Cannot create mail enabled user because an existing object with type already has the same proxy addresses/MasterAccountSid.

When provisioning an MEU using the Prepare-MoveRequest.Ps1 script you receive the following error:

[PS] C:\Program Files\Microsoft\Exchange Server\V14\Scripts>.\Prepare-MoveRequest.Ps1 -Identity "CN=mbperm1,OU=office,D
=ipcfcdom,DC=inphonic,DC=com" -RemoteForestDomainController "dcfcdc03.ipcfcdom.inphonic.com" -RemoteForestCredential $R
mote -LocalForestDomainController "eqdcp01.corp.dom" -LocalForestCredential $Local -TargetMailUserOU "OU=office,DC=corp
DC=dom" -uselocalobject -overwritelocalobject
The operation couldn't be performed because object 'corp.dom/Office/mbperm1' couldn't be found on 'EQDCP01.corp.dom'.
+ CategoryInfo : NotSpecified: (:) [Get-Recipient], ManagementObjectNotFoundException
+ FullyQualifiedErrorId : 4A3D86A8,Microsoft.Exchange.Management.RecipientTasks.GetRecipient

C:\Program Files\Microsoft\Exchange Server\V14\Scripts\Prepare-MoveRequest.ps1 : Cannot create mail enabled user becaus
e an existing object with type already has the same proxy addresses/MasterAccountSid.
At line:1 char:26
+ .\Prepare-MoveRequest.Ps1 <<<< -Identity "CN=mbperm1,OU=office,DC=ipcfcdom,DC=inphonic,DC=com" -RemoteForestDomainCo
ntroller "dcfcdc03.ipcfcdom.inphonic.com" -RemoteForestCredential $Remote -LocalForestDomainController "eqdcp01.corp.do
m" -LocalForestCredential $Local -TargetMailUserOU "OU=office,DC=corp,DC=dom" -uselocalobject -overwritelocalobject
+ CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
+ FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Prepare-MoveRequest.ps1

The reason is you used ADMT and didn't exclude the necessary exchange attributes. Therefore prepare-moverequest fails to merge to the existing object brought over by ADMT. The provisioning script must match 3 attributes: Proxyaddresses, mail and mailnickname. You must have all 3 attributes set in order for the script to match and merge the MEU then excluse all other Exchange attributes.

You must script the move to stop the exclusion of some core exchange attributes. The link below shows a sample script. You would then need to append the following lines.

Create a new notepad file and name it ADMTexclusion.vbs and enter the lines below.
Set objMig = CreateObject("ADMT.Migration")

objMig.SystemPropertiesToExclude = "homeMDB, homeMTA, showInAddressBook, msExchHomeServerName, msExchRecipientTypeDetails, msexchrecipientdisplaytype msExchMailboxSecurityDescriptor, msExchMDBRulesQuota, msExchPoliciesIncluded, msExchUserAccountControl, msExchVersion, mdbusedefaults"

Then run the file on your ADMT server:


C:\Windows\SysWOW64>cscript c:\admin\scripts\admtexclusion.vbs

Migrating All User Accounts
http://technet.microsoft.com/en-us/library/cc974368(WS.10).aspx


Another option is to use ADMT to bulk move\seed them without any attributes, then use either powershell or old friend ADModify to bulk update the proxyaddresses, mail and mailnickname. Typically you would use %'samaccount'% as the variable to fill in these attributes.

Finally you can just provision the account using Prepare-MoveRequest.ps1 first then use ADMT.



James Chong
MCITP | EA | EMA; MCSE | M+, S+
Security+, Project+, ITIL
msexchangetips.blogspot.com