Export (0) Print
Expand All
Expand Minimize

Mailbox Enable User system policy change is required

[This topic is intended to address a specific issue called out by the Exchange Server Analyzer Tool. You should apply it only to systems that have had the Exchange Server Analyzer Tool run against them and are experiencing that specific issue. The Exchange Server Analyzer Tool, available as a free download, remotely collects configuration data from each server in the topology and automatically analyzes the data. The resulting report details important configuration issues, potential problems, and nondefault product settings. By following these recommendations, you can achieve better performance, scalability, reliability, and uptime. For more information about the tool or to download the latest versions, see "Microsoft Exchange Analyzers" at http://go.microsoft.com/fwlink/?linkid=34707.]  

Topic Last Modified: 2006-08-10

The Microsoft® Exchange Server Analyzer Tool queries the Active Directory® directory service to determine the value for the purportedSearch attribute of each Exchange system policy object. The purportedSearch attribute indicates the search argument used when the policy is applied.

The Exchange Server Analyzer also queries Active Directory to determine the value for the msDS-Behavior-Version attribute of the forest object in Active Directory, NTDS Settings. This value indicates the Active Directory forest functional level. Valid values for the msDS-Behavior-Version attribute are shown in the following table.

 

Value Forest functional level

0

Microsoft Windows® 2000 Server mixed

1

Microsoft Windows Server™ 2003 interim

2

Microsoft Windows Server 2003 native

The Exchange Server Analyzer also queries Active Directory to determine the value for the revision attribute of the Windows2003Update container. The value of this attribute indicates whether the Active Directory preparation utility (ADPrep.exe) has been run.

Finally, the Exchange Server Analyzer queries the Win32_OperatingSystem Microsoft Windows Management Instrumentation (WMI) class to determine the value of the OSProductSuite key. The value of the OSProductSuite key indicates the version of Windows running on the computer.

If the Exchange Server Analyzer finds the following criteria to be true, a warning is displayed:

  • The value of the purportedSearch attribute of the Mailbox Enable User system policy does not equal (&(objectCategory=person)(objectClass=user)(mailnickname=*)(homeMdb=*))

  • The Active Directory forest functional level is Windows Server 2003 interim or Windows Server 2003 native mode.

  • The Exchange Server computer is not running Windows Small Business Server 2003.

To avoid mailbox re-homing issues, a modification to the system policies is required. This update can be made using Active Directory Service Interfaces (ADSI) Edit (ADSIEdit.msc), the LDP (ldp.exe) tool, or another Active Directory editor tool.

If Windows Server 2003 is used as a domain controller and the Mailbox Enable User policy is not updated, linked value replication in Windows Server 2003 will cause the Recipient Update Service to overwrite the value of the homeMDB attribute of new users, causing their mailboxes to be re-homed on the first store on the server.

CautionCaution:
If you incorrectly modify the attributes of Active Directory objects when you use ADSI Edit, the LDP tool, or another Lightweight Directory Access Protocol (LDAP) version 3 client, you may cause serious problems. These problems may require that you reinstall Windows Server 2003, Exchange Server 2003, or both. Modify Active Directory object attributes at your own risk.
To correct this error
  1. Start ADSI Edit.

  2. Double-click the Configuration container, expand CN=Services, expand CN=Microsoft Exchange, and then expand CN=<ExchangeOrganizationName>.

  3. Select CN=System Policies.

  4. In the right pane, right-click CN=Mailbox Enable User, and then select Properties.

  5. Scroll down to select the purportedSearch attribute, and then click Edit.

  6. Clear the attribute, and then configure it with the following filter:

    (&(objectCategory=person)(objectClass=user)(mailnickname=*)(homeMdb=*))

    noteNote:
    The filter shown in Step 6 has been wrapped for readability. Make sure that you enter the filter without any spaces or returns.
  7. Click OK again to save the change, and then close ADSI Edit.

For more information about using the LDP tool, see the Microsoft Knowledge Base article 260745, "XADM: Using the LDP Utility to Modify Active Directory Object Attributes" (http://go.microsoft.com/fwlink/?LinkId=3052&kbid=260745).

For more information about this issue and its impact, see Microsoft Knowledge Base article 903291 "Recipient Update Service may overwrite the value of the homeMDB attribute for new Exchange Server 2003 users" (http://go.microsoft.com/fwlink/?LinkId=3052&kbid=903291).

 
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft