Hi Members,

I cannot create a new mailbox from EAC.I had recently installed exchange 2013 sp1 in an Exchange 2007 sp3 CCR environment.

Any help would be appreciated.

Thanks in advance.

Looks like Exchange 2007 never had its Recipient Policies upgraded after the transition from Exchange 2000/3.  See here:

http://technet.microsoft.com/en-us/library/cc164366(v=EXCHG.80).aspx

Exchange 2003 was never installed...how ever what i have is multiple email address policies,some on which status show as not applied.The default policy is set to lowest...Has this something to do with mailbox moves??.

Kindly help me out as i am stuck up in the middle of migration process..

I cannot even move mailboxes from 2007-to-2013.The same error appears...Anyone can point me to which direction to look into.

mailbox creation from 2007 is working fine

mailbox moves between 2007 databases is fine.

Regards

I suggested 2000/3 because thats usually where ldap recipient policies come from.  But in any event, its unhappy with the filter, so you'll need to address that.  

Try to recreate LdapRecipientFilter.

Can you post result of command:

get-addresslist *yourlist*  | fl LdapRecipientFilter

Hi ,

Please find the below output

[PS] C:\Documents and Settings\administrator.domain1>get-addresslist | fl LdapReci
pientFilter

LdapRecipientFilter : (&(mailNickname=*)(objectCategory=person)(objectClass=con
                      tact))

LdapRecipientFilter : (&(mailNickname=*)(|(msExchRecipientDisplayType=7)(msExch
                      RecipientDisplayType=-2147481850)))

LdapRecipientFilter : (&(mailNickname=*)(objectCategory=group))

LdapRecipientFilter : (&(mailNickname=*)(|(&(objectCategory=person)(objectClass
                      =user)(!(homeMDB=*))(!(msExchHomeServerName=*)))(&(object
                      Category=person)(objectClass=user)(|(homeMDB=*)(msExchHom
                      eServerName=*)))))

LdapRecipientFilter : (&(mailNickname=*)(objectCategory=publicFolder))

It looks good.

Can you post

 get-emailaddresspolicy | fl name,LdapRecipientFilter, Recipientfiltertype

[PS] C:\Documents and Settings\Administrator.domain1>Get-EmailAddressPolicy | fl name,ldaprecipientFilter, Recipientfilter
ype

Name                : Default Policy
LdapRecipientFilter : (mailNickname=*)
RecipientFilterType : Precanned

Name                : domain policy
LdapRecipientFilter : (&(mailNickname=*)(company=domain))
RecipientFilterType : Precanned

Name                : domain2
LdapRecipientFilter : (&(company=domain2)(mailNickname=*))
RecipientFilterType : Precanned

Name                : domain3
LdapRecipientFilter : (&(mailNickname=*)(company=domain3))
RecipientFilterType : Precanned

Name                : domain4
LdapRecipientFilter : (&(mailNickname=*)(company=domain4))
RecipientFilterType : Precanned

Name                : domain5
LdapRecipientFilter : (&(mailNickname=*)(company=domain5))
RecipientFilterType : Precanned

Did you post command from 2007 or from 2013?

it's necessary from 2013.

Previous post from 2007. Below is from 2013. [PS] C:\Windows\system32>Get-EmailAddressPolicy | fl name, ldapRecipientFilter, Recipientfilter Name : Default Policy LdapRecipientFilter : (mailNickname=*) RecipientFilter : Alias -ne $null Name : domain LdapRecipientFilter : (&(mailNickname=*)(company=domain)) RecipientFilter : (Alias -ne $null -and Company -eq 'domain') Name : domain2 LdapRecipientFilter : (&(company=domain2)(mailNickname=*)) RecipientFilter : (Company -eq 'domain2' -and Alias -ne $null) Name : domain3 LdapRecipientFilter : (&(mailNickname=*)(company=domain3)) RecipientFilter : (Alias -ne $null -and Company -eq 'domain3') Name : domain4 LdapRecipientFilter : (&(company=domain4)(mailNickname=*)) RecipientFilter : (Company -eq 'domain4' -and Alias -ne $null) Name : domain2013 LdapRecipientFilter : (&(company=domain5)(objectClass=user)(objectCategory=person)(mailNickname=*)(msExchHomeServerName =*)) RecipientFilter : ((Company -eq 'domain5') -and (RecipientType -eq 'UserMailbox'))

• Edited by ahmccs Thursday, June 19, 2014 2:18 PM

address list too.

did you test creation from powershell?

[PS] C:\Windows\system32>Get-AddressList | fl LdapRecipientFilter


LdapRecipientFilter : (&(mailNickname=*)(objectCategory=person)(objectClass=contact))

LdapRecipientFilter : (&(mailNickname=*)(|(msExchRecipientDisplayType=7)(msExchRecipientDisplayType=-2147481850)))

LdapRecipientFilter : (&(mailNickname=*)(objectCategory=group))

LdapRecipientFilter : (&(mailNickname=*)(|(&(objectCategory=person)(objectClass=user)(!(homeMDB=*))(!(msExchHomeServerN
                      ame=*)))(&(objectCategory=person)(objectClass=user)(|(homeMDB=*)(msExchHomeServerName=*)))))

LdapRecipientFilter : (&(mailNickname=*)(objectCategory=publicFolder))

yes - Test creation from powershell also failed.

address list from 2013- 

PS] C:\Windows\system32>Get-AddressList

Name                      DisplayName               RecipientFilter
----                      -----------               ---------------
All Contacts              All Contacts              ((Alias -ne $null) -and (((ObjectCategory -like 'person') -and (...
All Rooms                 All Rooms                 ((Alias -ne $null) -and (((RecipientDisplayType -eq 'ConferenceR...
All Groups                All Groups                ((Alias -ne $null) -and (ObjectCategory -like 'group'))
All Users                 All Users                 ((Alias -ne $null) -and (((((ObjectCategory -like 'person') -and...
Public Folders            Public Folders            ((Alias -ne $null) -and (ObjectCategory -like 'publicFolder'))

Can you check  Get-globalAddressList | fl LdapRecipientFilter

[PS] C:\Windows\system32>Get-GlobalAddressList | fl LdapRecipientFilter


LdapRecipientFilter : (&(mailNickname=*)(|(objectClass=user)(objectClass=contact)(objectClass=msExchSystemMailbox)(obje
                      ctClass=msExchDynamicDistributionList)(objectClass=group)(objectClass=publicFolder)))

can you post command

Get-AddressList -Container "\" | Where-Object {$_.name -like "All Address Lists"} | fl

 from 2007 and 2013 and check

The Allow inheritable permissions from the parent to propagate to this object and all child objects check box is selected on the CN=All Address Lists object. This checkbox must exist.

from 2007: PS] C:\Documents and Settingh>Get-AddressList -Container "\" | Where-Object {$_.name -like "All Address Lists"} | fl Container : DisplayName : All Address Lists Name : All Address Lists RecipientFilter : LdapRecipientFilter : LastUpdatedRecipientFilter : RecipientFilterApplied : False IncludedRecipients : None ConditionalDepartment : {} ConditionalCompany : {} ConditionalStateOrProvince : {} ConditionalCustomAttribute1 : {} ConditionalCustomAttribute2 : {} ConditionalCustomAttribute3 : {} ConditionalCustomAttribute4 : {} ConditionalCustomAttribute5 : {} ConditionalCustomAttribute6 : {} ConditionalCustomAttribute7 : {} ConditionalCustomAttribute8 : {} ConditionalCustomAttribute9 : {} ConditionalCustomAttribute10 : {} ConditionalCustomAttribute11 : {} ConditionalCustomAttribute12 : {} ConditionalCustomAttribute13 : {} ConditionalCustomAttribute14 : {} ConditionalCustomAttribute15 : {} RecipientFilterType : Precanned IsValid : True OriginatingServer : host2.domain.net ExchangeVersion : 0.1 (8.0.535.0) DistinguishedName : CN=All Address Lists,CN=Address Lists Container,CN=domainmail,CN=Microsoft Exchange,CN=Serv ices,CN=Configuration,DC=domain,DC=net Identity : All Address Lists Guid : 9c899b39-2d2c-4cc2-8833-4ebc6825985e ObjectCategory : domain.net/Configuration/Schema/Address-Book-Container ObjectClass : {top, addressBookContainer} WhenChanged : 6/4/2014 9:04:03 PM WhenCreated : 11/17/2007 1:05:26 AM from 2013:

Hi Sartaychik,

Many thanks for your support.Pls find the output .

Did install Update Rollup 10 for Exchange 2007 SP3 on Exchange 2007?

Installation 2013 was without errorrs?

Did you check The Allow inheritable permissions from the parent to propagate to this object and all child objects box  on the CN=All Address Lists,CN=Address Lists Container,CN=domainmail,CN=Microsoft Exchange,CN=Serv ices,CN=Configuration,DC=domain,DC=net object

Can you repeat setup \preparedomain for 2013.

Hi Sartaychik /members

Yes Update Rollup 10 for Exchange 2007 SP3 on Both Exchange 2007 CCR nodes

Installation of Exchange 2013 sp1 was completed successsfully without any errors

The Allow inheritable permissions from the parent to propagate to this object and all child objects

is applied

I will try to run setup \prepare domain and will update on this very soon.

The schema version as seen thru adsiedit is 15.00.0847.032

Thanks

Hi Sartaychik /members

I had updated my Exchange 2013 sp1-to-cu5-and the update went fine without any errors.

Setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms
Setup.exe /PrepareAD /IAcceptExchangeServerLicenseTerms
Setup.exe /PrepareDomain /IAcceptExchangeServerLicenseTerms
Setup.exe /Mode:Upgrade /IAcceptExchangeServerLicenseTerms

Still I have the same error message when moving mailboxes or when i create a new mailbox from EAC.

What we had observed is if we select hide from adresslist,it successfully moves to 2013.

Can you post value, that contains in showInAddressBook atribute of users. 

ShowInAddressBook  Attribute value  <not set>

Hi,

We-had found this error while browsing Adresslist ,Iam suspecting this could be the issue.

Any ideas on this error and how to fix this??

Set-AddressList All Users IncludedRecipients MailboxUsers

Thank you - the above address list issue resolved with the command. but default global address list is not viewable in exchange 2007 as well as in the clients. where as it can be viewable in exchange 2013 server.

Still giving the LADP filter error while creating a new mailbox in exchange 2013 server, and not able to create new mailbox nor moving users form exchange 2007 to exchange 2013(without uncheck - Hide from Exchange address list)

The error you get really looks like the ldapfiler on a GAL, but with an invalid "t" in the end.

Can you pls run the below on your Exchange 2007 and post the result here?

Get-GlobalAddressList | fl Name,LdapRecipientFilter,RecipientFilter,*default*

My guess is that you have more than one GAL and one of them has an "t" in the end set for the LdapRecipientFilter like this:

(& (mailnickname=*) (| (&(objectCategory=person)(objectClass=user)(!(homeMDB=*))(!(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=user)(|(homeMDB=*)(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=contact))(objectCategory=group)(objectCategory=publicFolder)(objectCategory=msExchDynamicDistributionList) ))t

If that is the case, then the permissions for your GALs is not correct (ever configured GAL Segmentation?) since Exchange 2013 doesn't give you the name of the GAL (only "\") so you would need to fix that + remove the extra "t" using ADSIEdit. The attribute to look for is purportedSearch.

Thank you Martina Miskovic,

We have only one Default Global Address List.

[PS] C:\Documents and Settings\Administrator.Domain>Get-GlobalAddressList | fl name,LdapRecipientFilter,RecipientFilter,*d

efault*

Name                       : Default Global Address List

LdapRecipientFilter        : (&(mailNickname=*)(|(objectClass=user)(objectClass=contact)(objectClass=msExchSystemMailbox)(ob

                             jectClass=msExchDynamicDistributionList)(objectClass=group)(objectClass=publicFolder)))

RecipientFilter            : (Alias -ne $null -and (ObjectClass -eq 'user' -or ObjectClass -eq 'contact' -or ObjectClass -eq

                              'msExchSystemMailbox' -or ObjectClass -eq 'msExchDynamicDistributionList' -or ObjectClass -eq

                             'group' -or ObjectClass -eq 'publicFolder'))

IsDefaultGlobalAddressList : True

After removed "t" we can able to create a new mailbox in 2013 using Ex Management Shell command. But not from ECP, it gives same  error.

Thank you Martina Miskovic,

After restarted the server it is working now in ECP also.

Thanks to all the members who helped to reach the solution.

best regards

Yourre Welcome, Glad to hear that it all works for you now.
What a big problem a little "t" can create :)

Thank you very much......

This has resolved our issue..We have been struggling to fix this.....
Thanks to Sartaychik for following up with this issue.

A Million thanks Once again...

Hi Martina, i have almost  the same error, attached is the errors and the details :

Hope you can help me with this...

Get-GlobalAddressList | fl Name,LdapRecipi
entFilter,RecipientFilter,*default*
Name                       : Local Address List
LdapRecipientFilter        : (& (mailnickname=*) (| (&(objectCategory=person)(o
                             bjectClass=user)(!(homeMDB=*))(!(msExchHomeServerN
                             ame=*)))(&(objectCategory=person)(objectClass=user
                             )(|(homeMDB=*)(msExchHomeServerName=*)))(&(objectC
                             ategory=person)(objectClass=contact))(objectCatego
                             ry=group)(objectCategory=publicFolder) ))
RecipientFilter            :
IsDefaultGlobalAddressList : True

Name                       : Default Global Address List
LdapRecipientFilter        : (& (mailnickname=*) (| (&(objectCategory=person)(o
                             bjectClass=user)(!(homeMDB=*))(!(msExchHomeServerN
                             ame=*)))(&(objectCategory=person)(objectClass=user
                             )(|(homeMDB=*)(msExchHomeServerName=*)))(&(objectC
                             ategory=person)(objectClass=contact))(objectCatego
                             ry=group)(objectCategory=publicFolder) ))
RecipientFilter            :
IsDefaultGlobalAddressList : True