When attempting to execute setup with the /prepareAD switch prior to installation of the update itself I receive the following error.
Currently running Exchange 2016 CU10.
The following error was generated when "$error.Clear();
#
# O15# 2844081 - Create PartnerApplication "Exchange
Online" in DC and On-Premise
#
$exch =
[Microsoft.Exchange.Data.Directory.SystemConfiguration.WellknownPartnerApplicationIdentifiers]::Exchange;
$exchApp =
Get-PartnerApplication $exch -ErrorAction SilentlyContinue -DomainController $RoleDomainController | Where {
$_.UseAuthServer } | Where { [string]::IsNullOrEmpty($_.IssuerIdentifier)};
if ($exchApp -eq $null)
{
$exchAppName =
"Exchange Online";
$exchApp = New-PartnerApplication -Name $exchAppName -ApplicationIdentifier $exch -Enabled
$RoleIsDatacenter -AcceptSecurityIdentifierInformation $false -DomainController $RoleDomainController;
}
# Create
application account for Exchange
$appAccountName = $exchApp.Name + "-ApplicationAccount";
$appAccount =
Get-LinkedUser -Identity $appAccountName -ErrorAction SilentlyContinue -DomainController $RoleDomainController;
if
($appAccount -eq $null)
{
$appAccountUpn = $appAccountName.Replace(" ", "_") + "@" + $RoleFullyQualifiedDomainName;
$appAccount = New-LinkedUser -Name $appAccountName -UserPrincipalName $appAccountUpn -DomainController
$RoleDomainController;
Set-PartnerApplication -Identity $exchApp.Identity -LinkedAccount $appAccount.Identity
-DomainController $RoleDomainController;
}
foreach ($roleName in ("UserApplication", "ArchiveApplication",
"LegalHoldApplication", "Mailbox Search", "TeamMailboxLifecycleApplication", "MailboxSearchApplication",
"MeetingGraphApplication"))
{
$roleIdentity = Get-ManagementRole $roleName -DomainController $RoleDomainController;
$roleAssignment = Get-ManagementRoleAssignment -Role $roleIdentity.Identity -RoleAssignee $appAccount.Identity
-DomainController $RoleDomainController;
if ($roleAssignment -eq $null)
{
New-ManagementRoleAssignment -Role
$roleName -User $appAccount.Identity -DomainController $RoleDomainController;
}
}
" was run:
"Microsoft.Exchange.Data.Directory.ADObjectAlreadyExistsException: Active Directory operation failed on
Domaincontroller123. The object 'CN=Exchange
Online-ApplicationAccount,CN=Users,DC=X,DC=X,DC=X,DC=X,DC=X' already exists. --->
System.DirectoryServices.Protocols.DirectoryOperationException: The object exists.
at
System.DirectoryServices.Protocols.LdapConnection.ConstructResponse(Int32 messageId, LdapOperation operation, ResultAll
resultType, TimeSpan requestTimeOut, Boolean exceptionOnTimeOut)