Contoso/Test user1' in organization
    outsourcing.acme.com/Microsoft Exchange Hosted Organizations/Contoso -
    outsourcing.acme.com/Configuration/Services/Microsoft Exchange/ConfigurationUnits/Contoso/Configuration: the linked object
     of property 'AddressListMembership' is '\All Recipients(VLV)', which doesn't exist in the same organization with the
    object.
    WARNING: Object 'outsourcing.acme.com/Microsoft Exchange Hosted Organizations/Contoso/Test user1' in organization
    outsourcing.acme.com/Microsoft Exchange Hosted Organizations/Contoso -
    outsourcing.acme.com/Configuration/Services/Microsoft Exchange/ConfigurationUnits/Contoso/Configuration: the linked object
     of property 'AddressListMembership' is '\All Users', which doesn't exist in the same organization with the object.
    WARNING: Object 'outsourcing.acme.com/Microsoft Exchange Hosted Organizations/Contoso/Test user1' in organization
    outsourcing.acme.com/Microsoft Exchange Hosted Organizations/Contoso -
    outsourcing.acme.com/Configuration/Services/Microsoft Exchange/ConfigurationUnits/Contoso/Configuration: the linked object
     of property 'AddressListMembership' is '\Default Global Address List', which doesn't exist in the same organization
    with the object.
    WARNING: Object 'outsourcing.acme.com/Microsoft Exchange Hosted Organizations/Contoso/Test user1' in organization
    outsourcing.acme.com/Microsoft Exchange Hosted Organizations/Contoso -
    outsourcing.acme.com/Configuration/Services/Microsoft Exchange/ConfigurationUnits/Contoso/Configuration: the linked object
     of property 'ReadOnlyAddressListMembership' is '\Mailboxes(VLV)', which doesn't exist in the same organization with
    the object.
    WARNING: Object 'outsourcing.acme.com/Microsoft Exchange Hosted Organizations/Contoso/Test user1' in organization
    outsourcing.acme.com/Microsoft Exchange Hosted Organizations/Contoso -
    outsourcing.acme.com/Configuration/Services/Microsoft Exchange/ConfigurationUnits/Contoso/Configuration: the linked object
     of property 'ReadOnlyAddressListMembership' is '\All Mailboxes(VLV)', which doesn't exist in the same organization
    with the object.
    WARNING: Object 'outsourcing.acme.com/Microsoft Exchange Hosted Organizations/Contoso/Test user1' in organization
    outsourcing.acme.com/Microsoft Exchange Hosted Organizations/Contoso -
    outsourcing.acme.com/Configuration/Services/Microsoft Exchange/ConfigurationUnits/Contoso/Configuration: the linked object
     of property 'ReadOnlyAddressListMembership' is '\All Recipients(VLV)', which doesn't exist in the same organization
    with the object.
    WARNING: Object 'outsourcing.acme.com/Microsoft Exchange Hosted Organizations/Contoso/Test user1' in organization
    outsourcing.acme.com/Microsoft Exchange Hosted Organizations/Contoso -
    outsourcing.acme.com/Configuration/Services/Microsoft Exchange/ConfigurationUnits/Contoso/Configuration: the linked object
     of property 'ReadOnlyAddressListMembership' is '\All Users', which doesn't exist in the same organization with the
    object.
    WARNING: Object 'outsourcing.acme.com/Microsoft Exchange Hosted Organizations/Contoso/Test user1' in organization
    outsourcing.acme.com/Microsoft Exchange Hosted Organizations/Contoso -
    outsourcing.acme.com/Configuration/Services/Microsoft Exchange/ConfigurationUnits/Contoso/Configuration: the linked object
     of property 'ReadOnlyAddressListMembership' is '\Default Global Address List', which doesn't exist in the same
    organization with the object.

     

     

     

     

    Thursday, August 19, 2010 8:06 AM
  • From the warning above, my guess is that you are trying to move a mailbox that you created in the root into the Org and just change the some of the AD attribute as I can see the address list is pointing to the root address list. That will definitely not work and will break address list segregation and security. You shouldn't do that.

    Anyway, like I said, do wait for the migration guidance to come up to ensure what you are trying to do is supported and not going to create issue for you in the future.

    Thanks.

     


    Regards, Kip Ng - http://blogs.technet.com/b/provtest/
    Thursday, August 19, 2010 4:09 PM
    Answerer
  • Because RTM SP1 hasn't solution for me now
    I wrote PS script for set required atributes.

