We still have an HMC 4.5 (Hosted Messaging and Collaboration) environment running. HMC has a different approach when it comes to Exchange 2007 compared to ‘native’ Exchange 2007. Everything you want to do has to go through the MPS (Microsoft Provisioning Server) which takes care of all Exchange related management jobs.
Recently a number of users called in complaining about Outlook not being able to create a new profile. The error message that was returned is “The bookmark is invalid”.
This issue is caused by the Outlook client not being able to connect to the Address List. This is more confusing since you can see the Address List information when logged on via OWA. But this is because OWA uses a different technique (in Exchange 2007!) for accessing address lists then the Outlook client.
When checking the appropriate mailbox info you get the following information:
[PS] C:\Windows\system32>get-mailbox info@contoso.com | select name,address* | fl
Name : info@contoso.com
AddressListMembership : {\Default Global Address List, \All Users}
[PS] C:\Windows\system32>
While a normal functioning mailbox would show:
[PS] C:\Windows\system32>get-mailbox jaap@hosting-consultants.nl | select name,address* | fl
Name : jaap@hosting-consultants.nl
AddressListMembership : {\hosting-consultants.nl AL, \hosting-consultants.nl GAL, \All Users, \Default Global Address List}
[PS] C:\Windows\system32>
Somehow the mailbox lost its Address List membership. This is caused by the fact that when manipulating a mailbox using normal cmdlets in Exchange 2007 some HMC specific settings are not set, including the AddressListMembership property.
This can happen with the following cmdlets, but maybe with more cmdlets though:
- Update-AddressList
- Update-GlobalAddressList
- Move-Mailbox
- Set-Contact
- Set-Mailbox
- Set-CASMailbox
- Set-DistributionGroup
The following functions should NOT be used directly in the Exchange Management Shell, but should be performed via the MPS:
- Enable-Mailbox
- Disable-Mailbox
- Enable-MailContact
- Disable-MailContact
- Enable-DistributionGroup
- Disable-DistributionGroup
- Move-OfflineAddressBook
I assume this was a known issue at Microsoft since there actually is a RepairExchangeObject procedure in the “Managed Email 2007” namespace.
Create an XML that contains the following (after editing for your own environment of course):
<request> <data> <!--The domain controller to use for Active Directory actions.--> <preferredDomainController>AD01.Fabrikam.Com</preferredDomainController> <!--Specifies the LDAP path of the user, group, or contact.--> <path>LDAP://CN=info@contoso.com,OU=Contoso,OU=ConsolidatedMessenger,OU=Hosting,DC=Fabrikam,DC=Com</path> <!--Specifies the path of the hosted organization that contains the AL, GAL, and OAB as well-known-objects. By default it is the LDAP parent container of the object.--> <owningOrganization>LDAP://OU=Contoso,OU=ConsolidatedMessenger,OU=Hosting,DC=Fabrikam,DC=Com</owningOrganization> </data> <procedure> <execute namespace="Managed Email 2007" procedure="RepairExchangeObject" impersonate="1"> <before source="data" sourcePath="preferredDomainController" destination="executeData" mode="move" /> <before source="data" sourcePath="path" destination="executeData" mode="move" /></p> <p><before source="data" sourcePath="owningOrganization" destination="executeData" mode="move" /> <after source="executeData" destination="data" mode="merge" /> </execute> </procedure> </request>
Now run using provtest (provtest.exe fix.xml /x2) and check the Address List Membership again when done (maybe wait for replication to complete).
Special thanks to Kip Ng (ex MSFT) since I actually found the answer on his excellents blog: http://blogs.technet.com/b/provtest/archive/2009/05/26/addresslistmembership-goes-missing-again.aspx
Jaap Wesselius 