Some PowerShell cmdlet/parameter combinations are unsuccessful in an Exchange Server environment

Applies to: Exchange Server 2016 Enterprise EditionExchange Server 2016 Standard EditionExchange Server 2013 Enterprise More


Consider the following scenario:

  • You have an Microsoft Exchange Server 2013 or 2016 environment that contains two or more mailbox servers.
  • Your Active Directory Forest contains two or more domains.
  • Your Exchange Servers and user objects are located in different Active Directory domains.
  • You manage your recipients through Exchange Management Shell (EMS) by setting “Set-ADServerSettings -ViewEntireForest $true”.

In this scenario, when you run a PowerShell cmdlet/parameter combination, the cmdlet is unsuccessful, and you receive an error message that resembles the following:

The following are some cmdlet/parameter combinations that may be affected:

  • Get-CASMailbox -ActiveSyncDebugLogging

  • Set-CASMailbox -ActiveSyncDebugLogging

  • Set-CASMailbox -ResetAutoBlockedDevices

  • Set-Mailbox -RetentionHoldEnabled

  • Set-Mailbox -RetentionComment

  • Set-Mailbox -RetentionUrl

  • Set-SiteMailbox

  • Set-UserPhoto

  • Get-UserPhoto

  • Set-Mailbox -LitigationHoldEnabled $false


This behavior is by design when the specified mailbox is located on a different server than the server that EMS is connected to.


To work around this behavior, specify the -DomainController parameter with the cmdlet. For example, specify a Domain Controller from the Active Directory domain where the associated user object is located, such as the following:

Set-Mailbox -Identity:'' -LitigationHoldEnabled:$False -DomainController