Enable-RemoteMailbox ExchangeGuid is mandatory on UserMailbox

After you run the Enable-RemoteMailbox cmdlet to create an Exchange Online mailbox for an existing on-premises user, it fails. The errors show that ExchangeGuid is mandatory on UserMailbox and Database is mandatory on UserMailbox. What’s happening, and what is the solution to these errors?

The organization got a hybrid environment, and the mailboxes are in Exchange Online (Office 365). After you create the users in Active Directory on-premises, Azure AD Connect will sync the AD objects to Azure Active Directory. The last step is to create an Exchange Online mailbox for the users with the Enable-RemoteMailbox PowerShell cmdlet.

Table of contents

ExchangeGuid is mandatory on UserMailbox

You have a hybrid environment that syncs the on-premises Active Directory to Azure Active Directory. After you create a new AD user on-premises, you want to create a new Exchange Online mailbox (Office 365).

In this example, the user Ali Tajran is already created in AD on-premises and synced to Azure AD. Make sure that the AD object appears in Azure AD or Microsoft 365 admin center.

Note: Use the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service for an existing user in the on-premises Active Directory. This cmdlet is available only in on-premises Exchange.

Run Exchange Management Shell as administrator. Use the Enable-RemoteMailbox cmdlet to enable a remote mailbox.

[PS] C:\>Enable-RemoteMailbox -Identity "Ali Tajran" -RemoteRoutingAddress "Ali.Tajran@exoip.mail.onmicrosoft.com"

After running the command, the output gives us the following errors:

  • ExchangeGuid is mandatory on UserMailbox.
  • Database is mandatory on UserMailbox.
ExchangeGuid is mandatory on UserMailbox.
    + CategoryInfo          : NotSpecified: (exoip.local/Company/I...Ali Tajran:ADObjectId) [Enable-RemoteMailbox], DataValidationException
    + FullyQualifiedErrorId : [Server=EX01-2016,RequestId=0a83a0bb-6893-4768-8be7-d23f6f65413f,TimeStamp=14-1-2021 18:43:16] [FailureCategory=
   Cmdlet-DataValidationException] 228B08D6,Microsoft.Exchange.Management.RecipientTasks.EnableRemoteMailbox
    + PSComputerName        : ex01-2016.exoip.local

Database is mandatory on UserMailbox.
    + CategoryInfo          : NotSpecified: (exoip.local/Company/I...Ali Tajran:ADObjectId) [Enable-RemoteMailbox], DataValidationException
    + FullyQualifiedErrorId : [Server=EX01-2016,RequestId=0a83a0bb-6893-4768-8be7-d23f6f65413f,TimeStamp=14-1-2021 18:43:16] [FailureCategory=
   Cmdlet-DataValidationException] 27A58729,Microsoft.Exchange.Management.RecipientTasks.EnableRemoteMailbox
    + PSComputerName        : ex01-2016.exoip.local

Why do we get this error, and what is the solution for ExchangeGuid is mandatory on UserMailbox and Database is mandatory on UserMailbox?

Solution for ExchangeGuid is mandatory on UserMailbox

Start Active Directory Users and Computers (ADUC) on the on-premises server. Click in the menu bar on View and enable Advanced Features.

Enable advanced features in Active Directory Users and Computers

Find the user object and double-click on it to open the properties. Click the tab Attribute Editor. Find the attribute msExchHomeServerName and click Edit.

Enable-RemoteMailbox ExchangeGuid is mandatory on UserMailbox AD User Attribute Editor

This is how the value looks.

Enable-RemoteMailbox ExchangeGuid is mandatory on UserMailbox Attribute msExchHomeServerName

Click on Clear to clear the value for attribute msExchHomeServerName. Click OK.

Enable-RemoteMailbox ExchangeGuid is mandatory on UserMailbox clear value

The value changed to <not set>. Click OK.

Enable-RemoteMailbox ExchangeGuid is mandatory on UserMailbox verify

It’s important to force a sync to Azure AD before you run the Enable-RemoteMailbox cmdlet.

PS C:\> Start-ADSyncSyncCycle -PolicyType Delta

Now rerun the Enable-RemoteMailbox command.

[PS] C:\>Enable-RemoteMailbox -Identity "Ali Tajran" -RemoteRoutingAddress "Ali.Tajran@exoip.mail.onmicrosoft.com"

Name                     RecipientTypeDetails               RemoteRecipientType   
----                     --------------------               -------------------
Ali Tajran               RemoteUserMailbox                  ProvisionMailbox

The mailbox is created in Office 365.

Bulk clear attribute msExchHomeServerName value

Editing the attribute one by one by one is time-consuming. What if you want to clear the msExchHomeServerName attribute value from all the users?

Use the Get-ADUser cmdlet to find all user objects that don’t have the value cleared.

[PS] C:\>Get-ADUser -Filter * -Properties msExchHomeServerName | Where-Object {($_.msExchHomeServerName -ne $null) -and $_.Name -notlike "HealthMailbox*" -and $_.Name -notlike "SystemMailbox*" -and $_.Name -notlike "FederatedEmail*" -and $_.Name -notlike "Migration*"} | Select-Object SamAccountName,msExchHomeServerName

SamAccountName  msExchHomeServerName                                                                                
--------------  --------------------                                                                                
Administrator   /o=EXOIP/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=EX02-2016
Max.Fraser      /o=EXOIP/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=EX02-2016
Piers.Bower     /o=EXOIP/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=EX02-2016
Kylie.Davidson  /o=EXOIP/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=EX02-2016
Richard.Grant   /o=EXOIP/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=EX02-2016
Boris.Campbell  /o=EXOIP/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=EX02-2016

Export the results to a CSV file in the C:\temp folder. Create a temp folder if you don’t have one.

[PS] C:\>Get-ADUser -Filter * -Properties msExchHomeServerName | Where-Object {($_.msExchHomeServerName -ne $null) -and $_.Name -notlike "HealthMailbox*" -and $_.Name -notlike "SystemMailbox*" -and $_.Name -notlike "FederatedEmail*" -and $_.Name -notlike "Migration*"} | Select-Object SamAccountName,msExchHomeServerName | Export-Csv "C:\temp\users.csv" -Encoding UTF8 -NoTypeInformation

Open the CSV file with Microsoft Excel or another application of your choice. In this example, we used Notepad.

Enable RemoteMailbox ExchangeGuid is mandatory on UserMailbox CSV file

Clear the attribute msExchHomeServerName value for the AD users. Copy the script below and paste it in PowerShell ISE and run the script.

$Users = Import-Csv "C:\temp\users.csv"
Foreach ($User in $Users) {
    Get-ADUser $User.SamAccountName | Set-ADUser -Clear msExchHomeServerName
}

Don’t forget to force a sync to azure AD before you run the Enable-RemoteMailbox cmdlet.

Did this help you to fix the ExchangeGuid is mandatory on UserMailbox and Database is mandatory on UserMailbox errors?

Articles that you may be interested in:

Conclusion

You learned why you receive the error ExchangeGuid is mandatory on UserMailbox and that Database is mandatory on UserMailbox after running the Enable-RemoteMailbox cmdlet.

The solution to this problem is to clear the attribute value msExchHomeServerName on the on-premises AD object. After that, force a sync to Azure AD and run the Enable-RemoteMailbox command. No more errors and the mailbox is created in Office 365.

Did you enjoy this article? You may also like Exchange database is mandatory on UserMailbox. Don’t forget to follow us and share this article.

ALI TAJRAN

ALI TAJRAN

ALI TAJRAN is a passionate IT Architect, IT Consultant, and Microsoft Certified Trainer. He started Information Technology at a very young age, and his goal is to teach and inspire others. Read more »

X TwitterLinkedIn

What Others Are Reading

This Post Has 7 Comments

  3. To clarify, the Enable-RemoteMailbox script doesn’t “create an Exchange Online mailbox for the user”. The ExO mailbox is created when you apply a license (with the Exchange Online plan 1 or plan 2 feature) to the user in M365. And that mailbox will be created whether you run this script or not.

    Even if you do not run the script other ExO mailbox users (in same tenant) can successfully send to that mailbox. And if your domain MX records point to the Office365 servers then external senders will also be able to send to that mailbox. But if you do not run the script any mailbox users that are still on-prem (or any on-prem services configured to relay mail through the on-prem Exchange SMTP server) will be unable to route mail to that ExO mailbox recipient because the on-prem environment will have no knowledge of the remote mailbox. On-prem Exchange only knows it is the authoritative mail host for that recipient’s domain but has no local mailbox for that recipient address so the message is NDR’d.

    This script just supplies the remote routing information your on-prem Exchange services need to navigate a hybrid deployment. It only makes changes to the on-prem AD identity, it makes no changes to cloud identities or ExO (not directly anyway) and as such it is NOT necessary to force an Azure AD sync before enabling the remote mailbox. But it will require at least one Azure AD sync cycle before the on-prem identity’s mail/proxyaddresses attributes (which are modified when you run the script) are synchronized to Azure AD and then applied to the ExO cloud mailbox.

    As a matter of fact, you can run the Enable-RemoteMailbox script *before* the user’s hybrid identity (and mailbox) have even been created in the cloud. Of course the user will need to be synched/created in Azure and ExO licenses applied (so that a ExO mailbox is provisioned) before mail flow actually works though.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *