Recreate arbitration mailboxes in Exchange Server

A couple of arbitration mailboxes are corrupt, and we like to make them healthy. It can also happen that the arbitration mailboxes objects are missing. That’s because they are removed from Active Directory Users and Computers (ADUC). The good news is that we can recreate the missing arbitration mailboxes. In this article, you will learn how to recreate arbitration mailboxes in Exchange Server.

Table of contents

Before you start to recreate missing arbitration mailboxes

Read the following articles about the arbitration mailboxes:

Find the arbitration mailboxes in Exchange Server. Run Exchange Management Shell as administrator. Make use of the Get-Mailbox -Arbitration cmdlet. If you run the same cmdlet and don’t see all the arbitration mailboxes, it means they are not in a good state. In our example, we have seven arbitration mailboxes.

We are running Exchange Server 2016 CU16. All the arbitration mailboxes are configured in Exchange Server 2016 mailbox database DB01. You can see that we have seven arbitration mailboxes in the Exchange organization:

  • 5x System mailboxes
  • 1x Migration mailbox
  • 1x Federation mailbox
[PS] C:\>Set-ADServerSettings -ViewEntireForest $true; Get-Mailbox -Arbitration | Format-Table Name, ServerName, Database, AdminDisplayVersion, ProhibitSendQuota

Name                                                ServerName Database AdminDisplayVersion         ProhibitSendQuota
----                                                ---------- -------- -------------------         -----------------
SystemMailbox{1f05a927-47dc-4efe-b7bf-aa11d93f5395} ex01-2016  DB01     Version 15.1 (Build 1979.3) Unlimited
SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c} ex01-2016  DB01     Version 15.1 (Build 1979.3) Unlimited
SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9} ex01-2016  DB01     Version 15.1 (Build 1979.3) Unlimited
Migration.8f3e7716-2011-43e4-96b1-aba62d229136      ex01-2016  DB01     Version 15.1 (Build 1979.3) 300 MB (314,572,800 bytes)
FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042 ex01-2016  DB01     Version 15.1 (Build 1979.3) 1 MB (1,048,576 bytes)
SystemMailbox{D0E409A0-AF9B-4720-92FE-AAC869B0D201} ex01-2016  DB01     Version 15.1 (Build 1979.3) Unlimited
SystemMailbox{2CE34405-31BE-455D-89D7-A7C7DA7A0DAA} ex01-2016  DB01     Version 15.1 (Build 1979.3) Unlimited

In ADUC you will see the federation mailbox, migration mailbox and six system mailboxes. That’s a total of eight mailboxes. Why do we see eight mailboxes in total in ADUC and seven with PowerShell? The answer is that one of the system mailboxes is an audit mailbox.

Recreate arbitration mailboxes in Exchange Server select AD objects

The audit mailbox is the SystemMailbox{8cc370d3-822a-4ab8-a926-bb94bd0641a9}. You have to run the Get-Mailbox cmdlet with the -AuditLog switch to retrieve the mailbox.

[PS] C:\>Set-ADServerSettings -ViewEntireForest $true; Get-Mailbox -AuditLog | Format-Table Name, ServerName, Database, AdminDisplayVersion, ProhibitSendQuota

Name                                                ServerName Database AdminDisplayVersion         ProhibitSendQuota
----                                                ---------- -------- -------------------         -----------------
SystemMailbox{8cc370d3-822a-4ab8-a926-bb94bd0641a9} ex01-2016  DB01    Version 15.1 (Build 1979.3) 50 GB (53,687,091,200 bytes)

Remove arbitration mailboxes

Go to ADUC. Right-click the mailboxes and click remove. We are going to remove the seven arbitration mailboxes. You will get a prompt if you are sure to delete the seven objects. Click Yes.

Recreate arbitration mailboxes in Exchange Server remove arbitration mailboxes

Run the cmdlet and check if the arbitration mailboxes are removed. There will be no results.

[PS] C:\>Set-ADServerSettings -ViewEntireForest $true; Get-Mailbox -Arbitration | Format-Table Name, ServerName, Database, AdminDisplayVersion, ProhibitSendQuota

Remove audit mailbox

Let’s remove the audit mailbox too. It’s only one mailbox. A prompt will show up if you are sure to delete the object. Click on Yes

Recreate arbitration mailboxes in Exchange Server remove audit mailbox

Run the cmdlet to check if the audit mailbox is removed.

[PS] C:\>Set-ADServerSettings -ViewEntireForest $true; Get-Mailbox -AuditLog | Format-Table Name, ServerName, Database, AdminDisplayVersion, ProhibitSendQuota

In the next step, we are going to recreate the arbitration mailboxes and the audit mailbox.

Recreate arbitration mailboxes and audit mailbox

Find the Exchange Server ISO file in your files. If you don’t have it, download Exchange Server ISO from the Microsoft website. After it’s finished downloading, mount the ISO.

Recreate arbitration mailboxes in Exchange Server mount Exchange ISO

Note: Always save the Exchange Server ISO files because Microsoft does not keep the ISO files available online if newer versions are released.

Find to which drive letter the ISO is mounted. In our example, it’s the I: drive.

Recreate arbitration mailboxes in Exchange Server check drive letter

Run Command Prompt as administrator and run the command I:\Setup.exe /IAcceptExchangeServerLicenseTerms_DiagnosticDataOFF /PrepareAD. This will recreate the missing arbitration mailboxes and the audit mailbox.

C:\>I:\Setup.exe /IAcceptExchangeServerLicenseTerms_DiagnosticDataOFF /PrepareAD

Microsoft Exchange Server 2016 Cumulative Update 16 Unattended Setup

Copying Files...
File copy complete. Setup will now collect additional information needed for installation.


Performing Microsoft Exchange Server Prerequisite Check

    Prerequisite Analysis                                                                             COMPLETED

Configuring Microsoft Exchange Server

    Organization Preparation                                                                          COMPLETED

The Exchange Server setup operation completed successfully.

Start ADUC and make sure that you click the refresh button in the toolbar. If that doesn’t work, close and start ADUC. Verify that the PrepareAD setup created the arbitration mailboxes and audit mailbox in ADUC. A total of eight mailboxes.

Check recreated AD objects

Run both cmdlets to check if the arbitration mailboxes and audit mailbox appear. The results are empty, but why is that? That’s because we have to enable the mailboxes.

[PS] C:\>Set-ADServerSettings -ViewEntireForest $true; Get-Mailbox -Arbitration | Format-Table Name, ServerName, Database, AdminDisplayVersion, ProhibitSendQuota

[PS] C:\>Set-ADServerSettings -ViewEntireForest $true; Get-Mailbox -AuditLog | Format-Table Name, ServerName, Database, AdminDisplayVersion, ProhibitSendQuota

In the next step, we are going to enable the arbitration mailboxes. We will also enable the audit mailbox.

Enable arbitration mailboxes

Enable Microsoft Exchange Federation Mailbox

There are two cmdlets that we have to run.

[PS] C:\>Enable-Mailbox -Identity "FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042" -Arbitration

Name                      Alias                ServerName       ProhibitSendQuota
----                      -----                ----------       -----------------
FederatedEmail.4c1f4d8... FederatedEmail.4c... ex01-2016        Unlimited


[PS] C:\>Set-Mailbox -Identity "FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042" -Arbitration -ProhibitSendQuota 1MB -Force

Enable Microsoft Exchange Migration mailbox

Run the two cmdlets.

[PS] C:\>Enable-Mailbox -Identity "Migration.8f3e7716-2011-43e4-96b1-aba62d229136" -Arbitration

Name                      Alias                ServerName       ProhibitSendQuota
----                      -----                ----------       -----------------
Migration.8f3e7716-201... Migration.8f3e771... ex01-2016        Unlimited


[PS] C:\>Set-Mailbox -Identity "Migration.8f3e7716-2011-43e4-96b1-aba62d229136" -Arbitration -Management $true -ProhibitSendQuota 300MB -Force

Enable Microsoft Exchange Approval Assistant mailbox

Run the cmdlet.

