Microsoft Exchange 2010 – Cannot Send E-Mail To A Mail Enabled Public Folder

I was recently assisting a colleague with an issue he had experienced with a Microsoft Exchange 2003 to Microsoft Exchange 2010 migration. The migration had completed correctly, however for an unknown reason you could not send e-mail to any mail-enabled public folders, despite whether these were created newley from within the Exchange Management Console or were replicated as a part of the migration. All of the mail-enabled public folder properties were correct, including permissions, and Exchange 2010 Service Pack 1 had also been applied. When e-mailing a mail-enabled public folder from an external network no NDR was produced, however when e-mailing from the internal network the following NDR was returned:

#554 5.2.0 STOREDRV.Deliver.Exception:ObjectNotFoundException; Failed to process message due to a permanent exception with message The Active Directory user wasn’t found. ObjectNotFoundException: The Active Directory user wasn’t found. ##

After performing some research it turned out this is a known problem with Exchange 2010 migrations as detailed here. The issue occurs due to the legacy administrative group (First Administrative Group) being empty following the migration. To resolve this issue perform the following actions:

1. Open ADSI Edit on either a domain controller or your Microsoft Exchange 2010 server.

2. Navigate to the “CN=Servers” ADSI attribute by locating the below path, I have also included a screenshot of the location to help identify the attribute:

CN=Servers,CN=First Administrative Group,CN=Administrative Groups,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,
DC=domain,DC=local

The Active Directory user wasn’t found.

3. Right click the “CN=Servers” container and select delete. Click OK when prompted in order to confirm the action. Note: Do not delete the top level container “First Administrative Group”, this is against Microsoft best practices and may have a negative affect on your Exchange organisation.

4. Ensure replication of your Active Directory database has occurred to all domain controllers and then attempt sending an e-mail to one of your mail-enabled public folders. You should now find e-mail makes it way to these folders as expected.

For more information on this issue, please see the following URL: http://msexchangeteam.com/archive/2010/05/05/454821.aspx

Microsoft Exchange 2010 – Public Folder Replicas

A major part of any Microsoft Exchange transition is the task of moving all public folder content. Sometimes Ive found this to be a migration sticking point, awaiting all of your public folder content to move from one Exchange Organisation to another. One thing I have found that speed’s up the process, are two PowerShell scripts that are supplied “out of the box”  with Microsoft  Exchange 2010. To benefit from these, perform the following actions:

1. Open the Exchange Management Shell (EMS) and change directory to:

“C:\Program Files\Microsoft\Exchange Server\V14\Scripts\”

2. The following PowerShell script will add your new Exchange 2010 server as replica on all public folders in your existing public folder database. In the same EMS window you opened in step one, run the following command. Please note, replace the “MyExchange2010Server” entry with the name of your own Exchange 2010 server.

AddReplicaToPFRecursive.ps1 -TopPublicFolder “\” -ServerToAdd “MyExchange2010Server”

3. Once this command has completed, we can then run a second PowerShell script to initiate the move of all public folder content. To perform this task, in the same EMS window run the following command. Please note, replace the “MyExchange200xServer” and “MyExchange2010Server” entries with the names of your own legacy and  Exchange 2010 servers.

MoveAllReplicas.ps1 -Server “MyExchange200xServer” -NewServer “MyExchange2010Server”

Once this command is complete, your public folder content will now start to replicate. You can monitor it’s progress by viewing the “Public Folder Instances” container in Exchange System Manager on Microsoft Exchange 2003 or through the Public Folder Management Console in Microsoft Exchange 2007.

As a note, if you are transitioning to a Microsoft Exchange 2007 organisation, these PowerShell scripts are also available and can be found in the following directory, C:\Program Files\Microsoft\Exchange Server\Scripts.

Microsoft Exchange 2007 – Issue Viewing Public Folders

I was presented with an issue around one month ago that was very interesting. An Exchange 2007 environment where public folders could be seen and used by Outlook clients but could not be viewed in the Public Folder Management Console or be queried through Windows Powershell. This is an extremely poorly documented issue on the internet, and there are many posts on several forums and blogs asking the same question but unfortunately with no resolution. I have found that public folders cannot be viewed in the Public Folder Management Console if one of the following conditions is true.

1. An Exchange 2003 to Exchange 2007 migration has been performed and the public folder hierarchy structure was not moved to the new Exchange organisation.

2. Public folder database corruption has occured and the database has been repaired using ESEUTIL.

If either of these conditions are true, and you cannot view system of default public folders in the Exchange Public Folder Management console you will need to recreate your storage group and public folder database. If you have tried to remove your public folder database following Microsoft TechNet guidelines you will be aware that attempting to remove it’s replica’s using Powershell will not work. To remove the database, perform the following actions:

1. Backup all of your public folders manually. This can be performed by creating a new archive PST on an Outlook client and then copying each public folder to the archive location. In addition, make a note of all e-mail addresses that are associated with mail enabled public folders. This PST will come in handy later if your database has suffered corruption.

2. Open the Exchange Management Console, expand the Organization container and click Mailbox. From the mailbox options, select the Offline Address Book tab, right click the offline address book and select properties. Select the distribution tab and then uncheck “Enable public folder distribution” as shown in the screenshot below. This removes the OAB association with the public folder database we want to delete.

Microsoft Exchange 2007 - Public Folder Distribution

3. In the Exchange Management Console, dismount the public folder database. Navigate to the folder where your database is contained, right click the EDB database file and make a copy of this to an alternate location. If your database is not corrupt, this will come in handy later.

4. Open ADSI Edit, if you are running Windows 2008 this will be pre-installed and can located under the servers Administrative Tools. If you are running Windows 2003 however you will need to download and install the Windows Server 2003 Support Tools from here.

5. In ADSI Edit connect to the configuration Naming Context. When this is displayed expand configuration and navigate to CN=Services -> CN=Microsoft Exchange -> CN=Your Organisation Name -> CN=Administrative Groups -> CN=Exchange Administrative Group (FYDIBOHF23SPDLT) -> CN=Folder Hierarchies. Right click the Folder Hierarchies container and select delete. Click OK to delete all sub objects of this container also. This action removes the heirarchy attribute for the public folder database we want to delete, this attribute will be automatically recreated at later stage.

6. In the same ADSI window, expand CN=Servers -> CN=Your Server Name -> CN=InformationStore. Highlight container CN=Second Storage Group, right click this container and select delete. Click OK to delete all sub objects of this container also.

7. Open the Exchange Management Console and expand the Server container and click Mailbox. You will now notice that your Second Storage Group and Public Folder Database are no longer listed. In the actions pane of the Mailbox window click “New Storage Group”  and follow the creation wizard. Once the storage group has been created click “New Public Folder Database” and follow the creation wizard. Please note, if an error occurs during the last step of the wizard relating to mounting the new database, click finish and then manually mount the new database yourself. If your interested you will now see through ADSI Edit that the two containers we deleted earlier have now been recreated.

8. Expand the Organization container and click Mailbox. From the mailbox options, select the Offline Address Book tab, right click the offline address book and select properties. Select the distribution tab and then check “Enable public folder distribution”, in effect the reverse action of step two. If this is not performed any down level Outlook clients, such as 2003, will not be able to utilise the OAB.

9. Now the new database has been created you can attempt to either restore the database you backed up in step 3 or restore the public folders individually from an Outlook client using the PST created in step one. To decide which method you need to use, open the Exchange Management Console, select the Server container and then click Mailbox. Dismount the public folder database, then right click the database and select properties. Place a check next to the ” This database can be overwritten by a restore” option as shown in the screenshot below.

10. Browse to the file location of the new public folder database and then copy the backed up database from step 3 so that the existing database is overwritten. Return to the Exchange Management console and mount the database. If you cannot see public folders in the Public Folder Management Console, your database has suffered corruption. Unfortunately performing integrity, repair and defragment operations through ESEUTIL do not resolve this problem. If the database is corrupt you will need to perform steps 1-9 of this guide again, and then use your PST file to restore the public folders. Please note, if the PST method is used you will need to mail enable any public folders that previously had this functionality again. Public folder permissions however, are kept intact when restoring via PST.

While this is a slightly lengthy process, removing the storage group, database and it’s related Active Directory attributes will resolve this issue.