exchange 2010 schemaupdate or ad update not OK
sitrep: existing exch2003 sp2 server, existing exch2010 sp1 server, when running setup.com /prepareschema, a failure occurs: in exchange setup log: [ERROR] There was an error while running 'ldifde.exe' to import the schema file 'C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema8.ldf'. The error code is: 8245 in ldif.err: Entry DN: CN=ms-DS-Phonetic-Company-Name,CN=Schema,CN=Configuration,DC=exprimo,DC=com Add error on entry starting on line 120: Unwilling To Perform The server side error is: 0x20bb Schema update failed: duplicate OID. The extended server error is: 000020BB: SvcErr: DSID-032603BC, problem 5003 (WILL_NOT_PERFORM), data 8379 any idea on how to resolve this, I cannot find which OID is duplicate.Seppe Nuydens TFE E>lectronics
June 23rd, 2011 12:30pm

I find similar case. Maybe you can read it and check your DC. Error code: 8245. More details can be found in the error file 'C:\Documents and Settings\LANManager\Local Settings\Temp\ldif.err'. Entry DN: CN=ms-Exch-Mobile-Mailbox-Policy-Link,CN=Schema,CN=Configuration,DC=hhmi,DC=org Add error on line 71: Unwilling To Perform The server side error is "Schema update failed: duplicate OID." An error has occurred in the program Ran ADSIEDIT and connect to Schema Cannot find the object CN=ms-Exch-Mobile-Mailbox-Policy-Link,CN=Schema,CN=Configuration,DC=hhmi,DC=org Ran Ldifde -d "CN=Schema,CN=Configuration,DC=hhmi,DC=org" -f result.txt -s <DC_schema_master> Searched for Mobile-Mailbox - Found the entry dn: CN=CN\=ms-Exch-Mobile-Mailbox-Policy-Link,CN=Schema,CN=Configuration,DC=hhmi,DC=org cn: ms-Exch-Mobile-Mailbox-Policy-Link As we can see the DN is incorrect CN=CN\, it should be CN=ms-Exch-Mobile-Mailbox-Policy-Link,CN=Schema,CN=Configuration,DC=hhmi,DC=org --------------- Steps to fix the DN for CN=CN\=ms-Exch-Mobile-Mailbox-Policy-Link,CN=Schema,CN=Configuration,DC=hhmi,DC=org ----------- 1 Launch LDP.exe and bind to the DS server you want to modify. Make sure you are schema admin, and admin over the partition you are modifying 2. After connecting and binding navigate to the browse menu and select the "Modify" option. 3. Leave the DN blank, type 'schemaUpgradeInProgress' into the Attribute field and in the values field type 1. 4. Click the Add operation and then click the enter button. This will add this command to the entry list. 5. Click the Run button. If you are successful you should see a successful modify message. 6. Go to View -> Tree. Connect to the appropriate base DN - CN=CN\=ms-Exch-Mobile-Mailbox-Policy-Link,CN=Schema,CN=Configuration,DC=hhmi,DC=org NOTE: If your goal is to delete an object in AD that has child objects, then you will need to remove the child objects first. 7. Find the object, right click and select modify 8. In the attribute field, type "systemflags"; in the Values field, leave it blank; in the operation radio options, select delete 9. Then click Enter, then click Run to remove the system flags values 10. Perform the modification or deletion of the object - Right-click Modify DN CN=CN\=ms-Exch-Mobile-Mailbox-Policy-Link,CN=Schema,CN=Configuration,DC=hhmi,DC=org 12. Type the new DN CN=ms-Exch-Mobile-Mailbox-Policy-Link,CN=Schema,CN=Configuration,DC=hhmi,DC=org 11. Set the systemflags value back to the original value, to make it owned by the system again 11. Once finished, run LDP again with the above steps, changing the schemaUpgradeInProgress value to 0 (to prevent unwanted schema/system changes). Ran ADSIEDIT Connect to Schema Now we are able to see the object CN=CN\=ms-Exch-Mobile-Mailbox-Policy-Link,CN=Schema,CN=Configuration,DC=hhmi,DC=org Ran Setup /PrepareSchema --> Result --------------------------------------------------------- CN=ms-Exch-Mobile-Mailbox-Policy-BL,CN=Schema,CN=Configuration,DC=hhmi,DC=org Entry DN: CN=ms-Exch-Mobile-Mailbox-Policy-BL,CN=Schema,CN=Configuration,DC=hhmi,DC=org Add error on line 91: Unwilling To Perform The server side error is "Schema update failed: An attribute with the same link identifier already exists." 5 entries modified successfully. An error has occurred in the program We noticed that the object ms-Exch-Mobile-Mailbox-Policy-BL is still missing Disabled AD outbound replication Repadmin /options localhost +disable_outbound_repl . Create attribute schema object ms-Exch-Mobile-Mailbox-Policy-BL running Adsiedit. Got the values from the file D:\Software\Microsoft\EX2K7-SP1\Setup\ServerRoles\Common\Setup\Data\PostExchange2003 _schema44.ldf Ran Setup /PrepareSchema SUCCESSFUL Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
June 24th, 2011 5:57am

thanks for the info, Terence, I will check tomorrow as I am abroad now, I will post results as soon as possible.Seppe Nuydens TFE E>lectronics
June 26th, 2011 8:13am

Please post the update.Gulab | MCITP: Exchange 2010-2007 | Skype: Gulab.Mallah | Blog: www.ExchangeRanger.Blogspot.com
Free Windows Admin Tool Kit Click here and download it now
June 26th, 2011 3:57pm

I ran the command with ldide and searched for "CN\", nothing found. I'm not sure if I'm doing this correct but my problem seems to be located around "CN=ms-DS-Phonetic-Company-Name" (see above) if I check the results.txt file I find this about it: dn: CN=ms-DS-Phonetic-Company-Name\0ACNF:b1c4ce34-f070-4f60-9bf9-bace85989938,CN=Schema,CN=Configuration,DC=domain,DC=com changetype: add objectClass: top objectClass: attributeSchema cn:: bXMtRFMtUGhvbmV0aWMtQ29tcGFueS1OYW1lCkNORjpiMWM0Y2UzNC1mMDcwLTRmNjAtOWJmOS1iYW NlODU5ODk5Mzg= distinguishedName: CN=ms-DS-Phonetic-Company-Name\0ACNF:b1c4ce34-f070-4f60-9bf9-bace85989938,CN=S chema,CN=Configuration,DC=domain,DC=com instanceType: 4 whenCreated: 20110606102845.0Z whenChanged: 20110606123123.0Z uSNCreated: 6544 attributeID: 1.2.840.113556.1.4.1945 attributeSyntax: 2.5.5.12 isSingleValued: TRUE rangeLower: 1 rangeUpper: 64 mAPIID: 35985 uSNChanged: 16914 showInAdvancedViewOnly: TRUE adminDisplayName: ms-DS-Phonetic-Company-Name adminDescription: Contains the phonetic company name where the person works. oMSyntax: 64 searchFlags: 5 lDAPDisplayName: msDS-PhoneticCompanyName name:: bXMtRFMtUGhvbmV0aWMtQ29tcGFueS1OYW1lCkNORjpiMWM0Y2UzNC1mMDcwLTRmNjAtOWJmOS1iYW NlODU5ODk5Mzg= objectGUID:: NM7EsXDwYE+b+brOhZiZOA== schemaIDGUID:: jSDVW/TlrkalFFQ7ycR2WQ== attributeSecurityGUID:: VAGN5Pi80RGHAgDAT7lgUA== systemOnly: FALSE systemFlags: 16 objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=domain,DC=com dSCorePropagationData: 20110606123123.0Z dSCorePropagationData: 16010101000000.0Z does the "\0ACNF:b1c4ce34-f070-4f60-9bf9-bace85989938" has anything to do with mu problem ? I am a littel lost on this. Seppe Nuydens TFE E>lectronics
June 27th, 2011 11:22pm

Hi Disabled AD outbound replication Repadmin /options localhost +disable_outbound_repl . Create attribute schema object CN=ms-DS-Phonetic-Company-Name,CN=Schema,CN=Configuration,DC=exprimo,DC=com running Adsiedit. Got the values from the file 'C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema8.ldf' if it doesn't work, please backuppc "CN=ms-DS-Phonetic-Company-Name\0ACNF:b1c4ce34-f070-4f60-9bf9-bace85989938" remove it and try above action again. Ran Setup /PrepareSchema Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
June 28th, 2011 4:24am

no luck, it stays in error. I was testing ad replication and came across the following (may be the source of my problems ?) C:\Users\administrator.domain>Repadmin /syncall CALLBACK MESSAGE: The following replication is in progress: From: 76b5f9dc-6ee7-4f57-af40-0df86d931f37._msdcs.domain.com To : 628af1c4-a988-4627-931f-67cc4ba2fc19._msdcs.domain.com CALLBACK MESSAGE: Error issuing replication: 8418 (0x20e2): The replication operation failed because of a schema mismatch between the se rvers involved. From: 76b5f9dc-6ee7-4f57-af40-0df86d931f37._msdcs.domain.com To : 628af1c4-a988-4627-931f-67cc4ba2fc19._msdcs.domain.com CALLBACK MESSAGE: SyncAll Finished. SyncAll reported the following errors: Error issuing replication: 8418 (0x20e2): The replication operation failed because of a schema mismatch between the se rvers involved. From: 76b5f9dc-6ee7-4f57-af40-0df86d931f37._msdcs.domain.com To : 628af1c4-a988-4627-931f-67cc4ba2fc19._msdcs.domain.com C:\Users\administrator.domain>Repadmin /showrepl Repadmin: running command /showrepl against full DC localhost Default-First-Site-Name\SRV2 DSA Options: IS_GC DISABLE_OUTBOUND_REPL Site Options: (none) DSA object GUID: 628af1c4-a988-4627-931f-67cc4ba2fc19 DSA invocationID: 7c8e4ea9-4688-4291-9c63-0721ede70345 ==== INBOUND NEIGHBORS ====================================== DC=domain,DC=com Default-First-Site-Name\SRV via RPC DSA object GUID: 76b5f9dc-6ee7-4f57-af40-0df86d931f37 Last attempt @ 2011-06-28 07:11:43 was delayed for a normal reason, resu lt 8418 (0x20e2): The replication operation failed because of a schema mismatch between the se rvers involved. Last success @ 2011-06-28 07:06:44. CN=Configuration,DC=domain,DC=com Default-First-Site-Name\SRV via RPC DSA object GUID: 76b5f9dc-6ee7-4f57-af40-0df86d931f37 Last attempt @ 2011-06-28 07:14:48 was delayed for a normal reason, resu lt 8418 (0x20e2): The replication operation failed because of a schema mismatch between the se rvers involved. Last success @ 2011-06-28 06:59:50. CN=Schema,CN=Configuration,DC=domain,DC=com Default-First-Site-Name\SRV via RPC DSA object GUID: 76b5f9dc-6ee7-4f57-af40-0df86d931f37 Last attempt @ 2011-06-28 06:59:50 was successful. DC=DomainDnsZones,DC=domain,DC=com Default-First-Site-Name\SRV via RPC DSA object GUID: 76b5f9dc-6ee7-4f57-af40-0df86d931f37 Last attempt @ 2011-06-28 06:59:50 was successful. DC=ForestDnsZones,DC=domain,DC=com Default-First-Site-Name\SRV via RPC DSA object GUID: 76b5f9dc-6ee7-4f57-af40-0df86d931f37 Last attempt @ 2011-06-28 06:59:50 was successful.Seppe Nuydens TFE E>lectronics
June 28th, 2011 8:27am

I would say that you should get the AD replication fixed first. Kindly check this article, i ran into the same kind of issue once. http://exchangeranger.blogspot.com/2011/02/exchange-2007-setupcom-prepareschema.html Gulab | MCITP: Exchange 2010-2007 | Skype: Gulab.Mallah | Blog: www.ExchangeRanger.Blogspot.com
Free Windows Admin Tool Kit Click here and download it now
June 29th, 2011 9:40am

AD replication should be OK now, C:\Users\administrator.DOMAIN>Repadmin /syncall CALLBACK MESSAGE: The following replication is in progress: From: 76b5f9dc-6ee7-4f57-af40-0df86d931f37._msdcs.domain.com To : 628af1c4-a988-4627-931f-67cc4ba2fc19._msdcs.domain.com CALLBACK MESSAGE: The following replication completed successfully: From: 76b5f9dc-6ee7-4f57-af40-0df86d931f37._msdcs.domain.com To : 628af1c4-a988-4627-931f-67cc4ba2fc19._msdcs.domain.com CALLBACK MESSAGE: SyncAll Finished. SyncAll terminated with no errors. C:\Users\administrator.DOMAIN>Repadmin /showrepl Repadmin: running command /showrepl against full DC localhost Default-First-Site-Name\SRV2 DSA Options: IS_GC Site Options: (none) DSA object GUID: 628af1c4-a988-4627-931f-67cc4ba2fc19 DSA invocationID: 7c8e4ea9-4688-4291-9c63-0721ede70345 ==== INBOUND NEIGHBORS ====================================== DC=exprimo,DC=com Default-First-Site-Name\SRV via RPC DSA object GUID: 76b5f9dc-6ee7-4f57-af40-0df86d931f37 Last attempt @ 2011-07-01 10:51:11 was successful. CN=Configuration,DC=domain,DC=com Default-First-Site-Name\SRV via RPC DSA object GUID: 76b5f9dc-6ee7-4f57-af40-0df86d931f37 Last attempt @ 2011-07-01 10:51:50 was successful. CN=Schema,CN=Configuration,DC=domain,DC=com Default-First-Site-Name\SRV via RPC DSA object GUID: 76b5f9dc-6ee7-4f57-af40-0df86d931f37 Last attempt @ 2011-07-01 10:49:33 was successful. DC=DomainDnsZones,DC=domain,DC=com Default-First-Site-Name\SRV via RPC DSA object GUID: 76b5f9dc-6ee7-4f57-af40-0df86d931f37 Last attempt @ 2011-07-01 09:59:51 was successful. DC=ForestDnsZones,DC=domain,DC=com Default-First-Site-Name\SRV via RPC DSA object GUID: 76b5f9dc-6ee7-4f57-af40-0df86d931f37 Last attempt @ 2011-07-01 09:59:51 was successful. tried running setup.com /prepareschema, still in error, ldiff.err keeps complaining about: Entry DN: CN=ms-DS-Phonetic-Company-Name,CN=Schema,CN=Configuration,DC=domain,DC=com Add error on entry starting on line 120: Unwilling To Perform The server side error is: 0x20bb Schema update failed: duplicate OID. The extended server error is: 000020BB: SvcErr: DSID-032603BC, problem 5003 (WILL_NOT_PERFORM), data 8379 An error has occurred in the program I do not understand why this entry has errors, the only thing that's starnge is the odd name for the entry in the schema: CN=ms-DS-Phonetic-Company-Name\0ACNF:b1c4ce34-f070-4f60-9bf9-bace85989938,CN=Schema,CN=Configuration,DC=domain,DC=com exchange setup log: [07/01/2011 08:49:32.0554] [2] Active Directory session settings for 'Install-ExchangeSchema' are: View Entire Forest: 'True', Configuration Domain Controller: 'SRV2.exprimo.com', Preferred Global Catalog: 'SRV2.domain.com', Preferred Domain Controllers: '{ SRV2.exprimo.com }' [07/01/2011 08:49:32.0554] [2] Beginning processing install-ExchangeSchema -LdapFileName:'Setup\Data\PostExchange2003_schema8.ldf' [07/01/2011 08:49:32.0554] [2] Running <C:\Windows\system32\ldifde.exe> with arguments <-i -s "SRV2.exprimo.com" -f "C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema8.ldf" -j "C:\Users\Administrator.DOMAIN\AppData\Local\Temp\1" -c "<SchemaContainerDN>" "CN=Schema,CN=Configuration,DC=domain,DC=com">. [07/01/2011 08:49:33.0273] [2] Process C:\Windows\system32\ldifde.exe finished with exit code 8245. [07/01/2011 08:49:33.0288] [2] [ERROR] Unexpected Error [07/01/2011 08:49:33.0288] [2] [ERROR] There was an error while running 'ldifde.exe' to import the schema file 'C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema8.ldf'. The error code is: 8245. More details can be found in the error file: 'C:\Users\Administrator.EXPRIMO\AppData\Local\Temp\1\ldif.err' [07/01/2011 08:49:33.0304] [2] Ending processing install-ExchangeSchema [07/01/2011 08:49:33.0304] [1] The following 1 error(s) occurred during task execution: [07/01/2011 08:49:33.0304] [1] 0. ErrorRecord: There was an error while running 'ldifde.exe' to import the schema file 'C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema8.ldf'. The error code is: 8245. More details can be found in the error file: 'C:\Users\Administrator.DOMAIN\AppData\Local\Temp\1\ldif.err' [07/01/2011 08:49:33.0304] [1] 0. ErrorRecord: Microsoft.Exchange.Configuration.Tasks.TaskException: There was an error while running 'ldifde.exe' to import the schema file 'C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema8.ldf'. The error code is: 8245. More details can be found in the error file: 'C:\Users\Administrator.DOMAIN\AppData\Local\Temp\1\ldif.err' [07/01/2011 08:49:33.0304] [1] [ERROR] The following error was generated when "$error.Clear(); install-ExchangeSchema -LdapFileName ($roleInstallPath + "Setup\Data\"+$RoleSchemaPrefix + "schema8.ldf") " was run: "There was an error while running 'ldifde.exe' to import the schema file 'C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema8.ldf'. The error code is: 8245. More details can be found in the error file: 'C:\Users\Administrator.DOMAIN\AppData\Local\Temp\1\ldif.err'". [07/01/2011 08:49:33.0304] [1] [ERROR] There was an error while running 'ldifde.exe' to import the schema file 'C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema8.ldf'. The error code is: 8245. More details can be found in the error file: 'C:\Users\Administrator.DOMAIN\AppData\Local\Temp\1\ldif.err' [07/01/2011 08:49:33.0304] [1] [ERROR-REFERENCE] Id=ADSchemaComponent___40ad7b9f8eae439c8022850ab8d331ed Component=EXCHANGE14:\Current\Release\Shared\Datacenter\Setup [07/01/2011 08:49:33.0304] [1] Setup is stopping now because of one or more critical errors. [07/01/2011 08:49:33.0304] [1] Finished executing component tasks. [07/01/2011 08:49:33.0319] [1] Ending processing Install-ExchangeOrganization [07/01/2011 08:49:33.0319] [0] The Exchange Server setup operation didn't complete. More details can be found in ExchangeSetup.log located in the <SystemDrive>:\ExchangeSetupLogs folder. [07/01/2011 08:49:33.0335] [0] End of Setup [07/01/2011 08:49:33.0335] [0] ********************************************** Seppe Nuydens TFE E>lectronics
July 1st, 2011 12:42pm

can anyone please help me with this one, I'm completely lost !Seppe Nuydens TFE E>lectronics
Free Windows Admin Tool Kit Click here and download it now
July 14th, 2011 9:25am

again, here's the error code from ldif.log: 18: CN=ms-DS-Phonetic-Company-Name,CN=Schema,CN=Configuration,DC=domain,DC=com Entry DN: CN=ms-DS-Phonetic-Company-Name,CN=Schema,CN=Configuration,DC=domain,DC=com Add error on entry starting on line 120: Unwilling To Perform The server side error is: 0x20bb Schema update failed: duplicate OID. The extended server error is: 000020BB: SvcErr: DSID-032603BC, problem 5003 (WILL_NOT_PERFORM), data 8379 any help will be greatly appreciated !Seppe Nuydens TFE E>lectronics
August 4th, 2011 7:33am

Hi It apears like something went wrong in your Domain Controller configuration. Is the exchange server 2003 and Domain Controller installed in same machine? If it is different, Can you update the windows 2003 DC with latest server pack to update all the files. Instead of updating your schema with exchange 2010, try downloading exchange 2007 file from ms site and run the preparead and prepareschema switches, pointing to the setup file check whether it is sucessfull or not. Note: there wont be any problem in updating the AD and Schema with exchange 2007 installation file. Dont install exchange 2007, just update only the AD content and schema content. Point to CD drive\Setup.com /PrepareAd /PrepareSchema Inform the status.
Free Windows Admin Tool Kit Click here and download it now
August 9th, 2011 3:43am

Thanks very much for the answer, but after battling with this for over 6 weeks I ended up with creating a new forest domain with exchange 2010 installed (the customer couldn't wait anymore). He wanted to create a new AD to make sure no future problems occurs with the 'old' AD, so I am sorry to say that this topic ends here for us without an answer to the problem, sadly nothing learned here :(Seppe Nuydens TFE E>lectronics
August 9th, 2011 4:04am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics