Anonymous_User Absent Member.
Absent Member.
502 views

AD driver - Exchange 2010 - Create mailbox


Hello,

We are attempting to create a mailbox on a Windows Server 2008 R2
running Exchange 2010. The AD user that our remote loader uses, has the
following group memberships: Administrators, Domain Admins, Domain
Users, Enterprise Admins and all possible Exchange group memberships.

Exchange Management tools is installed on the remote loader and the
IDM_AD_Ex2010_Service is running.

We get the following error when attempting to create a mailbox:

DirXML: [01/07/13 09:16:51.66]: ADDriver: Exchange: request to add
mailbox to CN=NewMailbox,CN=Databases,CN=Exchange Administrative Group
(FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Mariagerfjord
Kommune,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=mariagerfjord,DC=dk
DirXML: [01/07/13 09:16:51.66]: ADDriver: ldap_modify user CN=Jacob
Martin
Petersen,OU=Bernadottegaarden,OU=InstAeldre1,OU=Organisation,DC=mariagerfjord,DC=dk
LDAPMod operations:
DirXML: [01/07/13 09:16:51.66]: ADDriver: Exchange: begin provision
exchange 2010 account
DirXML: [01/07/13 09:16:51.66]: ADDriver: Exchange: optimize
DirXML: [01/07/13 09:16:51.66]: ADDriver: Exchange: add user mailbox to
new mail store
DirXML: [01/07/13 09:16:51.66]: ADDriver: Exchange: provision
DirXML: [01/07/13 09:16:51.66]: ADDriver: Retrieving DNS name of Local
machine to append to Domain Controller
DirXML: [01/07/13 09:16:51.66]: ADDriver: Enabling mailbox...
Enable-Mailbox -Identity 'CN=Jacob Martin
Petersen,OU=Bernadottegaarden,OU=InstAeldre1,OU=Organisation,DC=mariagerfjord,DC=dk'
-Database 'CN=NewMailbox,CN=Databases,CN=Exchange Administrative Group
(FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Mariagerfjord
Kommune,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=mariagerfjord,DC=dk'
-DomainController 'DC07.mariagerfjord.dk'
DirXML: [01/07/13 09:17:04.52]: ADDriver: IDM Exchange Service Response
ERROR: No provisioning handler is installed.
DirXML: [01/07/13 09:17:04.52]: Loader: subscriptionShim->execute()
returned:
DirXML: [01/07/13 09:17:04.52]: Loader: XML Document:
DirXML: [01/07/13 09:17:04.52]: <nds ndsversion="8.7" dtdversion="1.1">
<source>
<product version="4.0.0.0" asn1id="" build="20120330_120000"
instance="\MFKMETA\mfk\servere\idm\IDMDriverSet01\ADDC02-AD-EDIR-METATREE">AD</product>
<contact>Novell, Inc.</contact>
</source>
<output>
<status level="error" type="exchange" text1="Exchange 2010"
event-id="mfk-oesmeta01#20130107081647#1#5:2eb45eaa-982e-4a3c-42b4-aa5eb42e2e98">Exchange
2010 Exception. code:0x00000058 Error completing exchange 2010 command.
ERROR: No provisioning handler is installed.</status>
<status level="success"
event-id="mfk-oesmeta01#20130107081647#1#5:2eb45eaa-982e-4a3c-42b4-aa5eb42e2e98"/>
</output>
</nds>
DirXML: [01/07/13 09:17:04.52]:
DirXML Log Event -------------------
Driver =
\MFKMETA\mfk\servere\idm\IDMDriverSet01\ADDC02-AD-EDIR-METATREE
Thread = Subscriber Channel
Object =
\MFKMETA\mfk\brugere\Administration\InstAeldre1\Bernadottegaarden\jpete
Level = error
Message = Exchange 2010 Exception. code:0x00000058 Error completing
exchange 2010 command. ERROR: No provisioning handler is installed.

If we try to run the enable mailbox command from Powershell as the
remote loader user, we are able to create it. So it seems it's not a
rights problem, but something else. Any ideas?


--
jacmarpet
------------------------------------------------------------------------
jacmarpet's Profile: https://forums.netiq.com/member.php?userid=415
View this thread: https://forums.netiq.com/showthread.php?t=46482

Labels (1)
0 Likes
2 Replies
Anonymous_User Absent Member.
Absent Member.

Re: AD driver - Exchange 2010 - Create mailbox

On 07.01.2013 09:34, jacmarpet wrote:
>
> Hello,
>
> We are attempting to create a mailbox on a Windows Server 2008 R2
> running Exchange 2010. The AD user that our remote loader uses, has the
> following group memberships: Administrators, Domain Admins, Domain
> Users, Enterprise Admins and all possible Exchange group memberships.


The rights you need are:

AD user that the AD driver logs in as is a member of two Exchange
Security groups
- Recipient Management
- View-Only Organization Management

Plus the AD user needs rights that can be satisfied by membership in the
domain admin group. Additionally it must be a member of the local
administrators group on the server hosting the RL / exchange service.

I've never needed Enterprise Admins rights for the AD driver.

the Exchange service must not run as local system, it must run as the
same user that the AD driver is configured to log in as.

The AD service runs as local system.

> Exchange Management tools is installed on the remote loader and the
> IDM_AD_Ex2010_Service is running.
>
> We get the following error when attempting to create a mailbox:
>
> DirXML: [01/07/13 09:16:51.66]: ADDriver: Exchange: request to add
> mailbox to CN=NewMailbox,CN=Databases,CN=Exchange Administrative Group
> (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Mariagerfjord
> Kommune,CN=Microsoft
> Exchange,CN=Services,CN=Configuration,DC=mariagerfjord,DC=dk
> DirXML: [01/07/13 09:16:51.66]: ADDriver: ldap_modify user CN=Jacob
> Martin
> Petersen,OU=Bernadottegaarden,OU=InstAeldre1,OU=Organisation,DC=mariagerfjord,DC=dk
> LDAPMod operations:
> DirXML: [01/07/13 09:16:51.66]: ADDriver: Exchange: begin provision
> exchange 2010 account
> DirXML: [01/07/13 09:16:51.66]: ADDriver: Exchange: optimize
> DirXML: [01/07/13 09:16:51.66]: ADDriver: Exchange: add user mailbox to
> new mail store
> DirXML: [01/07/13 09:16:51.66]: ADDriver: Exchange: provision
> DirXML: [01/07/13 09:16:51.66]: ADDriver: Retrieving DNS name of Local
> machine to append to Domain Controller
> DirXML: [01/07/13 09:16:51.66]: ADDriver: Enabling mailbox...
> Enable-Mailbox -Identity 'CN=Jacob Martin
> Petersen,OU=Bernadottegaarden,OU=InstAeldre1,OU=Organisation,DC=mariagerfjord,DC=dk'
> -Database 'CN=NewMailbox,CN=Databases,CN=Exchange Administrative Group
> (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Mariagerfjord
> Kommune,CN=Microsoft
> Exchange,CN=Services,CN=Configuration,DC=mariagerfjord,DC=dk'
> -DomainController 'DC07.mariagerfjord.dk'
> DirXML: [01/07/13 09:17:04.52]: ADDriver: IDM Exchange Service Response
> ERROR: No provisioning handler is installed.
> DirXML: [01/07/13 09:17:04.52]: Loader: subscriptionShim->execute()
> returned:
> DirXML: [01/07/13 09:17:04.52]: Loader: XML Document:
> DirXML: [01/07/13 09:17:04.52]: <nds ndsversion="8.7" dtdversion="1.1">
> <source>
> <product version="4.0.0.0" asn1id="" build="20120330_120000"
> instance="\MFKMETA\mfk\servere\idm\IDMDriverSet01\ADDC02-AD-EDIR-METATREE">AD</product>
> <contact>Novell, Inc.</contact>
> </source>
> <output>
> <status level="error" type="exchange" text1="Exchange 2010"
> event-id="mfk-oesmeta01#20130107081647#1#5:2eb45eaa-982e-4a3c-42b4-aa5eb42e2e98">Exchange
> 2010 Exception. code:0x00000058 Error completing exchange 2010 command.
> ERROR: No provisioning handler is installed.</status>
> <status level="success"
> event-id="mfk-oesmeta01#20130107081647#1#5:2eb45eaa-982e-4a3c-42b4-aa5eb42e2e98"/>
> </output>
> </nds>
> DirXML: [01/07/13 09:17:04.52]:
> DirXML Log Event -------------------
> Driver =
> \MFKMETA\mfk\servere\idm\IDMDriverSet01\ADDC02-AD-EDIR-METATREE
> Thread = Subscriber Channel
> Object =
> \MFKMETA\mfk\brugere\Administration\InstAeldre1\Bernadottegaarden\jpete
> Level = error
> Message = Exchange 2010 Exception. code:0x00000058 Error completing
> exchange 2010 command. ERROR: No provisioning handler is installed.
>
> If we try to run the enable mailbox command from Powershell as the
> remote loader user, we are able to create it. So it seems it's not a
> rights problem, but something else. Any ideas?


When you run this test, is it from the Exchange shell on the RL server
(is this a DC?)

Can you post a level 3 engine trace of the driver startup?

NetIQ have a TID that refers to this error and provides some steps to
troubleshoot. It looks like you have covered most of these already, but
it doesn't hurt to check again as per the TID.

https://www.netiq.com/support/kb/doc.php?id=3608183

--
----------------------------------------------------------------------
Alex McHugh
NetIQ Knowledge Partner http://forums.netiq.com

Please post questions in the forums. No support is provided via email.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: AD driver - Exchange 2010 - Create mailbox


Thank you very much! The service was running af local system. It did the
trick.


--
jacmarpet
------------------------------------------------------------------------
jacmarpet's Profile: https://forums.netiq.com/member.php?userid=415
View this thread: https://forums.netiq.com/showthread.php?t=46482

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.