Article ID: 949858 - View products that this article applies to.
In a Microsoft Exchange Server 2007 cross-forest topology environment, you use Microsoft Identity Lifecycle Manager (ILM) 2007 to provision user objects to an Exchange Server 2007 resource forest. When you do this, the provisioning process is unsuccessful. The user objects are displayed incorrectly as "mail users" instead of as "user mailboxes" in Exchange Management Console.
Additionally, events that resemble the following events may be logged in the Application log in ILM 2007:
Event Type: Error
Event Type: Error
To resolve this problem, install Update Rollup 4 for Exchange Server 2007 Service Pack 1. For more information about Update Rollup 4 for Exchange Server 2007 Service Pack 1, see the following Exchange Help topic:
Description of Update Rollup 4 for Exchange Server 2007 Service Pack 1For more information about how to obtain the latest Exchange service pack or update rollup, see the following Exchange Help topic:
How to Obtain the Latest Service Pack or Update Rollup for Exchange 2007
When ILM 2007 calls the Update-Recipient cmdlet to provision user objects, ILM 2007 passes a domain controller parameter to the Update-Recipient cmdlet to make sure that the task uses the same domain controller as the domain controller that was used where the object was created.
However, the Update-Recipient cmdlet creates two domain controller sessions. One session is for a domain controller, and the other session is for a global catalog server. The Update-Recipient cmdlet uses only the parameter that was passed for the global catalog server session, and it enables the Active Directory directory service driver to obtain a domain controller for the domain controller session. Then, the domain controller session is used for various operations, such as retrieving the properties of the object to pass to the Recipient Update Service.
If the domain controller that is selected for the domain controller session differs from the domain controller that is passed by ILM 2007, the Recipient Update Service object may not find the recipient. This issue occurs because of replication latency.
When this issue occurs, user objects may not be updated correctly by the Update-Recipient cmdlet. These objects are displayed as "mail users" instead of as "user mailboxes" in Exchange Management Console.
For more information about the Update-Recipient cmdlet, visit the following Web site:
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
Article ID: 949858 - Last Review: October 7, 2008 - Revision: 1.1
Contact us for more help