0 votes

Hi
I am looking trying to create/migrate/remote move our users mailboxes to 365.
Until now, I have been creating the new AD accounts from Adaxes on our on Prem exchange and then manuell move the mailboxes to 365.

I would like to automate this process, remember that we are in hybrid-mode.
I have looked around and found this but I still getts errors.
365 Hybrid New User Creation.

Everything work except "Run PowerShell script 'RemoteMailbox' for the User".
The error:
"The type initializer for 'System.Management.Automation.Runspaces.WSManConnectionInfo' threw an exception.
Cannot validate argument on parameter 'Session'. The argument is null. Supply a non-null argument and try the command again.
The term 'Enable-RemoteMailbox' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
Cannot validate argument on parameter 'Id'. The argument is null. Supply a non-null argument and try the command again."
The script from Adaxes support

$exchangeServer = "Our local exchange" # TODO: modify me
$exchangeAdminName = "administrator" # TODO: modify me
$exchangeAdminPassword = "xxxxxx" # TODO: modify me
$o365Domain = "something.mail.onmicrosoft.com" # TODO: modify me

$credential = New-Object -type System.Management.Automation.PSCredential `
-argumentlist $exchangeAdminName,(ConvertTo-SecureString -AsPlainText $exchangeAdminPassword -Force)
$session = New-PSSession -Configurationname Microsoft.Exchange –ConnectionUri http://$exchangeServer/powershell -Credential $credential
Import-PSSession $session -DisableNameChecking -AllowClobber
Enable-RemoteMailbox "%distinguishedName%" -RemoteRoutingAddress "%samaccountname%@$o365Domain"
Remove-PSSession $session

The run order:
If the operation succeeded AND
the User is located under the 'Temp User (sfi.se)' container then
Move the User to 'STO (sfi.se\SFI\SFI_Users)'
Add the User to the 'SFI Samtliga anställda (sfi.se\_Groups\Distribution Groups)' group
Run PowerShell script 'Home directory settings' for the User
Create Exchange mailbox for the User (Alias: '%username%', Mailbox Store: containing the least number of mailboxes)
Activate an Office 365 account for the User: set Location to 'SE', enable Exchange Online (Plan 1)
Run PowerShell script 'RemoteMailbox' for the User
Send e-mail notification (Ny medarbetare.)

Regards
Olle Myrberg

by (50 points)

1 Answer

0 votes
by (216k points)
selected by
Best answer

Hello Olle,

First of all, you are creating a remote mailbox for the user, so creating a local mailbox is not necessary. You can remove the following action from your Business Rule: Create Exchange mailbox for the User (Alias: '%username%', Mailbox Store: containing the least number of mailboxes).

As for the script itself, it looks like, for some reason, a remote session cannot be established from the computer where Adaxes service is installed to your Exchange Server. Can you check whether you can view the properties of Exchange recipients located on the same Exchange Server using Adaxes Administration Console or Adaxes Web interface?

0

Thanks for quick reply.

No I can't view the properties of Exchange.

Regards
Olle

0

Olle,

It is a well-known issue of .Net Framework 2.0. Try restarting your Adaxes service.

0

Thanks for shocking quick reply, and you were right as usual :D .
I have now remove line "Business Rule: Create Exchange mailbox for the User (Alias: '%username%', Mailbox Store: containing the least number of mailboxes).
Result, only one error "The operation couldn't be performed because object 'sfi.se/Temp User/Bror Provsson' couldn't be found on 'STO-DC02.sfi.se'.".
We have 2 AD servers "STO-DC01.sfi.se and "STO-DC02.sfi.se" and is it because the replication is slow?
Business Rules: 1 rule encountered while processing your request
'Registrera ny medarbetare365': Move the user to 'STO (sfi.se\SFI\SFI_Users)'
'Registrera ny medarbetare365': Add 'Bror Provsson (sfi.se\Temp User)' to 'SFI Samtliga anställda (sfi.se\_Groups\Distribution Groups)'
'Registrera ny medarbetare365': Run PowerShell script 'Home directory settings' for the user
null 'Registrera ny medarbetare365': Activate an Office 365 account for the user: set Location to 'SE', enable Exchange Online (Plan 1)
A temporary password has been assigned to the user's Office 365 account. The temporary password is xxxxx.
null 'Registrera ny medarbetare365': Run PowerShell script 'RemoteMailbox' for the user
The operation couldn't be performed because object 'sfi.se/Temp User/Bror Provsson' couldn't be found on 'STO-DC02.sfi.se'.
'Registrera ny medarbetare365': Send e-mail notification (Ny medarbetare.)

Regards
Olle

0

Hello Olle,

Yes, the issue is definitely in replication. To work around it, you need to pass the domain controller used by Adaxes to the Enable-RemoteMailbox cmdlet. Also, you can avoid storing credentials of your Exchange administrator in the script. Instead, you can specify the administrator's user name and password in the Run As section of the action that runs the script.

Then, you can access the credentials using the $Context.RunAs property. The resulting script will be as follows:

$exchangeServer = "Our local exchange" # TODO: modify me
$o365Domain = "something.mail.onmicrosoft.com" # TODO: modify me

# Get the domain controller
$domainName = $Context.GetObjectDomain("%distinguishedName%")
$rootDSE = $Context.BindToObject("Adaxes://$domainName/rootDSE")
$domainControllerFQDN = $rootDSE.Get("dnsHostName")

# Get administrator credentials
$adminName = $Context.RunAs.UserName
$adminPassword = ConvertTo-SecureString -AsPlainText -String $Context.RunAs.Password -Force
$credential = New-Object System.Management.Automation.PsCredential($adminName, $adminPassword)

$session = New-PSSession -Configurationname Microsoft.Exchange –ConnectionUri http://$exchangeServer/powershell -Credential $credential
Import-PSSession $session -DisableNameChecking -AllowClobber
Enable-RemoteMailbox "%distinguishedName%" -RemoteRoutingAddress "%samaccountname%@$o365Domain" -DomainController $domainControllerFQDN
Remove-PSSession $session
0

Sorry but the same error after changing to the new script.
Registrera ny medarbetare365': Run PowerShell script 'RemoteMailbox' for the user
The operation couldn't be performed because object 'sfi.se/Temp User/James Bond' couldn't be found on 'STO-DC02.sfi.se'.

0

Hello Olle,

Another reason for such an error is a wrong Distinguished Name (DN). In your Business Rule, you move the user to an appropriate Organizational Unit, which means that the DN changes. Also, you pass a user's Distinguished Name (DN) to the Enable-RemoteMailbox cmdlet using the %distinguishedName% value reference. The value references are resolved before executing the Business Rule. Thus, by the time when the rule executes the script, the DN becomes invalid.

To work around the issue, we suggest using the user's GUID instead of Distinguished Name. To do this, find the following line:

Enable-RemoteMailbox "%distinguishedName%" -RemoteRoutingAddress "%samaccountname%@$o365Domain" -DomainController $domainControllerFQDN

and replace it with the following:

Enable-RemoteMailbox "%objectGUID%" -RemoteRoutingAddress "%samaccountname%@$o365Domain" -DomainController $domainControllerFQDN

0

Operation succeeded :D

Thanks for great support as always.

Regards
Olle

0

Hello Olle,

Thank you for your good words, we really appreciate that! :)

Related questions

0 votes
1 answer

How do I setup Adaxes for Exchange Online Hybrid mode? When I look at one of the users that has been migrated to Exchange Online I get the message of The operation couldn't be performed because object <user> couldn't be found on domain controller.

asked Dec 5, 2019 by Lucas.Miller (20 points)
0 votes
1 answer

We have implentend Adaxes in our infrastructure and users who use forget their password link via Adaxes self service portal by going thorugh the registered Q&A are being prompted to ... by a specific business rule, I am unable to check this via the log

asked Mar 14, 2023 by Vish539 (460 points)
0 votes
1 answer

Hi. I am create a Custom Commands. The Custom Commands will run a powshell by user. Is it possible for me to require the user to verify the passwordagain when performing these Custom Commands?

asked May 20, 2022 by will.chc.join (90 points)
+1 vote
1 answer

Hello, Is there a way I can make the Desktop Adaxes Admin Console Dark Themed? I know how to on the Web Interface, but wondered for the full console. Thanks!

asked Nov 19, 2023 by Edogstraus00 (490 points)
0 votes
1 answer

Hello! Hope you doing well. Currently we struggle to switch the color of our logo based on dark mode or light mode. I searched the FAQ and following support article: ... choosen if dark mode is enabled? Thanks for any hints and clarification! Bests, Daniel.

asked May 3, 2023 by dajo (190 points)
3,589 questions
3,278 answers
8,303 comments
548,148 users