Symptoms
Exchange Server 2019 CU14 RecoverServer fails and returns the following error messages:
[ERROR] Exception setting "ExtendedProtectionTokenChecking": "Cannot convert null to type "Microsoft.Exchange.Data.Directory.SystemConfiguration.ExtendedProtectionTokenCheckingMode" due to enumeration values that are not valid. Specify one of the following enumeration values and try again. The possible enumeration values are "None,Allow,Require"."
[ERROR] Cannot convert null to type "Microsoft.Exchange.Data.Directory.SystemConfiguration.ExtendedProtectionTokenCheckingMode" due to enumeration values that are not valid. Specify one of the following enumeration values and try again. The possible enumeration values are "None,Allow,Require".
[ERROR-REFERENCE] Id=ClientAccessComponent___75f8c93d15314369983d33ec0742e189 Component=EXCHANGE14:\Current\Release\Shared\Datacenter\Setup
Cause
This issue occurs because the value for a variable that's used in creating the virtual directory is not defined in Exchange Server 2019 CU14.
Workaround
To work around this issue, run RecoverServer by using the Exchange Server 2019 CU13 media, and then upgrade the server to Exchange Server 2019 CU14. To do this, follow these steps:
-
Download the Exchange Server 2019 CU13 media from the Microsoft Download Center. We recommend that you keep the Exchange Server 2019 CU14 media available on the same server.
-
Build a new OS that has the same name, IP Address, and OS update level as the server that you're recovering.
-
Install the Exchange Server 2019 CU13 prerequisites.
-
Run the following PowerShell command to change the serial number of the server that you're recovering:
Set-ADObject “DN of Exchange server object in configuration container” -Replace @{“SerialNumber= Version 15.2 (Build 31258.12)”}
For example:
Set-ADObject "CN=Exch3,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Contoso,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=Contoso,DC=Com" -Replace @{SerialNumber="Version 15.2 (Build 31258.12)"} Note: In order for this command to work, Active Directory Remote Administration tools (RSAT-ADDS) must be installed. If RSAT-ADDS is not installed, run the following command:
Install-WindowsFeature RSAT-ADDS
-
Run following command from the drive that has the Exchange Server 2019 CU13 media mounted:
.\Setup.exe /m:RecoverServer /IAcceptExchangeServerLicenseTerms_DiagnosticDataON -
After RecoverServer finishes, restart the server.
-
Install the Exchange Server 2019 CU14 prerequisites.
-
Mount the Exchange Server 2019 CU14 media, and then run the following command:
.\Setup.exe /m:upgrade /IAcceptExchangeServerLicenseTerms_DiagnosticDataON Note: If you disabled Extended Protection when you installed Exchange Server 2019 CU14, specify /DoNotEnableEP together with the other Setup parameters.