"500 Unexpected Error" when trying to create a user mailbox in ECP


When users who have the Recipient Management role use the Exchange Control Panel (ECP) to create user mailboxes, they receive the following error message: 


Unexpected Error  : (

An error occurred and your request couldn't be completed. Please try again.

Membership in the Recipient Management role group enables users to do administrative tasks, such as creating and modifying Exchange recipient objects.  


This problem is caused by an internal change that was applied in Microsoft Exchange Server 2019 Cumulative Update 9 (CU9) and Microsoft Exchange Server 2016 Cumulative Update 20 (CU20). 


To work around this problem, use one of the following methods.

Method 1

Add the affected users to the following additional management role group:  

View-Only Organization Management

Method 2

  1. Create a new management role that's based on the "View-Only Configuration" management role. To do this, run the following command:

    New-ManagementRole -Name VOC1 -Parent "View-Only Configuration"

  2. Remove all other management role entries, and keep only "Get-RemoteDomain":

    Get-ManagementRoleEntry VOC1\* | Where-Object{$_.Name -ne "Get-RemoteDomain"} | Remove-ManagementRoleEntry

  3. Assign the new role to all users who are members of the "Recipient Management" management role group:

    New-ManagementRoleAssignment -User John.Doe -Role VOC1

Method 3

Have users use the Exchange Management Shell (EMS) to run the New-Mailbox and Enable-Mailbox operations.


Microsoft is researching this problem and will post more information in this article when it becomes available. 

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

Thank you for your feedback!