[PS] C:\>Get-User -ResultSize Unlimited | where {$_.Name -like "SystemMailbox{1f05a927*"} | Enable-Mailbox -Arbitration

Name                      Alias                ServerName       ProhibitSendQuota
----                      -----                ----------       -----------------
SystemMailbox{1f05a927... SystemMailbox{1f0... ex01-2016        Unlimited

Enable Microsoft Exchange organization mailbox for OABs

Run the three cmdlets.

[PS] C:\>Enable-Mailbox -Identity "SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c}" -Arbitration

Name                      Alias                ServerName       ProhibitSendQuota
----                      -----                ----------       -----------------
SystemMailbox{bb558c35... SystemMailbox{bb5... ex01-2016        Unlimited


[PS] C:\>Set-Mailbox -Identity "SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c}" -Arbitration -UMGrammar $true -OABGen $true -GMGen $true -ClientExtensions $true -MessageTracking $true -PstProvider $true -MaxSendSize 1GB -Force
WARNING: You must invoke Update-OfflineAddressBook manually against at least one Offline Address Book in this organization in order to activate the OAB generation capability of this mailbox.


[PS] C:\>$OABMBX = Get-Mailbox "SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c}" -Arbitration; Set-ADUser $OABMBX.SamAccountName -Add @{"msExchCapabilityIdentifiers"="40","42","43","44","47","51","52","46"}

A warning is showing that you must invoke the cmdlet Update-OfflineAddressBook manually. Get the Offline Address Book and run an update.

[PS] C:\>Get-OfflineAddressBook

Name                         Versions   AddressLists
----                         --------   ------------
Default Offline Address Book {Version4} {\Default Global Address List}


[PS] C:\>Update-OfflineAddressBook -Identity "Default Offline Address Book"

Enable Microsoft Exchange Discovery system mailbox

Run two cmdlets to enable.

[PS] C:\>Enable-Mailbox -Identity "SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9}" -Arbitration

Name                      Alias                ServerName       ProhibitSendQuota
----                      -----                ----------       -----------------
SystemMailbox{e0dc1c29... SystemMailbox{e0d... ex01-2016        Unlimited


[PS] C:\>Set-Mailbox -Identity "SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9}" -Arbitration -UMDataStorage $true -Force

Enable arbitration mailbox Exchange 2016 CU8 and later (1)

Microsoft did not put any information regarding this arbitration mailbox at the time of writing. One cmdlet to enable.

[PS] C:\>Enable-Mailbox -Identity "SystemMailbox{D0E409A0-AF9B-4720-92FE-AAC869B0D201}" -Arbitration

Name                      Alias                ServerName       ProhibitSendQuota
----                      -----                ----------       -----------------
SystemMailbox{D0E409A0... SystemMailbox{D0E... ex01-2016        Unlimited

Enable arbitration mailbox Exchange 2016 CU8 and later (2)

At the moment, Microsoft did not yet put any information regarding this arbitration mailbox. Run the seven cmdlets.

[PS] C:\>Enable-Mailbox -Identity "SystemMailbox{2CE34405-31BE-455D-89D7-A7C7DA7A0DAA}" -Arbitration

Name                      Alias                ServerName       ProhibitSendQuota
----                      -----                ----------       -----------------
SystemMailbox{2CE34405... SystemMailbox{2CE... ex01-2016        Unlimited


[PS] C:\>$ShardMBX = Get-Mailbox -Identity "SystemMailbox{2CE34405-31BE-455D-89D7-A7C7DA7A0DAA}" -Arbitration
[PS] C:\>Set-ADUser $ShardMBX.SamAccountName -Add @{"msExchCapabilityIdentifiers"="66"}
[PS] C:\>Set-ADUser $ShardMBX.SamAccountName -Add @{"msExchMessageHygieneSCLDeleteThreshold"="9"}
[PS] C:\>Set-ADUser $ShardMBX.SamAccountName -Add @{"msExchMessageHygieneSCLJunkThreshold"="4"}
[PS] C:\>Set-ADUser $ShardMBX.SamAccountName -Add @{"msExchMessageHygieneSCLQuarantineThreshold"="9"}
[PS] C:\>Set-ADUser $ShardMBX.SamAccountName -Add @{"msExchMessageHygieneSCLRejectThreshold"="7"}

Enable audit mailbox

As of last, enable the audit mailbox.

