ma-Extension-error while provisioning users to AD using exchange 2010 SP1
Hello,
I am using exchange 2010 SP1 and FIM2010 for mail enabled users provisioning to AD. whenever i run sync rules, i get error ma-extension-error and event viewer shows me bellow attached log
Log Name: Application
Source: FIMSynchronizationService
Date: 5/2/2011 1:45:10 AM
Event ID: 6801
Task Category: Server
Level: Error
Keywords: Classic
User: N/A
Computer: rsv-fim2010.abc.local
Description:
The extensible extension returned an unsupported error.
The stack trace is:
"Microsoft.MetadirectoryServices.ExtensionException:
**** ERROR ****
ExternalEmailAddress is mandatory on MailUser. Property Name: ExternalEmailAddress
**** END ERROR ****
**** ERROR ****
The mail contact and mail user must have a valid external e-mail address. Property Name: ExternalEmailAddress
**** END ERROR ****
**** ERROR ****
The mail contact and mail user must have a valid external e-mail address. Property Name: ExternalEmailAddress
**** END ERROR ****
at Exch2010Extension.Exch2010ExtensionClass.AfterExportEntryToCd(Byte[] origAnchor, String origDN, String origDeltaEntryXml, Byte[] newAnchor, String newDN, String failedDeltaEntryXml, String errorMessage)
Forefront Identity Manager 4.0.2592.0"
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="FIMSynchronizationService" />
<EventID Qualifiers="49152">6801</EventID>
<Level>2</Level>
<Task>3</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2011-05-02T08:45:10.000Z" />
<EventRecordID>85377</EventRecordID>
<Channel>Application</Channel>
<Computer>rsv-FIM2010.abc.local</Computer>
<Security />
</System>
<EventData>
<Data>Microsoft.MetadirectoryServices.ExtensionException:
**** ERROR ****
ExternalEmailAddress is mandatory on MailUser. Property Name: ExternalEmailAddress
**** END ERROR ****
**** ERROR ****
The mail contact and mail user must have a valid external e-mail address. Property Name: ExternalEmailAddress
**** END ERROR ****
**** ERROR ****
The mail contact and mail user must have a valid external e-mail address. Property Name: ExternalEmailAddress
**** END ERROR ****
at Exch2010Extension.Exch2010ExtensionClass.AfterExportEntryToCd(Byte[] origAnchor, String origDN, String origDeltaEntryXml, Byte[] newAnchor, String newDN, String failedDeltaEntryXml, String errorMessage)
Forefront Identity Manager 4.0.2592.0</Data>
</EventData>
</Event>
i tried to goolge this error and found this was the issue with Exchange 2007 SP1 for which Microsoft has provided
rollup 4
Please help me as i am not anymorw able to provision mail-enabled users.
thanks in advance
-Mohit GoyalCheers, Mohit Goyal
May 2nd, 2011 5:34am
For MAIL-enabled users (not MAILBOX-enabled) users I have the following attributes (initial flow only): mailNickname, targetAddress. What attributes do you flow?
Free Windows Admin Tool Kit Click here and download it now
May 2nd, 2011 6:55am
hello Thomas,
I mean to say by mail enabled users is it must be mailbox enabled, i am trying to flow value in mailNickName attribute and Mail attribute.Cheers, Mohit Goyal
May 2nd, 2011 7:20am
In my opinion it's advised to let Exchange handle the mail attribute. It will fill in that attribute based on the address policies which are active in the Exchange org.
From the FIM Side I would flow
mailNickname homeMDB msExchHomeServerName msExchRBACPolicyLink See
FIM 2010: Exchange 2010 Mailbox Provisioning & OWA Options Panel
http://setspn.blogspot.com
Free Windows Admin Tool Kit Click here and download it now
May 2nd, 2011 8:07am
workingmind,
If you are attempting to create user mailboxes in Exchange 2010, you need to also supply the homeMDB and msExchHomeServerName values. The error you receive you get when update-recipient, the powershell cmdlet that fires on objects during export from FIM
2010 to Exchange 2010, fails. If it fails, Exchange thinks the object is a contact or mail-enabled user, which require a targetAddress value as external email address.
In order for this to work, WinRM must work between FIM sync server and target Exchange CAS server. Also, verify that Exchange 2010 URI is populated properly in properties for target MA.
Glenn Zuckemran, Microsoft Support, FIM/ILM/CLM/FIM CM
May 2nd, 2011 11:00am
Hello Glenn,
I am already flowing
- homeMDB
- msExchHomeServerName
- mDBUseDefault
-mailNickName
Exchange URI is same as before which is http://FQDN/Powershell , WinRM service is working and to make sure it is working i rebooted the server also but nothing changed.
Please help..
-Mohit Goyal
Cheers, Mohit Goyal
Free Windows Admin Tool Kit Click here and download it now
May 3rd, 2011 1:41am
Are you trying this for a newly-to-be-provisioned-user in AD?http://setspn.blogspot.com
May 3rd, 2011 5:33am
yes that`s correct..i am trying to provision newly created users in FIM portal to ADCheers, Mohit Goyal
Free Windows Admin Tool Kit Click here and download it now
May 3rd, 2011 8:16am
I'm encountering the exact same error trying to provision users to AD and onto Exchange. Did you find a resolution to your problem?
August 11th, 2011 10:00pm
I havd the sam error. I add the attributes:
mailNickname homeMDB msExchHomeServerName msExchRBACPolicyLink
but I still had the error.
I found an answer to a similar problem when they DO NOT flow value to mailNickName (http://social.technet.microsoft.com/wiki/contents/articles/4076.aspx)
Hope this helpJuanCC Technology Specialist
Free Windows Admin Tool Kit Click here and download it now
August 13th, 2012 2:33am
Did you validate that the homeMDB and msExchHomeServerName values have the correct DN syntax and are valid locations? I ran into this issue when we supplied incorrect values.
August 13th, 2012 11:41am