    It's unsupported and unrecomended solution ofcourse

    sorry I'm not script guru :)

    ### Set organization atributes for enabled-mailbox users.
    # ver.0,4
    #author Richard Hlavienka, 
    #
    ###
    
    
    $Org = Read-host "Enter Organozation Name"
    $User = Read-Host “Enter the User's Full Name”
    
    $root = [ADSI]''
    $CurrentDN = $root.DistinguishedName
    
    $mailboxplan = get-mailboxplan -organization $Org | where-object {$_.isdefault -ilike ("true") }
    $defmailboxplan = $mailboxplan.name
    $objUser = [ADSI]“LDAP://CN=$User,OU=$Org,OU=Microsoft Exchange Hosted Organizations,$CurrentDN”
    $objUser.put(“msExchCU”, “CN=Configuration,CN=$Org,CN=ConfigurationUnits,CN=Microsoft Exchange,CN=Services,CN=Configuration,$CurrentDN”)
    $objUser.put(“msExchMailboxTemplateLink”, “CN=DefaultRetentionPolicy,CN=Retention Policies Container,CN=Configuration,CN=$Org,CN=ConfigurationUnits,CN=Microsoft Exchange,CN=Services,CN=Configuration,$CurrentDN”)
    $objUser.put(“msExchOURoot”, “OU=$org,OU=Microsoft Exchange Hosted Organizations,$CurrentDN”)
    $objUser.put(“msExchOWAPolicy”, “CN=OwaMailboxPolicy-Default,CN=OWA Mailbox Policies,CN=Configuration,CN=$Org,CN=ConfigurationUnits,CN=Microsoft Exchange,CN=Services,CN=Configuration,$CurrentDN”)
    $objUser.put(“msExchParentPlanLink”, “CN=$defmailboxplan,OU=$Org,OU=Microsoft Exchange Hosted Organizations,$CurrentDN”)
    $objUser.put(“msExchRBACPolicyLink”, “CN=Default Role Assignment Policy,CN=Policies,CN=RBAC,CN=Configuration,CN=$Org,CN=ConfigurationUnits,CN=Microsoft Exchange,CN=Services,CN=Configuration,$CurrentDN”)
    $objUser.putex(2, "showInAddressBook", @(“CN=All Mailboxes(VLV),CN=All System Address Lists,CN=Address Lists Container,CN=Configuration,CN=$Org,CN=ConfigurationUnits,CN=Microsoft Exchange,CN=Services,CN=Configuration,$CurrentDN”,
    “CN=All Recipients(VLV),CN=All System Address Lists,CN=Address Lists Container,CN=Configuration,CN=$Org,CN=ConfigurationUnits,CN=Microsoft Exchange,CN=Services,CN=Configuration,$CurrentDN”, 
    “CN=All Users,CN=All Address Lists,CN=Address Lists Container,CN=Configuration,CN=$Org,CN=ConfigurationUnits,CN=Microsoft Exchange,CN=Services,CN=Configuration,$CurrentDN“,
    "CN=Default Global Address List,CN=All Global Address Lists,CN=Address Lists Container,CN=Configuration,CN=$Org,CN=ConfigurationUnits,CN=Microsoft Exchange,CN=Services,CN=Configuration,$CurrentDN", 
    "CN=Mailboxes(VLV),CN=All System Address Lists,CN=Address Lists Container,CN=Configuration,CN=$Org,CN=ConfigurationUnits,CN=Microsoft Exchange,CN=Services,CN=Configuration,$CurrentDN", 
    "CN=Offline Global Address List,CN=All Address Lists,CN=Address Lists Container,CN=Configuration,CN=$Org,CN=ConfigurationUnits,CN=Microsoft Exchange,CN=Services,CN=Configuration,$CurrentDN"))
    $objUser.setInfo()
    
    $usermb = get-mailbox "$user" -organization $Org
    $userdn = $usermb.distinguishedName
    $fqgroup1 = [ADSI]“LDAP://CN=Hosted Organization Mailboxes,OU=Hosted Organization Security Groups,OU=$Org,OU=Microsoft Exchange Hosted Organizations,$CurrentDN”
    $fqgroup1.member.add($UserDN)
    $fqgroup1.setInfo()
    $fqgroup2 = [ADSI]“LDAP://CN=Hosted Organization Password Settings,OU=Hosted Organization Security Groups,OU=$Org,OU=Microsoft Exchange Hosted Organizations,$CurrentDN”
    $fqgroup2.member.add($UserDN)
    $fqgroup2.setInfo()
    Thursday, August 26, 2010 8:17 PM