The provisioning process is unsuccessful when you use Identity Lifecycle Manager (ILM) 2007 to provision user objects to an Exchange Server 2007 resource forest

Article translations Article translations
Article ID: 949858 - View products that this article applies to.
Expand all | Collapse all

SYMPTOMS

In a Microsoft Exchange Server 2007 cross-forest topology environment, you use Microsoft Identity Lifecycle Manager (ILM) 2007 to provision user objects to an Exchange Server 2007 resource forest. When you do this, the provisioning process is unsuccessful. The user objects are displayed incorrectly as "mail users" instead of as "user mailboxes" in Exchange Management Console.

Additionally, events that resemble the following events may be logged in the Application log in ILM 2007:

Event Type: Error
Event Source: MIIServer
Event Category: Server
Event ID: 6801
Date: 1/22/2008
Time: 7:05:45 PM
User: N/A
Computer: L03MIISDEV01A
Description: The extensible extension returned an unsupported error in MIIS. The stack trace is: Microsoft.MetadirectoryServices.ExtensionException: ExternalEmailAddress is mandatory on MailUser.The mail contact and mail user must have a valid external e-mail address. at Exch2007Extension.Exch2007ExtensionClass.AfterExportEntryToCd(Byte[] origAnchor, String origDN, String origDeltaEntryXml, Byte[] newAnchor, String newDN, String failedDeltaEntryXml, String errorMessage) Microsoft Identity Integration Server 3.3.0118.0"
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: MIIServer
Event Category: None
Event ID: 0
Description: The description for Event ID ( 0 ) in Source ( MIIServer ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details.
The following information is part of the event:
There is an error in Exch2007Extension AfterExportEntryToCd() function when exporting an object with DN CN=object name,OU=object name,OU=<OU>,DC=<DC>,DC=target, DC=com. Type: Microsoft.MetadirectoryServices.ExtensionException
Message: ExternalEmailAddress is mandatory on MailUser.
The mail contact and mail user must have a valid external e-mail address.

Stack Trace: at Exch2007Extension.Exch2007ExtensionClass.AfterExportEntryToCd(Byte[] origAnchor, String origDN, String origDeltaEntryXml, Byte[] newAnchor, String newDN, String failedDeltaEntryXml, String errorMessage).

RESOLUTION

To resolve this problem, install Update Rollup 4 for Exchange Server 2007 Service Pack 1. For more information about Update Rollup 4 for Exchange Server 2007 Service Pack 1, see the following Exchange Help topic:
Description of Update Rollup 4 for Exchange Server 2007 Service Pack 1
For more information about how to obtain the latest Exchange service pack or update rollup, see the following Exchange Help topic:
How to Obtain the Latest Service Pack or Update Rollup for Exchange 2007

MORE INFORMATION

When ILM 2007 calls the Update-Recipient cmdlet to provision user objects, ILM 2007 passes a domain controller parameter to the Update-Recipient cmdlet to make sure that the task uses the same domain controller as the domain controller that was used where the object was created.

However, the Update-Recipient cmdlet creates two domain controller sessions. One session is for a domain controller, and the other session is for a global catalog server. The Update-Recipient cmdlet uses only the parameter that was passed for the global catalog server session, and it enables the Active Directory directory service driver to obtain a domain controller for the domain controller session. Then, the domain controller session is used for various operations, such as retrieving the properties of the object to pass to the Recipient Update Service.

If the domain controller that is selected for the domain controller session differs from the domain controller that is passed by ILM 2007, the Recipient Update Service object may not find the recipient. This issue occurs because of replication latency.

When this issue occurs, user objects may not be updated correctly by the Update-Recipient cmdlet. These objects are displayed as "mail users" instead of as "user mailboxes" in Exchange Management Console.

For more information about the Update-Recipient cmdlet, visit the following Web site:
http://technet.microsoft.com/en-us/library/bb738148(EXCHG.80).aspx

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

Properties

Article ID: 949858 - Last Review: October 7, 2008 - Revision: 1.1
APPLIES TO
  • Microsoft Exchange Server 2007 Service Pack 1, when used with:
    • Microsoft Exchange Server 2007 Enterprise Edition
    • Microsoft Exchange Server 2007 Standard Edition
Keywords: 
kbhotfixrollup kbfix kbexpertiseadvanced kbqfe KB949858

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com