You are currently offline, waiting for your internet to reconnect

Role assignment with custom write scope fails in an Exchange Server 2013 environment

In a Microsoft Exchange Server 2013 environment, Exchange Web Services (EWS) impersonation fails, and you receive the following error message:
ServiceResponseException "Active Directory operation did not succeed. Try again later."

Additionally, some other cmdlets that use role assignments may fail with an error message that resembles the following:
Received a referral to ChildDomain when requesting CN=UserName,CN=Users,DC=ChildDomainName,DC=Domain,DC=com from
ServerName. You have specified the wrong server for this operation.

These issues occur if Exchange is installed in a child domain, and a custom write scope such as the CustomRecipientWriteScope or CustomAttribute1 parameter is specified in these operations.
To resolve this issue, install Cumulative Update 9 for Exchange Server 2013.
To work around this issue, do not use a custom write scope. Instead, let the scope apply to all mailboxes in the organization.

For example, run one of the following commands to remove the CustomRecipientWriteScope or CustomAttribute1 scope:
  • Set-ManagementRoleAssignment "UserName" -CustomRecipientWriteScope $null
  • Set-ManagementRoleAssignment "UserName" -CustomAttribute1 $null

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
More information
For more information about how to configure Exchange Impersonation, go to the following Microsoft website:

Article ID: 2988660 - Last Review: 06/16/2015 18:43:00 - Revision: 2.0

Microsoft Exchange Server 2013 Enterprise, Microsoft Exchange Server 2013 Standard

  • kberrmsg kbsurveynew kbbug kbtshoot kbexpertiseadvanced kbfix kbqfe KB2988660