Symptoms
When users who have the Recipient Management role use the Exchange admin center to create user mailboxes, they receive the following error message:
500
Unexpected Error : (
An error occurred and your request couldn't be completed. Please try again.
Membership in the Recipient Management role group enables users to do administrative tasks, such as creating and modifying Exchange recipient objects.
Cause
This problem is caused by an internal change that was applied in Microsoft Exchange Server 2019 Cumulative Update 9 (CU9) and Microsoft Exchange Server 2016 Cumulative Update 20 (CU20).
Resolution
This issue is fixed in Microsoft Exchange Server 2019 CU10 and Microsoft Exchange Server 2016 CU21. Update your servers to one of these CUs or a later CU to fix the issue.
If you cannot upgrade to the current CU, use one of the methods in the "Workaround" section.
Workaround
To work around this problem, use one of the following methods.
Method 1
Add the affected users to the following additional management role group:
-
View-Only Organization Management
Method 2
-
Create a new management role that's based on the "View-Only Configuration" management role. To do this, run the following command:
-
New-ManagementRole -Name VOC1 -Parent "View-Only Configuration"
-
-
Remove all other management role entries, and keep only "Get-RemoteDomain":
-
Get-ManagementRoleEntry VOC1\* | Where-Object{$_.Name -ne "Get-RemoteDomain"} | Remove-ManagementRoleEntry
-
-
Assign the new role to all users who are members of the "Recipient Management" management role group:
-
New-ManagementRoleAssignment -User John.Doe -Role VOC1
-
Method 3
Have users use the Exchange Management Shell (EMS) to run the New-Mailbox and Enable-Mailbox operations.