Adaxes

Getting DomainController Error in Adaxes

0 votes

Modify mailbox settings for the user: set Hide from Exchange address lists to 'True'
A parameter cannot be found that matches parameter name 'DomainController'.

I am using Exchange 2013 and it only seem to happen when the exchange commands is evoked

How can I check this property? and can I force this property?

Thank you.

by (50 points)
0

Ok So here is a bigger issue than what I taught.

I had a demo of adaxes installed on a server I just shut down the box instead of uninstalling the product from the domain.

I installed a new instance of the software on newly installed hardware. Error logs is still pointing to the old server.

* how can I remove the "old" server from the domain?

by (50 points)
0

Hello,

You can find the instructions for removing information on your old server here: How to unregister an Adaxes service manually?. However, normally, such a situation shouldn't cause issues with Exchange. To troubleshoot the issue with Exchange, could you post here or send to our support e-mail (support[at]adaxes.com) examples of the error messages that you are talking about? Also, could you do the following:

  1. Enabling tracing of requests to your Exchange Server. For information on how to do this, see the following help article: http://www.adaxes.com/help/?HowDoI.Perf ... uests.html.
  2. Reproduce the error by trying to perform the operations that caused it.
  3. Send the trace file to our support e-mail.
by (216k points)
0

Hi,

I am having this issue again. getting an error

A parameter cannot be found that matches parameter name 'DomainController'.

when trying to edit exchange properties.

Do you know what this fix was?

Thank you

by (50 points)

1 Answer

0 votes
by (216k points)
selected by
Best answer

Hello,

To edit Exchange properties of AD objects, Adaxes uses the management cmdlets provided by Exchange Server, such as Set-Mailbox, for example. The error message means that the account whose credentials were used to register your AD domain in Adaxes is not allowed to use the DomainController parameter of one of the cmdlets used. To resolve the issue, you need to add the parameter to the Exchange Management Roles assigned to the account. Alternatively, you can create a new Role that for this purpose, and then assign the Role to the user. For information on how to do that, use the following guide by Microsoft: https://blogs.technet.microsoft.com/rmi ... ment-role/. See section Add A Single Parameter.

After performing changes following the guide, restart Softerra Adaxes Service and try using the Edit Exchange Properties functionality again.

0

I'm getting this same error and was directed to this post. But, I have read the article multiple times and am still unsure of what I need to do here to fix this. Any assistance would be appreciated. In PowerShell, I figured out this:

C:\Windows\system32>Get-ManagementRole -CmdletParameters DomainController

Which returned this: 

Name                                                        RoleType
----                                                        --------
Recipient Policies                                          RecipientPolicies
Active Directory Permissions                                ActiveDirectoryPermissions
Address Lists                                               AddressLists
Audit Logs                                                  AuditLogs
Cmdlet Extension Agents                                     CmdletExtensionAgents
Database Availability Groups                                DatabaseAvailabilityGroups
Database Copies                                             DatabaseCopies
Databases                                                   Databases
Disaster Recovery                                           DisasterRecovery
Distribution Groups                                         DistributionGroups
E-Mail Address Policies                                     EmailAddressPolicies
Edge Subscriptions                                          EdgeSubscriptions
Exchange Connectors                                         ExchangeConnectors
Exchange Server Certificates                                ExchangeServerCertificates
Exchange Servers                                            ExchangeServers
Exchange Virtual Directories                                ExchangeVirtualDirectories
Federated Sharing                                           FederatedSharing
Information Rights Management                               InformationRightsManagement
Journaling                                                  Journaling
Legal Hold                                                  LegalHold
Mail Enabled Public Folders                                 MailEnabledPublicFolders
Mail Recipient Creation                                     MailRecipientCreation
Mail Recipients                                             MailRecipients
Mail Tips                                                   MailTips
Mailbox Search                                              MailboxSearch
Message Tracking                                            MessageTracking
Migration                                                   Migration
Monitoring                                                  Monitoring
Move Mailboxes                                              MoveMailboxes
Organization Client Access                                  OrganizationClientAccess
Organization Configuration                                  OrganizationConfiguration
Organization Transport Settings                             OrganizationTransportSettings
POP3 And IMAP4 Protocols                                    POP3AndIMAP4Protocols
Public Folder Replication                                   PublicFolderReplication
Public Folders                                              PublicFolders
Receive Connectors                                          ReceiveConnectors
Remote and Accepted Domains                                 RemoteAndAcceptedDomains
Retention Management                                        RetentionManagement
Role Management                                             RoleManagement
Security Group Creation and Membership                      SecurityGroupCreationAndMembership
Send Connectors                                             SendConnectors
Support Diagnostics                                         SupportDiagnostics
Transport Agents                                            TransportAgents
Transport Hygiene                                           TransportHygiene
Transport Queues                                            TransportQueues
Transport Rules                                             TransportRules
UM Mailboxes                                                UMMailboxes
UM Prompts                                                  UMPrompts
Unified Messaging                                           UnifiedMessaging
User Options                                                UserOptions
View-Only Configuration                                     ViewOnlyConfiguration
View-Only Recipients                                        ViewOnlyRecipients
Mailbox Import Export                                       MailboxImportExport
MyBaseOptions                                               MyBaseOptions
MyTextMessaging                                             MyTextMessaging
MyDiagnostics                                               MyDiagnostics
UnScoped Role Management                                    UnScopedRoleManagement
View-Only Audit Logs                                        ViewOnlyAuditLogs
MyMailboxDelegation                                         MyMailboxDelegation

But I'm at a loss from here.

by (150 points)
0

Hello,

To fix the the issue, you need to do the following:

  • Find out which cmdlet(s) cause the error to appear
  • Get Exchange Management Roles that allow using the cmdlet(s)
  • FInd out which account used by Adaxes to manage the domain where the issue occurs
  • Get Exchange Management Roles assigned to the account
  • Add the -DomainController parameter to one of the Management Roles assigned to the user

i. Find out which cmdlet(s) cause the error to appear
To find out which cmdlet(s) exactly cause the error to appear, do the following:

  1. Enable tracing of commnds sent to your Exchange Servers. For details, see the following help article: http://www.adaxes.com/help/?HowDoI.Perf ... uests.html.

  2. Reproduce the issue.

  3. Check the Exchange trace log for the error. For example, if the error is cause by the Set-Mailbox cmdlet, you will find the following entries in the log: 

     [2/13/2016 14:28:59] Set-Mailbox -Identity "<DN>" -DomainController "dc.example.com" -EmailAddresses "System.String[]"
 [2/13/2016 14:28:59] Error: A parameter cannot be found that matches parameter name 'DomainController'.

ii. Get Exchange Management Roles that allow using the cmdlet(s)
To get Exchange Management Roles that allow using the failing cmdlet(s), run the following line in Exchange Management Shell (EMS): 

Get-ManagementRoleEntry *\Set-Mailbox

where Set-Mailbox is the name of the cmdlet you found on step i.
The roles that allow using the cmdlets will be displayed in the Role column.

iii. Get the username of the account used by Adaxes to manage the domain where the issue occurs
To FInd out which account used to manage the domain in Adaxes:

  1. Launch Adaxes Administration Console.
  2. Navigate to the domain where the issue occurs
  3. Right-click it and select Change Logon Information. The account will be displayed in the dialog box that appears.

iv. Get Exchange Management Roles assigned to the account
To get Exchange Management Roles assigned to the account used to manage the domain, run the following line in EMS: 

Get-ManagementRoleAssignment -GetEffectiveUsers | Where-Object {$_.EffectiveUserName -eq "<username>"} | Select-Object Role

where <username> is the username you got on step iii.

v. Add the -DomainController parameter to one of the Management Roles assigned to the user
By comparing the results you received on steps ii and iv, find the roles that both:

  • allow running the failing cmdlets;
  • assigned to the account used to manage the domain.

Add the -DomainController parameter to the failing cmdlet(s) in one of the roles you found. To do this, run the following command in EMS: 

Add-ManagementRoleEntry "<ManagementRole><Cmdlet>"  -Parameters DomainController

If you find difficulty with any of the steps in this process, we will help you.

by (216k points)
0

Thanks for the detailed information. This was very helpful, but still didn't fix the problem.

I figured out that the Get-ManagementRoleAssignment command uses the "displayname" as opposed to the userid, I was able to get the following. This account does have the correct roles assigned that are already assigned to the setmailbox cmdlet. See below for output.


[PS] C:\Windows\system32>Get-ManagementRoleAssignment -GetEffectiveUsers | Where-Object {$_.EffectiveUserName -eq "Sys Admin"} | Select-Object Role

Role
----
Databases
Exchange Servers
Receive Connectors
Message Tracking
View-Only Configuration
E-Mail Address Policies
Edge Subscriptions
Unified Messaging
Distribution Groups
Federated Sharing
Role Management
Federated Sharing
Exchange Server Certificates
Journaling
Mail Tips
Mail Enabled Public Folders
Message Tracking
Transport Hygiene
Disaster Recovery
Security Group Creation and Membership
User Options
View-Only Audit Logs
Database Copies
Remote and Accepted Domains
Databases
MyRetentionPolicies
Public Folders
Database Availability Groups
Security Group Creation and Membership
Retention Management
POP3 And IMAP4 Protocols
MyProfileInformation
MyVoiceMail
Recipient Policies
Exchange Connectors
UM Mailboxes
Recipient Policies
Message Tracking
Information Rights Management
Transport Queues
Legal Hold
Transport Agents
View-Only Recipients
Transport Queues
E-Mail Address Policies
Exchange Connectors
Mail Recipients
Organization Transport Settings
Move Mailboxes
UM Prompts
Public Folder Replication
Receive Connectors
Exchange Servers
View-Only Recipients
Unified Messaging
Monitoring
User Options
Audit Logs
Send Connectors
Monitoring
Mail Recipient Creation
Databases
Journaling
MyDistributionGroupMembership
MyContactInformation
Database Copies
Migration
Exchange Virtual Directories
Transport Hygiene
Audit Logs
Remote and Accepted Domains
Migration
Exchange Server Certificates
Cmdlet Extension Agents
Monitoring
Move Mailboxes
Exchange Connectors
Receive Connectors
Journaling
Database Availability Groups
Mail Recipients
Exchange Virtual Directories
POP3 And IMAP4 Protocols
MyBaseOptions
View-Only Configuration
Retention Management
Edge Subscriptions
Organization Configuration
Support Diagnostics
Audit Logs
UM Prompts
UnScoped Role Management
POP3 And IMAP4 Protocols
Database Copies
Distribution Groups
Active Directory Permissions
MyTextMessaging
Transport Agents
Public Folders
Address Lists
Mailbox Import Export
ApplicationImpersonation
Exchange Virtual Directories
Send Connectors
Mailbox Search
Disaster Recovery
View-Only Audit Logs
Organization Configuration
Address Lists
Organization Client Access
Active Directory Permissions
Organization Client Access
Organization Transport Settings
Mail Recipient Creation
Retention Management
Public Folder Replication
MyDistributionGroups
UM Mailboxes
Role Management
MyDiagnostics
Legal Hold
Cmdlet Extension Agents
Transport Queues
Mail Tips
Transport Rules
Transport Rules
Exchange Servers
Transport Rules
Exchange Server Certificates
Information Rights Management
Mail Enabled Public Folders
MyMailboxDelegation
Mailbox Import Export

[PS] C:\Windows\system32>Get-ManagementRoleEntry *\Set-Mailbox

Name                           Role                      Parameters
----                           ----                      ----------
Set-Mailbox                    Audit Logs                {AuditAdmin, AuditDelegate, AuditEnabled, AuditLogAgeLimit,...
Set-Mailbox                    Disaster Recovery         {ArchiveDatabase, Confirm, Database, DomainController, Iden...
Set-Mailbox                    Legal Hold                {Arbitration, ArbitrationMailbox, Identity, LitigationHoldD...
Set-Mailbox                    Mail Recipients           {AcceptMessagesOnlyFrom, AcceptMessagesOnlyFromDLMembers, A...
Set-Mailbox                    Retention Management      {Debug, DomainController, EndDateForRetentionHold, ErrorAct...
Set-Mailbox                    UM Mailboxes              {Confirm, CreateDTMFMap, Debug, DomainController, ErrorActi...
Set-Mailbox                    User Options              {AcceptMessagesOnlyFrom, AcceptMessagesOnlyFromDLMembers, A...
Set-Mailbox                    MyBaseOptions             {AcceptMessagesOnlyFrom, AcceptMessagesOnlyFromDLMembers, A...
Set-Mailbox                    MyProfileInformation      {DisplayName, Identity, SimpleDisplayName}
Set-Mailbox                    MyDisplayName             {DisplayName, Identity, SimpleDisplayName}
Set-Mailbox                    MyMailboxDelegation       {GrantSendOnBehalfTo, Identity}

But, when I run the script, I'm still getting the same error: 

Junior Jr. (lcdf.org\Disabled Accounts):
Succeeded with warnings
null        HR Termination: 8 operations executed
null        Modify the user: disable the account
null        Business Rules: 1 rule encountered while processing your request
        'After User Account is Disabled':   Run PowerShell script 'Remove from All Groups' for the user
null        'After User Account is Disabled':   Modify mailbox settings for the user: set Hide from Exchange address lists to 'True'
        A parameter cannot be found that matches parameter name 'DomainController'.
        'After User Account is Disabled':   Move the user to 'Disabled Accounts (lcdf.org)'
        'After User Account is Disabled':   Modify the user: set Notes to 'Deprovisioned on 3/8/2018 2:32:41 PM by mdedmon@lcdf.org. IT Test Account / Built-In Business Rule After User Account Disabled: 3/8/2018 2:48:19 PM'
        'After User Account is Disabled':   Modify the user: clear Telephone Number, clear Telephone Number (Other), clear Mobile Phone, clear Mobile Phone (Other), clear IP Phone, clear IP Phone (Other), clear Manager, clear Job Title, clear Department, clear Company
        Reset password for the user
        Run PowerShell script 'Remove from All Groups' for the user
        Set the account expiration date to the current date
        Modify the user: set Notes to 'Deprovisioned on 3/8/2018 2:48:19 PM by mdedmon@lcdf.org. IT Test Account'
        Move the user to 'Disabled Accounts (lcdf.org)'
        Run PowerShell script 'Send Termination Email Notice' for the user
null        Modify mailbox settings for the user: set Hide from Exchange address lists to 'True'
        A parameter cannot be found that matches parameter name 'DomainController'.

Any assistance is appreciated.

by (150 points)
0

Hello,

For troubleshooting purposes, do the following:

  1. Save the script below to the computer where Adaxes service is installed with the PS1 extension, e.g. MyScript.PS1. 

     $userIdentity = "CN=John Stmih,OU=Users,DC=domain,DC=com" # TODO: modify me
 $domainControllerFQDN = "Server.domain.com" # TODO: modify me
 $exchangeServer = "ExchangeServer.domain.com" # TODO: modify me

 try
 {
     $session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://$exchangeServer/PowerShell -Credential (Get-Credential)
     Import-PSSession $session -DisableNameChecking -AllowClobber

     Set-Mailbox -Identity $userIdentity -DomainController $domainControllerFQDN -HiddenFromAddressListsEnabled $true -Force
 }
 finally
 {
     # Close the remote session and release resources
     if ($session) { Remove-PSSession $session }
 }

  2. Modify the following variables in the script:

    • $userIdentity – Specifies the distinguished name of a user that has a mailbox
    • $domainControllerFQDN – Specifies the fully qualified domain name of a Domain Controller.
    • $exchangeServer – Specifies the Exchange server.

  3. Run Windows PowerShell. To do so, press Win+R, type powershell.exe and press Enter.

  4. Navigate to the folder where you saved the script. For example, if you saved it to C:\Downloads, type cd C:\Downloads and press Enter.

  5. Run the script by executing the following command:
    .\ MyScript.PS1

  6. When prompted for credentials, specify the credentials of the user account, whose credentials were used to register the domain in Adaxes.

If the script results into an error, provide a screenshot.

by (289k points)
0

Hi All,
Yesterday, I updated the server from 2017.1 to 2017.2 and now the error message has gone away. So, I think that may have been the problem. I am getting this warning message.

** Modify mailbox settings for the user: set Hide from Exchange address lists to 'True'
The command completed successfully but no settings of '*****' have been modified.

But, I when I test it, the "set Hide from Exchange address lists to 'True' " is working. So, I'm not sure what the warning means, but the functionality is good.

Thanks for your time and responses to help troubleshoot this.

by (150 points)
0

Hello,

The warning is returned by Exchange when the action did not modify any properties.

by (289k points)

Related questions

0 votes
0 answers
Hi All, I have setup an action to cancel all meetings in outlook when a user is leaving but getting an error.

Hi All, I have setup an action to cancel all meetings in outlook when a user is leaving. We use Exchange online but I'm getting an error 'The operation is supported by Exchange online and Exchange versions starting from 2019' I cant see where you specify.

asked Sep 6 by DarrenFisk (60 points)
0 votes
1 answer
Forcing "" around displaynames and email addresses with & in, or just getting a detailed error message.

Hi, I need to create a number of mail user accounts via Adaxes and a lot of these accounts have &amp; in the displayname/email address etc (I know, I know ... failed so I can troubleshoot it better. I have tried $context.logmessage($_.Exception.Message) Thanks

asked May 9 by typod (50 points)
0 votes
1 answer
Getting error 'Request parameters are invalid or missing.' when trying to add or remove actions in web configurator

I'm currently receiving the below error when trying to remove or add actions to a web interface's homepage. I only get the error on this specific dashboard, others are ... the web interface there. I'm currently running Adaxes version 2021.1 if that helps

asked May 21, 2021 by richarddewis (260 points)
0 votes
1 answer
Time Out operation Error when running a report for getting license info for users from Azure

I created a Report asking the report to get the Assinged Microsoft Supbsription license assinged to the Users, When the Reports runs it geta few users but time out ... way to increase the time Out oprtion fro Reports that are getting information from Azure?

asked May 16 by George.Holden (60 points)
0 votes
0 answers
see the following error in adaxes portal cmdlet Get-CASMailbox is not present in the role definition of the current user

Over the last day or so we have been seeing this pop up under the exchange header in adaxes portal. cmdlet Get-CASMailbox is not present in the role definition of the current user

asked Jul 3, 2023 by Jeff.Briand (80 points)
3,549 questions
3,240 answers
8,232 comments
547,824 users