After installing a Server 2016 or Server 2019 Domain Controller into your existing Exchange environment, you'll get the following error prompt when trying to edit/view Mailbox Delegation or edit a Distribution Group in the EAC.
The object exchangeitup.com / Mailboxes / Shared Mailboxes / HR Shared Mailbox has been corrupted, and it's in an inconsistent state. The following validation errors happened:
The access control entry defines the ObjectType '9b026da6-0d3c-465c-8bee-5199d7165cba' that can't be resolved ..
This is because when promoting the server it extends the Schema, which breaks Exchange ACLs.
**Note** It extends the Schema just by promoting the DC, even when leaving the Domain/Forest Functional Level as is.
Most online resources say restart IIS or restart the Exchange Server(s). Don't do that! Bouncing IIS will cause client disconnects, and restarting a whole server? Just...no.
A quicker and safer fix is to recycle the ECP pools on each Mailbox server by running the following cmdlet in the Exchange Management Shell:
Restart-WebAppPool -Name MSExchangeECPAppPool
Now refresh or close and reopen the EAC and it works!
No comments:
Post a Comment