Hi There, I'm having trouble moving mailboxes from one forest to another and need a couple of things clarified. On the destination forest do I need to create the AD account pre-move or an AD account WITH mailbox? I've tried moving mailboxes with mixed results, for example I tried moving an account by creating a mailbox on the destination server first and got this issue; [PS] C:\>New-MoveRequest -Identity 'test.mailbox@resourcegroup.co.uk' -Remote -TargetDatabase 'Users from LRTT' -Remote HostName 'mail.lrtt.co.uk' -RemoteCredential $Cred -TargetDeliveryDomain 'resourcegroup.co.uk' Target user 'Test Mailbox' already has a primary mailbox. + CategoryInfo : InvalidArgument: (test.mailbox@resourcegroup.co.uk:MailboxOrMailUserIdParameter) [New-Mo veRequest], RecipientTaskException + FullyQualifiedErrorId : CBF9D817,Microsoft.Exchange.Management.RecipientTasks.NewMoveRequest and then I removed the account and tried and got this issue; [PS] C:\>New-MoveRequest -Identity 'test.mailbox@resourcegroup.co.uk' -Remote -TargetDatabase 'Users from LRTT' -Remote HostName 'mail.lrtt.co.uk' -RemoteCredential $Cred -TargetDeliveryDomain 'resourcegroup.co.uk' The operation couldn't be performed because object 'test.mailbox@resourcegroup.co.uk' couldn't be found on 'thdc2.Resou rceGroup.co.uk'. + CategoryInfo : NotSpecified: (0:Int32) [New-MoveRequest], ManagementObjectNotFoundException + FullyQualifiedErrorId : E0AD70F2,Microsoft.Exchange.Management.RecipientTasks.NewMoveRequest Can anyone help? Many Thanks

Hi You need to have a mail user object in the destination organisation which has the same values as the source object. See the mandatory attributes section in this document: http://technet.microsoft.com/en-us/library/ee633491 Cheers, Steve

Hi Steve, Thanks for your quick reply. Is thee a simple way to copy this information or is it a time consuming process of copying and pasting??

Hi, This should help: http://technet.microsoft.com/en-us/library/ee861103 Leif

Thanks Leif, When I try that I get; [PS] C:\Program Files\Microsoft\Exchange Server\V14\Scripts>./Prepare-MoveRequest.ps1 -Identity test.mailbox@lrtt.co.uk -RemoteForestDomainController thdc1.resourcegroup.co.uk -RemoteForestCredential $RemoteCredentials -LocalForestDomainCon troller kadc1.lrtt.co.uk -LocalForestCredential $LocalCredentials C:\Program Files\Microsoft\Exchange Server\V14\Scripts\Prepare-MoveRequest.ps1 : Error looking up source MBX test.mailb ox@lrtt.co.uk in source forest. At line:1 char:26 + ./Prepare-MoveRequest.ps1 <<<< -Identity test.mailbox@lrtt.co.uk -RemoteForestDomainController thdc1.resourcegroup.c o.uk -RemoteForestCredential $RemoteCredentials -LocalForestDomainController kadc1.lrtt.co.uk -LocalForestCredential $L ocalCredentials + CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Prepare-MoveRequest.ps1 0 mailbox(s) ready to move. I am correct in running the command on the new domain aren't I? Am I also right in thinking that; $LocalCredentials = new domain credentials $RemoteCredentials = old domain credentials

Hi James, I'm not moving from Exhcange 2007 to 2010, I'm moving from a 2010 server in one forest to a 2010 server in another. Does your guide still apply? Many Thanks

I've managed to successfully get 1 mailbox READY to move... can someone tell me how I get it to move?? [PS] C:\Program Files\Microsoft\Exchange Server\V14\Scripts>./Prepare-MoveRequest.ps1 -Identity test.mailbox -RemoteFor stDomainController kadc1.lrtt.co.uk -RemoteForestCredential $RemoteCredentials -LocalForestDomainController thdc1.resou cegroup.co.uk -LocalForestCredential $LocalCredentials -LinkedMailUser Appending x500:/o=LRTT/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=Test Mailbox to proxyAddress s of New Object in Local forest. Appending x500:/o=ResourceGroup/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=Test Mailboxa53 to roxyAddresses of Object(CN=Test Mailbox,CN=Users,DC=lrtt,DC=co,DC=uk) in Source forest. Preparation for test.mailbox done. 1 mailbox(s) ready to move. Help? :)

