Symptoms
Consider the following scenario:
-
You have a resource forest (forest A) and a trusted account forest (forest B) in a Microsoft Exchange Server 2010 environment.
-
You install Exchange Server 2010 Service Pack 2 (SP2) on the Exchange Server 2010 server.
-
You link a Universal Security Group (USG) in forest B to a role group in forest A.
-
A user is a member of the USG and has permissions to manage the Exchange Server 2010 server in forest A.
-
You remove the USG from the Active Directory Domain Service in forest B.
-
The user opens the Exchange Management Console (EMC) in forest A, and then the user tries to expand the Microsoft Exchange On-Premises node.
In this scenario, the user receives the following error message:
Initialization failed
The following error occurred when retrieving user information for 'domain name\account':
Unexpected error XXXXXXXX while executing command 'Get-Linkedrolegroupforlogonuser'.
Cause
The issue occurs because the group security identifier (SID) of the user is corrupted or invalid. Therefore, an exception occurs, and EMC cannot be initialized.
Resolution
To resolve this issue, install the following cumulative update:
2661854 Description of Update Rollup 2 for Exchange Server 2010 Service Pack 2
More Information
For more information about how to create a linked role group, visit the following Microsoft website:
