exchange 2010 schemaupdate or ad update not OK
sitrep: existing exch2003 sp2 server, existing exch2010 sp1 server,
when running setup.com /prepareschema, a failure occurs:
in exchange setup log:
[ERROR] There was an error while running 'ldifde.exe' to import the schema file 'C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema8.ldf'. The error code is: 8245
in ldif.err:
Entry DN: CN=ms-DS-Phonetic-Company-Name,CN=Schema,CN=Configuration,DC=exprimo,DC=com
Add error on entry starting on line 120: Unwilling To Perform
The server side error is: 0x20bb Schema update failed: duplicate OID.
The extended server error is:
000020BB: SvcErr: DSID-032603BC, problem 5003 (WILL_NOT_PERFORM), data 8379
any idea on how to resolve this, I cannot find which OID is duplicate.Seppe Nuydens TFE E>lectronics
June 23rd, 2011 5:37am
I find similar case. Maybe you can read it and check your DC.
Error code: 8245. More details can be found in the error file 'C:\Documents and
Settings\LANManager\Local Settings\Temp\ldif.err'.
Entry DN:
CN=ms-Exch-Mobile-Mailbox-Policy-Link,CN=Schema,CN=Configuration,DC=hhmi,DC=org
Add error on line 71: Unwilling To Perform The server side error is "Schema update
failed: duplicate OID." An error has occurred in the program
Ran ADSIEDIT and connect to Schema
Cannot find the object
CN=ms-Exch-Mobile-Mailbox-Policy-Link,CN=Schema,CN=Configuration,DC=hhmi,DC=org
Ran Ldifde -d "CN=Schema,CN=Configuration,DC=hhmi,DC=org" -f result.txt -s
<DC_schema_master>
Searched for Mobile-Mailbox - Found the entry
dn:
CN=CN\=ms-Exch-Mobile-Mailbox-Policy-Link,CN=Schema,CN=Configuration,DC=hhmi,DC=org
cn: ms-Exch-Mobile-Mailbox-Policy-Link
As we can see the DN is incorrect CN=CN\, it should be
CN=ms-Exch-Mobile-Mailbox-Policy-Link,CN=Schema,CN=Configuration,DC=hhmi,DC=org
---------------
Steps to fix the DN for
CN=CN\=ms-Exch-Mobile-Mailbox-Policy-Link,CN=Schema,CN=Configuration,DC=hhmi,DC=org
-----------
1 Launch LDP.exe and bind to the DS server you want to modify. Make sure you are
schema admin, and admin over the partition you are modifying
2. After connecting and binding navigate to the browse menu and select the "Modify"
option.
3. Leave the DN blank, type 'schemaUpgradeInProgress' into the Attribute field and
in the values field type 1.
4. Click the Add operation and then click the enter button. This will add this
command to the entry list.
5. Click the Run button. If you are successful you should see a successful modify
message.
6. Go to View -> Tree. Connect to the appropriate base DN -
CN=CN\=ms-Exch-Mobile-Mailbox-Policy-Link,CN=Schema,CN=Configuration,DC=hhmi,DC=org
NOTE: If your goal is to delete an object in AD that has child objects, then you
will need to remove the child objects first.
7. Find the object, right click and select modify
8. In the attribute field, type "systemflags"; in the Values field, leave it blank;
in the operation radio options, select delete
9. Then click Enter, then click Run to remove the system flags values
10. Perform the modification or deletion of the object - Right-click Modify DN
CN=CN\=ms-Exch-Mobile-Mailbox-Policy-Link,CN=Schema,CN=Configuration,DC=hhmi,DC=org
12. Type the new DN
CN=ms-Exch-Mobile-Mailbox-Policy-Link,CN=Schema,CN=Configuration,DC=hhmi,DC=org
11. Set the systemflags value back to the original value, to make it owned by the
system again
11. Once finished, run LDP again with the above steps, changing the
schemaUpgradeInProgress value to 0 (to prevent unwanted schema/system changes).
Ran ADSIEDIT
Connect to Schema
Now we are able to see the object
CN=CN\=ms-Exch-Mobile-Mailbox-Policy-Link,CN=Schema,CN=Configuration,DC=hhmi,DC=org
Ran Setup /PrepareSchema --> Result
---------------------------------------------------------
CN=ms-Exch-Mobile-Mailbox-Policy-BL,CN=Schema,CN=Configuration,DC=hhmi,DC=org
Entry DN:
CN=ms-Exch-Mobile-Mailbox-Policy-BL,CN=Schema,CN=Configuration,DC=hhmi,DC=org
Add error on line 91: Unwilling To Perform The server side error is "Schema update
failed: An attribute with the same link identifier already exists." 5 entries
modified successfully. An error has occurred in the program
We noticed that the object ms-Exch-Mobile-Mailbox-Policy-BL is still missing
Disabled AD outbound replication
Repadmin /options localhost +disable_outbound_repl
.
Create attribute schema object ms-Exch-Mobile-Mailbox-Policy-BL running Adsiedit.
Got the values from the file
D:\Software\Microsoft\EX2K7-SP1\Setup\ServerRoles\Common\Setup\Data\PostExchange2003
_schema44.ldf
Ran Setup /PrepareSchema SUCCESSFUL
Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
June 23rd, 2011 11:04pm
thanks for the info, Terence, I will check tomorrow as I am abroad now, I will post results as soon as possible.Seppe Nuydens TFE E>lectronics
June 26th, 2011 1:20am
Please post the update.Gulab | MCITP: Exchange 2010-2007 | Skype: Gulab.Mallah | Blog: www.ExchangeRanger.Blogspot.com
Free Windows Admin Tool Kit Click here and download it now
June 26th, 2011 9:03am
I ran the command with ldide and searched for "CN\", nothing found.
I'm not sure if I'm doing this correct but my problem seems to be located around "CN=ms-DS-Phonetic-Company-Name" (see above)
if I check the results.txt file I find this about it:
dn: CN=ms-DS-Phonetic-Company-Name\0ACNF:b1c4ce34-f070-4f60-9bf9-bace85989938,CN=Schema,CN=Configuration,DC=domain,DC=com
changetype: add
objectClass: top
objectClass: attributeSchema
cn::
bXMtRFMtUGhvbmV0aWMtQ29tcGFueS1OYW1lCkNORjpiMWM0Y2UzNC1mMDcwLTRmNjAtOWJmOS1iYW
NlODU5ODk5Mzg=
distinguishedName:
CN=ms-DS-Phonetic-Company-Name\0ACNF:b1c4ce34-f070-4f60-9bf9-bace85989938,CN=S
chema,CN=Configuration,DC=domain,DC=com
instanceType: 4
whenCreated: 20110606102845.0Z
whenChanged: 20110606123123.0Z
uSNCreated: 6544
attributeID: 1.2.840.113556.1.4.1945
attributeSyntax: 2.5.5.12
isSingleValued: TRUE
rangeLower: 1
rangeUpper: 64
mAPIID: 35985
uSNChanged: 16914
showInAdvancedViewOnly: TRUE
adminDisplayName: ms-DS-Phonetic-Company-Name
adminDescription: Contains the phonetic company name where the person works.
oMSyntax: 64
searchFlags: 5
lDAPDisplayName: msDS-PhoneticCompanyName
name::
bXMtRFMtUGhvbmV0aWMtQ29tcGFueS1OYW1lCkNORjpiMWM0Y2UzNC1mMDcwLTRmNjAtOWJmOS1iYW
NlODU5ODk5Mzg=
objectGUID:: NM7EsXDwYE+b+brOhZiZOA==
schemaIDGUID:: jSDVW/TlrkalFFQ7ycR2WQ==
attributeSecurityGUID:: VAGN5Pi80RGHAgDAT7lgUA==
systemOnly: FALSE
systemFlags: 16
objectCategory:
CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=domain,DC=com
dSCorePropagationData: 20110606123123.0Z
dSCorePropagationData: 16010101000000.0Z
does the "\0ACNF:b1c4ce34-f070-4f60-9bf9-bace85989938" has anything to do with mu problem ? I am a littel lost on this.
Seppe Nuydens TFE E>lectronics
June 27th, 2011 11:22pm
Hi
Disabled AD outbound replication
Repadmin /options localhost +disable_outbound_repl
.
Create attribute schema object CN=ms-DS-Phonetic-Company-Name,CN=Schema,CN=Configuration,DC=exprimo,DC=com running Adsiedit.
Got the values from the file
'C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema8.ldf'
if it doesn't work, please backuppc "CN=ms-DS-Phonetic-Company-Name\0ACNF:b1c4ce34-f070-4f60-9bf9-bace85989938" remove it and try above action again.
Ran Setup /PrepareSchema
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
June 28th, 2011 4:24am
no luck, it stays in error.
I was testing ad replication and came across the following (may be the source of my problems ?)
C:\Users\administrator.domain>Repadmin /syncall
CALLBACK MESSAGE: The following replication is in progress:
From: 76b5f9dc-6ee7-4f57-af40-0df86d931f37._msdcs.domain.com
To : 628af1c4-a988-4627-931f-67cc4ba2fc19._msdcs.domain.com
CALLBACK MESSAGE: Error issuing replication: 8418 (0x20e2):
The replication operation failed because of a schema mismatch between the se
rvers involved.
From: 76b5f9dc-6ee7-4f57-af40-0df86d931f37._msdcs.domain.com
To : 628af1c4-a988-4627-931f-67cc4ba2fc19._msdcs.domain.com
CALLBACK MESSAGE: SyncAll Finished.
SyncAll reported the following errors:
Error issuing replication: 8418 (0x20e2):
The replication operation failed because of a schema mismatch between the se
rvers involved.
From: 76b5f9dc-6ee7-4f57-af40-0df86d931f37._msdcs.domain.com
To : 628af1c4-a988-4627-931f-67cc4ba2fc19._msdcs.domain.com
C:\Users\administrator.domain>Repadmin /showrepl
Repadmin: running command /showrepl against full DC localhost
Default-First-Site-Name\SRV2
DSA Options: IS_GC DISABLE_OUTBOUND_REPL
Site Options: (none)
DSA object GUID: 628af1c4-a988-4627-931f-67cc4ba2fc19
DSA invocationID: 7c8e4ea9-4688-4291-9c63-0721ede70345
==== INBOUND NEIGHBORS ======================================
DC=domain,DC=com
Default-First-Site-Name\SRV via RPC
DSA object GUID: 76b5f9dc-6ee7-4f57-af40-0df86d931f37
Last attempt @ 2011-06-28 07:11:43 was delayed for a normal reason, resu
lt 8418 (0x20e2):
The replication operation failed because of a schema mismatch between the se
rvers involved.
Last success @ 2011-06-28 07:06:44.
CN=Configuration,DC=domain,DC=com
Default-First-Site-Name\SRV via RPC
DSA object GUID: 76b5f9dc-6ee7-4f57-af40-0df86d931f37
Last attempt @ 2011-06-28 07:14:48 was delayed for a normal reason, resu
lt 8418 (0x20e2):
The replication operation failed because of a schema mismatch between the se
rvers involved.
Last success @ 2011-06-28 06:59:50.
CN=Schema,CN=Configuration,DC=domain,DC=com
Default-First-Site-Name\SRV via RPC
DSA object GUID: 76b5f9dc-6ee7-4f57-af40-0df86d931f37
Last attempt @ 2011-06-28 06:59:50 was successful.
DC=DomainDnsZones,DC=domain,DC=com
Default-First-Site-Name\SRV via RPC
DSA object GUID: 76b5f9dc-6ee7-4f57-af40-0df86d931f37
Last attempt @ 2011-06-28 06:59:50 was successful.
DC=ForestDnsZones,DC=domain,DC=com
Default-First-Site-Name\SRV via RPC
DSA object GUID: 76b5f9dc-6ee7-4f57-af40-0df86d931f37
Last attempt @ 2011-06-28 06:59:50 was successful.Seppe Nuydens TFE E>lectronics
June 28th, 2011 8:27am
I would say that you should get the AD replication fixed first.
Kindly check this article, i ran into the same kind of issue once.
http://exchangeranger.blogspot.com/2011/02/exchange-2007-setupcom-prepareschema.html Gulab | MCITP: Exchange 2010-2007 | Skype: Gulab.Mallah | Blog: www.ExchangeRanger.Blogspot.com
Free Windows Admin Tool Kit Click here and download it now
June 29th, 2011 2:48am
AD replication should be OK now,
C:\Users\administrator.DOMAIN>Repadmin /syncall
CALLBACK MESSAGE: The following replication is in progress:
From: 76b5f9dc-6ee7-4f57-af40-0df86d931f37._msdcs.domain.com
To : 628af1c4-a988-4627-931f-67cc4ba2fc19._msdcs.domain.com
CALLBACK MESSAGE: The following replication completed successfully:
From: 76b5f9dc-6ee7-4f57-af40-0df86d931f37._msdcs.domain.com
To : 628af1c4-a988-4627-931f-67cc4ba2fc19._msdcs.domain.com
CALLBACK MESSAGE: SyncAll Finished.
SyncAll terminated with no errors.
C:\Users\administrator.DOMAIN>Repadmin /showrepl
Repadmin: running command /showrepl against full DC localhost
Default-First-Site-Name\SRV2
DSA Options: IS_GC
Site Options: (none)
DSA object GUID: 628af1c4-a988-4627-931f-67cc4ba2fc19
DSA invocationID: 7c8e4ea9-4688-4291-9c63-0721ede70345
==== INBOUND NEIGHBORS ======================================
DC=exprimo,DC=com
Default-First-Site-Name\SRV via RPC
DSA object GUID: 76b5f9dc-6ee7-4f57-af40-0df86d931f37
Last attempt @ 2011-07-01 10:51:11 was successful.
CN=Configuration,DC=domain,DC=com
Default-First-Site-Name\SRV via RPC
DSA object GUID: 76b5f9dc-6ee7-4f57-af40-0df86d931f37
Last attempt @ 2011-07-01 10:51:50 was successful.
CN=Schema,CN=Configuration,DC=domain,DC=com
Default-First-Site-Name\SRV via RPC
DSA object GUID: 76b5f9dc-6ee7-4f57-af40-0df86d931f37
Last attempt @ 2011-07-01 10:49:33 was successful.
DC=DomainDnsZones,DC=domain,DC=com
Default-First-Site-Name\SRV via RPC
DSA object GUID: 76b5f9dc-6ee7-4f57-af40-0df86d931f37
Last attempt @ 2011-07-01 09:59:51 was successful.
DC=ForestDnsZones,DC=domain,DC=com
Default-First-Site-Name\SRV via RPC
DSA object GUID: 76b5f9dc-6ee7-4f57-af40-0df86d931f37
Last attempt @ 2011-07-01 09:59:51 was successful.
tried running setup.com /prepareschema, still in error, ldiff.err keeps complaining about:
Entry DN: CN=ms-DS-Phonetic-Company-Name,CN=Schema,CN=Configuration,DC=domain,DC=com
Add error on entry starting on line 120: Unwilling To Perform
The server side error is: 0x20bb Schema update failed: duplicate OID.
The extended server error is:
000020BB: SvcErr: DSID-032603BC, problem 5003 (WILL_NOT_PERFORM), data 8379
An error has occurred in the program
I do not understand why this entry has errors, the only thing that's starnge is the odd name for the entry in the schema:
CN=ms-DS-Phonetic-Company-Name\0ACNF:b1c4ce34-f070-4f60-9bf9-bace85989938,CN=Schema,CN=Configuration,DC=domain,DC=com
exchange setup log:
[07/01/2011 08:49:32.0554] [2] Active Directory session settings for 'Install-ExchangeSchema' are: View Entire Forest: 'True', Configuration Domain Controller: 'SRV2.exprimo.com', Preferred Global Catalog: 'SRV2.domain.com', Preferred Domain Controllers:
'{ SRV2.exprimo.com }'
[07/01/2011 08:49:32.0554] [2] Beginning processing install-ExchangeSchema -LdapFileName:'Setup\Data\PostExchange2003_schema8.ldf'
[07/01/2011 08:49:32.0554] [2] Running <C:\Windows\system32\ldifde.exe> with arguments <-i -s "SRV2.exprimo.com" -f "C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema8.ldf" -j "C:\Users\Administrator.DOMAIN\AppData\Local\Temp\1" -c "<SchemaContainerDN>"
"CN=Schema,CN=Configuration,DC=domain,DC=com">.
[07/01/2011 08:49:33.0273] [2] Process C:\Windows\system32\ldifde.exe finished with exit code 8245.
[07/01/2011 08:49:33.0288] [2] [ERROR] Unexpected Error
[07/01/2011 08:49:33.0288] [2] [ERROR] There was an error while running 'ldifde.exe' to import the schema file 'C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema8.ldf'. The error code is: 8245. More details can be found in the error file: 'C:\Users\Administrator.EXPRIMO\AppData\Local\Temp\1\ldif.err'
[07/01/2011 08:49:33.0304] [2] Ending processing install-ExchangeSchema
[07/01/2011 08:49:33.0304] [1] The following 1 error(s) occurred during task execution:
[07/01/2011 08:49:33.0304] [1] 0. ErrorRecord: There was an error while running 'ldifde.exe' to import the schema file 'C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema8.ldf'. The error code is: 8245. More details can be found in the error
file: 'C:\Users\Administrator.DOMAIN\AppData\Local\Temp\1\ldif.err'
[07/01/2011 08:49:33.0304] [1] 0. ErrorRecord: Microsoft.Exchange.Configuration.Tasks.TaskException: There was an error while running 'ldifde.exe' to import the schema file 'C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema8.ldf'. The error
code is: 8245. More details can be found in the error file: 'C:\Users\Administrator.DOMAIN\AppData\Local\Temp\1\ldif.err'
[07/01/2011 08:49:33.0304] [1] [ERROR] The following error was generated when "$error.Clear();
install-ExchangeSchema -LdapFileName ($roleInstallPath + "Setup\Data\"+$RoleSchemaPrefix + "schema8.ldf")
" was run: "There was an error while running 'ldifde.exe' to import the schema file 'C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema8.ldf'. The error code is: 8245. More details can be found in the error file: 'C:\Users\Administrator.DOMAIN\AppData\Local\Temp\1\ldif.err'".
[07/01/2011 08:49:33.0304] [1] [ERROR] There was an error while running 'ldifde.exe' to import the schema file 'C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema8.ldf'. The error code is: 8245. More details can be found in the error file: 'C:\Users\Administrator.DOMAIN\AppData\Local\Temp\1\ldif.err'
[07/01/2011 08:49:33.0304] [1] [ERROR-REFERENCE] Id=ADSchemaComponent___40ad7b9f8eae439c8022850ab8d331ed Component=EXCHANGE14:\Current\Release\Shared\Datacenter\Setup
[07/01/2011 08:49:33.0304] [1] Setup is stopping now because of one or more critical errors.
[07/01/2011 08:49:33.0304] [1] Finished executing component tasks.
[07/01/2011 08:49:33.0319] [1] Ending processing Install-ExchangeOrganization
[07/01/2011 08:49:33.0319] [0] The Exchange Server setup operation didn't complete. More details can be found in ExchangeSetup.log located in the <SystemDrive>:\ExchangeSetupLogs folder.
[07/01/2011 08:49:33.0335] [0] End of Setup
[07/01/2011 08:49:33.0335] [0] ********************************************** Seppe Nuydens TFE E>lectronics
July 1st, 2011 5:48am
can anyone please help me with this one, I'm completely lost !Seppe Nuydens TFE E>lectronics
Free Windows Admin Tool Kit Click here and download it now
July 14th, 2011 2:30am