My blog posts shows, did you try or were you getting an error New-MoveRequest -Identity "CN=alexander htet,OU=FromILM,OU=GALSync,DC=corp,DC=dom" -RemoteLegacy -TargetDatabase "mdb04 tier2" -baditemlimit 100 -acceptlargedataloss -RemoteGlobalCatalog "sourceDC" -RemoteCredential $Remote -TargetDeliveryDomain "TargetDC" -SuspendWhenReadyToComplete James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

Hi James, Is -TargetDatabase where the mailbox is moving TO or FROM?

target is the TO.James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

Also you dont need to specifiy the whole DN "cn=blah blah" like below you can just use the username New-MoveRequest -Identity "Bjones" -RemoteLegacy -TargetDatabase "mdb04 tier2" -baditemlimit 100 -acceptlargedataloss -RemoteGlobalCatalog "sourceDC" -RemoteCredential $Remote -TargetDeliveryDomain "TargetDC" -SuspendWhenReadyToComplete James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

I tried this but it failed :( [PS] C:\Program Files\Microsoft\Exchange Server\V14\Scripts>New-MoveRequest -Identity test.mailbox@lrtt.co.uk -Remote -T argetDatabase 'Users from LRTT' -RemoteHostName 'kamx1.lrtt.co.uk' -RemoteCredential $RemoteCredentials -TargetDeliveryD omain 'mail.resourcegroup.co.uk' The call to 'https://kamx1.lrtt.co.uk/EWS/mrsproxy.svc' failed because no service was listening on the specified endpoi nt. Error details: There was no endpoint listening at https://kamx1.lrtt.co.uk/EWS/mrsproxy.svc that could accept the m essage. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details. --> The remote name could not be resolved: 'kamx1.lrtt.co.uk' + CategoryInfo : NotSpecified: (0:Int32) [New-MoveRequest], RemotePermanentException + FullyQualifiedErrorId : C4DA96C7,Microsoft.Exchange.Management.RecipientTasks.NewMoveRequest

What server is 'kamx1.lrtt.co.uk' and what server is 'mail.resourcegroup.co.uk' James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

kamx1.lrtt.co.uk is the mailserver that the mailbox is moving FROMmail.resourcegroup.co.uk is the CAS server that the mailbox is moving TO I've checked KAMX1 and it does has the EWS virt dir in IIS and its running SSL Require SSL and Ignore Client Certs.

instead of kamx1.lrtt.co.uk you need to use the DC not the source exchange. Do this -RemoteGlobalCatalog "sourceDC" Not this -RemoteHostName 'kamx1.lrtt.co.uk' Then targetdeliverydomain is just just the domain name of the new domain you're moving to resourcegroup.co.uk (not the exchange server name)James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

OK I'll give that as whirl!! Thanks a lot!

It requests a RemoteHostName cmdlet New-MoveRequest at command pipeline position 1 Supply values for the following parameters: RemoteHostName: :/

Doesn't this suggest that there's an issue on kamx1? [PS] C:\Program Files\Microsoft\Exchange Server\V14\Scripts>New-MoveRequest -Identity test.mailbox@lrtt.co.uk -Remote -T argetDatabase 'Users from LRTT' -RemoteGlobalCatalog 'kadc1.lrtt.co.uk' -RemoteCredential $RemoteCredentials -TargetDeli veryDomain 'resourcegroup.co.uk' cmdlet New-MoveRequest at command pipeline position 1 Supply values for the following parameters: RemoteHostName: kamx1.lrtt.co.uk The call to 'https://kamx1.lrtt.co.uk/EWS/mrsproxy.svc' failed because no service was listening on the specified endpoi nt. Error details: There was no endpoint listening at https://kamx1.lrtt.co.uk/EWS/mrsproxy.svc that could accept the m essage. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details. --> The remote name could not be resolved: 'kamx1.lrtt.co.uk' + CategoryInfo : NotSpecified: (0:Int32) [New-MoveRequest], RemotePermanentException + FullyQualifiedErrorId : C4DA96C7,Microsoft.Exchange.Management.RecipientTasks.NewMoveRequest It loks to me that https://kamx1.lrtt.co.uk/EWS/mrsproxy.svc isnt working..

That gives me the following; [PS] C:\Program Files\Microsoft\Exchange Server\V14\Scripts>New-MoveRequest -Identity test.mailbox@lrtt.co.uk -RemoteLeg acy -TargetDatabase 'Users from LRTT' -RemoteGlobalCatalog 'kadc1.lrtt.co.uk' -RemoteCredential $RemoteCredentials -Targ etDeliveryDomain 'resourcegroup.co.uk' An Active Directory error 0x51 occurred when trying to check the suitability of server 'kadc1.lrtt.co.uk'. Error: 'Acti ve directory response: The LDAP server is unavailable.' + CategoryInfo : NotSpecified: (0:Int32) [New-MoveRequest], RemoteTransientException + FullyQualifiedErrorId : F617BA2E,Microsoft.Exchange.Management.RecipientTasks.NewMoveRequest The previosu commands looked as if it should work if only for the EWS error.

Is 'kadc1.lrtt.co.uk as GC?James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

Yup, the only one on that site.

From the 2010 server you're running the move request, can you ping kadc1? James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com AHAR!!! Good point, I'd set the servers IP using the hosts file on my PC as im running the command from PS on my PC but I guess the server needs it too!! D'oh!

I added the required hosts records to the mail servers and I still get the same issues; [PS] C:\Windows\system32>New-MoveRequest -Identity test.mailbox@lrtt.co.uk -Remote -TargetDatabase 'Users from LRTT' -Re moteGlobalCatalog 'kadc1.lrtt.co.uk' -RemoteCredential $RemoteCredentials -TargetDeliveryDomain 'resourcegroup.co.uk' cmdlet New-MoveRequest at command pipeline position 1 Supply values for the following parameters: RemoteHostName: kamx1.lrtt.co.uk The call to 'https://kamx1.lrtt.co.uk/EWS/mrsproxy.svc' failed because no service was listening on the specified endpoi nt. Error details: There was no endpoint listening at https://kamx1.lrtt.co.uk/EWS/mrsproxy.svc that could accept the m essage. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details. --> The remote name could not be resolved: 'kamx1.lrtt.co.uk' + CategoryInfo : NotSpecified: (0:Int32) [New-MoveRequest], RemotePermanentException + FullyQualifiedErrorId : C4DA96C7,Microsoft.Exchange.Management.RecipientTasks.NewMoveRequest ;/

I've made progress, the inverted commas were ballsing it up. Now I get; [PS] C:\Windows\system32>New-MoveRequest -Identity test.mailbox@lrtt.co.uk -Remote -TargetDatabase 'Users from LRTT' -Re moteGlobalCatalog 'kadc1.lrtt.co.uk' -RemoteCredential $RemoteCredentials -TargetDeliveryDomain 'resourcegroup.co.uk'-Re moteHostName kamx1.lrtt.co.uk The call to 'https://kamx1.lrtt.co.uk/EWS/mrsproxy.svc' failed. Error details: Could not establish trust relationship f or the SSL/TLS secure channel with authority 'kamx1.lrtt.co.uk'. --> The underlying connection was closed: Could not es tablish trust relationship for the SSL/TLS secure channel. --> The remote certificate is invalid according to the valid ation procedure.. + CategoryInfo : NotSpecified: (0:Int32) [New-MoveRequest], RemoteTransientException + FullyQualifiedErrorId : 42D47808,Microsoft.Exchange.Management.RecipientTasks.NewMoveRequest

I think I've found the issue in event log; Microsoft Exchange could not find a certificate that contains the domain name mail.lrtt.co.uk in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Default KAMX1 with a FQDN parameter of mail.lrtt.co.uk. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.

How come you are still using the remotehostname parameter? Is is still not working if you just do like below? New-MoveRequest -Identity test.mailbox@lrtt.co.uk -RemoteLegacy -TargetDatabase 'Users from LRTT' -RemoteGlobalCatalog 'kadc1.lrtt.co.uk' -RemoteCredential $RemoteCredentials -TargetDeliveryDomain 'resourcegroup.co.uk' James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

Hi There, That didn't work, it moaned about LDAP. I've discovered that it's a certificate issue that I've got now. "Microsoft Exchange could not find a certificate that contains the domain name mail.lrtt.co.uk in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Default KAMX1 with a FQDN parameter of mail."

If it's moaning about your new exchange not being able to communicate with your old DCs than I would expect more problems down the line not just with mailbox moves. You need to find out why it can't communicate with the DC. That error about the certificate is generic everybody and their cousin gets that error when they first build exchange. You need to check the ports required for mailboxe moves. MapiExceptionNetworkError: Unable to make connection to the server. (hr=0x80004005, ec=2423) http://msexchangetips.blogspot.com/2010/11/mapiexceptionnetworkerror-unable-to.htmlJames Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com