When sending e-mail messages to a mail-enabled public folder that have been replicated from old Exchange Server 2000/2003/2007, Exchange Server 2010 environment mails are rejected with NDR.
Hi, I would like to share with you issue that I’ve solved regarding mail-enabled PF that migrated from Exchange 2000/2003/2007 to 2010, I’ve searched & contacted my MVP leader – there’s no official KB regarding this issue right now, so I’m posting here in order to share this among others. Note: There’s article(s) that talked about PF replication from Exch2000/2003/2007 to 2010 – this is the same issue as well. Symptoms E-mail messages that been sent to mail-enabled public folder in Exchange Server 2010 environment rejected with the following NDR: “#< #5.2.0 smtp;554 5.2.0 STOREDRV.Deliver.Exception:ObjectNotFoundException; Failed to process message due to a permanent exception with message The Active Directory user wasn’t found. ObjectNotFoundException: The Active Directory user wasn’t found.> #SMTP#” Sometimes Exchange Server 2010 is documented as well Event ID 1020 on the Event Viewer with this information: “Log Name: Application Source: MSExchange Store Driver Event ID: 1020 Level: Error Description: The store driver couldn’t deliver the public folder replication message "Hierarchy (PublicFolderName@DNSDomainName.com)" because the following error occurred: The Active Directory user wasn't found.” Cause In an environment where Microsoft Exchange Server 2000 or Microsoft Exchange Server 2003 previously existed, and all those servers have been removed, there is a chance that an Administrative Group (First Administrative Group or another custom Administrative Group) remains with a Servers container, but no servers inside it. During replication, when the Exchange 2010 Store Driver sees the empty Servers container in Active Directory, it's expecting a System Attendant object inside the container and when it is not found the error occurs. Resolution To work around the issue, delete the empty Servers container. This can't be done through Exchange System Manager. Use the ADSI Edit tool to remove it using the following steps: Warning If you use the ADSI Edit snap-in, the LDP utility, or any other LDAP version 3 client, and you incorrectly modify the attributes of Active Directory objects, you can cause serious problems. These problems may require you to reinstall Microsoft Windows 2003 Server, Microsoft Windows Server 2008, Microsoft Exchange 2010 Server or both Windows and Exchange. Microsoft cannot guarantee that problems that occur if you incorrectly modify Active Directory object attributes can be solved. Modify these attributes at your own risk. 1. Start the ADSI Edit MMC Snap-in. Click Start, then Run, and type adsiedit.msc, and then click OK. 2. Connect & Expand the Configuration Container [YourServer.DNSDomainName.com], and then expand CN=Configuration,DC=DNSDomainName,DC=com. 3. Expand CN=Services, and then CN=Microsoft Exchange, and then expand CN=YourOrganizationName. 4. You will see an empty Administrative Group. Expand the CN=YourAdministrativeGroupName. 5. Expand CN=Servers. 6. Verify there are no server objects listed under the CN=Servers container. 7. Right click on the empty CN=Servers container and choose Delete. 8. Verify the modification, and try to send again the E-mail to the mail-enabled public folder. Applies to Exchange Server 2010, Standard Edition Exchange Server 2010, Enterprise Edition Netanel Ben-Shushan, MCSA/E, MCTS, MCITP, Windows Expert-IT Pro MVP. IT Consultant & Trainer | Website (Hebrew): http://www.ben-shushan.net | IT Services: http://www.ben-shushan.net/services | Weblog (Hebrew): http://blogs.microsoft.co.il/blogs/netanelb | E-mail: msilforums@ben-shushan.net
May 11th, 2011 1:00pm

Thanks for sharing the knowledge, Netanel. It would definitely help others who get the same issue Additional Information: Public Folder Replication Fails Due To Empty Legacy Administrative GroupPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
May 11th, 2011 10:43pm

Thank you for posting this...it fixed the issue and we back in business. Thanks again, Alex SamolAlex Samol
June 6th, 2012 3:18pm

I have just renamed (Rename would be easier than AD Restore) the entry CN=First Administrative Group to CN=First Administrative Group OLD and from now on everything works fine! All mails are successfully sent to mail enabled public folders! Thank you for your posting!
Free Windows Admin Tool Kit Click here and download it now
October 4th, 2012 5:23am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics