Released: February 2019 Quarterly Exchange Updates

Anonymous

Feb 20, 2019

When attempting to execute setup with the /prepareAD switch prior to installation of the update itself I receive the following error.

Currently running Exchange 2016 CU10.

The following error was generated when "$error.Clear();

# O15# 2844081 - Create PartnerApplication "Exchange

Online" in DC and On-Premise

$exch =

[Microsoft.Exchange.Data.Directory.SystemConfiguration.WellknownPartnerApplicationIdentifiers]::Exchange;

$exchApp =

Get-PartnerApplication $exch -ErrorAction SilentlyContinue -DomainController $RoleDomainController | Where {

$_.UseAuthServer } | Where { [string]::IsNullOrEmpty($_.IssuerIdentifier)};

if ($exchApp -eq $null)

{

$exchAppName =

"Exchange Online";

$exchApp = New-PartnerApplication -Name $exchAppName -ApplicationIdentifier $exch -Enabled

$RoleIsDatacenter -AcceptSecurityIdentifierInformation $false -DomainController $RoleDomainController;

}

# Create

application account for Exchange

$appAccountName = $exchApp.Name + "-ApplicationAccount";

$appAccount =

Get-LinkedUser -Identity $appAccountName -ErrorAction SilentlyContinue -DomainController $RoleDomainController;

($appAccount -eq $null)

{

$appAccountUpn = $appAccountName.Replace(" ", "_") + "@" + $RoleFullyQualifiedDomainName;

$appAccount = New-LinkedUser -Name $appAccountName -UserPrincipalName $appAccountUpn -DomainController

$RoleDomainController;

Set-PartnerApplication -Identity $exchApp.Identity -LinkedAccount $appAccount.Identity

-DomainController $RoleDomainController;

}

foreach ($roleName in ("UserApplication", "ArchiveApplication",

"LegalHoldApplication", "Mailbox Search", "TeamMailboxLifecycleApplication", "MailboxSearchApplication",

"MeetingGraphApplication"))

{

$roleIdentity = Get-ManagementRole $roleName -DomainController $RoleDomainController;

$roleAssignment = Get-ManagementRoleAssignment -Role $roleIdentity.Identity -RoleAssignee $appAccount.Identity

-DomainController $RoleDomainController;

if ($roleAssignment -eq $null)

{

New-ManagementRoleAssignment -Role

$roleName -User $appAccount.Identity -DomainController $RoleDomainController;

}

" was run:

"Microsoft.Exchange.Data.Directory.ADObjectAlreadyExistsException: Active Directory operation failed on

Domaincontroller123. The object 'CN=Exchange

Online-ApplicationAccount,CN=Users,DC=X,DC=X,DC=X,DC=X,DC=X' already exists. --->

System.DirectoryServices.Protocols.DirectoryOperationException: The object exists.

System.DirectoryServices.Protocols.LdapConnection.ConstructResponse(Int32 messageId, LdapOperation operation, ResultAll

resultType, TimeSpan requestTimeOut, Boolean exceptionOnTimeOut)

Blog Post

Released: February 2019 Quarterly Exchange Updates