[PS] C:\>Enable-Mailbox -Identity "SystemMailbox{8cc370d3-822a-4ab8-a926-bb94bd0641a9}" -AuditLog

Name                      Alias                ServerName       ProhibitSendQuota
----                      -----                ----------       -----------------
SystemMailbox{8cc370d3... SystemMailbox{8cc... ex01-2016        50 GB (53,687,091,200 bytes)

Verify arbitration mailboxes

The mailboxes are placed in random mailbox databases. In our example, it’s placed in mailbox databases DB01 and DB02. You can always move the arbitration mailboxes to another database.

[PS] C:\>Set-ADServerSettings -ViewEntireForest $true; Get-Mailbox -Arbitration | Format-Table Name, ServerName, Database, AdminDisplayVersion, ProhibitSendQuota

Name                                                ServerName Database AdminDisplayVersion         ProhibitSendQuota
----                                                ---------- -------- -------------------         -----------------
SystemMailbox{1f05a927-92b3-4677-b58e-289476b74140} ex01-2016  DB01     Version 15.1 (Build 1979.3) Unlimited
SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c} ex01-2016  DB02     Version 15.1 (Build 1979.3) Unlimited
SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9} ex01-2016  DB01     Version 15.1 (Build 1979.3) Unlimited
Migration.8f3e7716-2011-43e4-96b1-aba62d229136      ex01-2016  DB02     Version 15.1 (Build 1979.3) 300 MB (314,572,800 bytes)
FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042 ex01-2016  DB02     Version 15.1 (Build 1979.3) 1 MB (1,048,576 bytes)
SystemMailbox{D0E409A0-AF9B-4720-92FE-AAC869B0D201} ex01-2016  DB02     Version 15.1 (Build 1979.3) Unlimited
SystemMailbox{2CE34405-31BE-455D-89D7-A7C7DA7A0DAA} ex01-2016  DB01     Version 15.1 (Build 1979.3) Unlimited

Arbitration mailboxes are showing up and looking great.

Verify audit mailbox

[PS] C:\>Set-ADServerSettings -ViewEntireForest $true; Get-Mailbox -AuditLog | Format-Table Name, ServerName, Database, AdminDisplayVersion, ProhibitSendQuota

Name                                                ServerName Database AdminDisplayVersion         ProhibitSendQuota
----                                                ---------- -------- -------------------         -----------------
SystemMailbox{8cc370d3-822a-4ab8-a926-bb94bd0641a9} ex01-2016  DB01     Version 15.1 (Build 1979.3) 50 GB (53,687,091,200 bytes)

Audit mailbox is showing up. Everything is looking fantastic.

Keep reading: Cannot delete mailbox database in Exchange Server »

Conclusion

You learned how to recreate arbitration mailboxes in Exchange Server. Not only that, but you also learned that there is another system mailbox showing in Active Directory. It makes it confusing if you see a system mailbox in AD, but you can’t find it when running the Get-Mailbox -Arbitration switch. That’s because you have to run Get-Mailbox -AuditLog switch. After you recreate the mailboxes, don’t forget to enable them.

Did you enjoy this article? You may also like Enable search indexing Exchange. Don’t forget to follow us and share this article.

ALI TAJRAN

ALI TAJRAN

ALI TAJRAN is a passionate IT Architect, IT Consultant, and Microsoft Certified Trainer. He started Information Technology at a very young age, and his goal is to teach and inspire others. Read more »

TwitterLinkedIn

What Others Are Reading

This Post Has 14 Comments

  3. Hi Ali , Can you help me or guide on my issue I have user “AdminDisplayVersion” is missing on his mailbox
    Get-Mailbox username@domain.com | fl *version*
    AdminDisplayVersion :
    CalendarVersionStoreDisabled : False
    ExchangeVersion : 0.20 (15.0.0.0)

    with this issue not able to block legacy authentication policy for this account

    Reply

  4. Hi Ali,

    I am in the process of recreating the arbitration mailbox for Exchange 2013. When I executed the command .\Setup /preparead /IAcceptExchangeServerLicenseTerms It throwed me the below error.

    E:\>.\Setup /preparead /IAcceptExchangeServerLicenseTerms

    Welcome to Microsoft Exchange Server 2013 Service Pack 1 Unattended Setup
    Copying Files…
    File copy complete. Setup will now collect additional information needed for installation.

    The Exchange Server setup operation didn’t complete. More details can be found in ExchangeSetup.log located in the
    :\ExchangeSetupLogs folder.

    In ExchangeSetup.log file below is the error I got.

    [08/15/2022 13:39:37.0521] [0] Command Line Parameter Name=’preparead’, Value=”.
    [08/15/2022 13:39:37.0521] [0] Command Line Parameter Name=’iacceptexchangeserverlicenseterms’, Value=”.
    [08/15/2022 13:39:37.0521] [0] Command Line Parameter Name=’sourcedir’, Value=’E:\’.
    [08/15/2022 13:39:37.0568] [0] RuntimeAssembly was started with the following command: ‘/preparead /IAcceptExchangeServerLicenseTerms /sourcedir:E:”‘.
    [08/15/2022 13:39:37.0568] [0] The registry key, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Exchange\v8.0, wasn’t found.
    [08/15/2022 13:39:37.0568] [0] The registry key, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ExchangeServer\v14, wasn’t found.
    [08/15/2022 13:39:37.0568] [0] Copying Files…
    [08/15/2022 13:39:37.0568] [0] Starting copy from E:\Setup\ServerRoles\Common to C:\Windows\Temp\ExchangeSetup.
    [08/15/2022 13:40:24.0503] [0] Finished copy from E:\Setup\ServerRoles\Common to C:\Windows\Temp\ExchangeSetup.
    [08/15/2022 13:40:24.0519] [0] File copy complete. Setup will now collect additional information needed for installation.
    [08/15/2022 13:40:24.0519] [0] Assembly dll file location is C:\Windows\Temp\ExchangeSetup\Microsoft.Exchange.Setup.Console.dll
    [08/15/2022 13:40:25.0831] [0] Setup is choosing the domain controller to use
    [08/15/2022 13:40:25.0987] [0] The MSExchangeADTopology has a persisted domain controller:
    [08/15/2022 13:40:26.0097] [0] [ERROR] Exception has been thrown by the target of an invocation.
    [08/15/2022 13:40:26.0144] [0] [ERROR] Method not found: ‘Boolean Microsoft.Exchange.Data.Mime.MimeAddressParser.IsValidDomain(System.String, Int32, Boolean)’.
    [08/15/2022 13:40:26.0144] [0] CurrentResult SetupLauncherHelper.loadassembly:444: 1
    [08/15/2022 13:40:26.0144] [0] The Exchange Server setup operation didn’t complete. More details can be found in ExchangeSetup.log located in the :\ExchangeSetupLogs folder.
    [08/15/2022 13:40:26.0144] [0] CurrentResult main.run:235: 1
    [08/15/2022 13:40:26.0144] [0] CurrentResult setupbase.maincore:396: 1
    [08/15/2022 13:40:26.0144] [0] End of Setup

    Can you help me in identifying the issue?

    Reply

  5. Great article! Very helpful. Thank you!!

    On Exchange Server 2019 CU12 the install command is “.\Setup /preparead /IAcceptExchangeServerLicenseTerms_DiagnosticDataON”.

    Reply

  6. I was handed a new client with an on-premise 2019 exchange server. everything is messed up about it. very amateur install. this write up cleaned up so many issues! thanks you.

    Reply

  7. I removed the arbitration mailboxes, but running setup with the /preparead option fails at the mailbox role. Any ideas?

    Reply

  8. To recreate exchange 2010 arbitration mailboxes with Exch 2016 coexist, can I use Exchange 2016 installer to run /PrepareAD to recreate those 2010 arbitration mailboxes? Thanks

    Reply

    1. Yes, recreate the mailboxes from the Exchange Server 2016 installer.

      They are not explicit Exchange Server 2010 arbitration mailboxes because they are identical to other Exchange Server versions. But, Microsoft added new arbitration mailboxes within every Exchange Server.

      After you recreate the arbitration mailboxes, move them to the Exchange Server 2016 mailbox database. Also, administer Exchange Server from the highest Exchange Server version; so in your case, from Exchange Server 2016.

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *