skip to Main Content

Recreate audit log mailbox in Exchange Server

How to recreate the audit log mailbox in Exchange Server? The audit log mailbox, also known as AuditLog mailbox, is a system mailbox. You can find it in Active Directory Users and Computers (ADUC) or with PowerShell. It can happen that the mailbox is not available in AD. In this article, you will learn how to recreate AuditLog mailbox in Exchange Server.

Before you start

If you have one or multiple Exchange Servers running in the organization, you only have one AuditLog mailbox present. It means that if you have Exchange Server 2016 running and you install Exchange Server 2019, you will not have two AuditLog system mailboxes. Exchange installation is smart enough to know that there is an AuditLog mailbox available.

Sometimes an AuditLog mailbox can get corrupt or deleted. That’s when you want to recreate the AuditLog mailbox. I recommend checking the AuditLog mailbox with PowerShell instead of looking in ADUC if it’s shown.

Read more: Move audit log mailbox in Exchange Server »

Get audit log mailbox

Run Exchange Management Shell as administrator. Make use of the Get-Mailbox -AuditLog cmdlet to find the audit log mailbox in Exchange Server. In our example, we do see the audit log mailbox.

Good to know is that there is only one audit log mailbox in an Exchange Organization. That’s even if you have multiple Exchange Servers running.

If you don’t see the audit log mailbox after running the cmdlet, it means that it can’t be found. This is when the mailbox is not enabled or deleted.

Delete audit log mailbox

Go to ADUC and locate the mailbox. The default place is the Users container. If you can’t find it over there, use the search. Delete the system mailbox with the name SystemMailbox{8cc370d3-822a-4ab8-a926-bb94bd0641a9}.

Recreate audit log mailbox in Exchange Server delete auditlog mailbox

If you like to remove the audit log mailbox with PowerShell, use the following cmdlet.

Recreate audit log mailbox

Find the Exchange Server ISO file in your files. If you don’t have it, download Exchange Server ISO from the Microsoft website. After it’s finished downloading, mount the ISO.

Recreate audit log mailbox in Exchange Server mount Exchange ISO

Always save the Exchange Server ISO files, because Microsoft does not keep the ISO files available online if newer versions are released.

Find to which drive letter the ISO is mounted. In our example, it’s the I: drive.

Recreate audit log mailbox in Exchange Server check drive letter

Run Command Prompt as administrator and run the command I:\Setup.exe /IAcceptExchangeServerLicenseTerms /PrepareAD. It will recreate the missing audit log mailbox.

Start ADUC and make sure that you click the refresh button in the toolbar. If that doesn’t work, close and start ADUC. Verify that the PrepareAD setup created the audit log mailbox in AD.

Recreate audit log mailbox in Exchange Server check recreated auditlog mailbox

Run the cmdlet to check if the audit log mailbox shows up. The result is empty, but why is that? That’s because we have to enable the mailboxes.

In the next step, we are going to enable the audit log mailbox.

Enable audit log mailbox

With one cmdlet, we can enable the audit log mailbox.

It’s always good to verify after enabling the audit log mailbox.

AuditLog SystemMailbox is showing up. Everything is looking fantastic. Did this help you to recreate AuditLog mailbox in Exchange Server?

Keep reading: Recreate arbitration mailboxes in Exchange Server »

Conclusion

In this article, you learned how to recreate audit log mailbox in Exchange Server. Sometimes you do see the audit log mailbox in ADUC, but it’s not working. That’s why it’s better to check the audit log mailbox with PowerShell. If it’s corrupted or missing, follow the steps to recreate the audit log mailbox. When done, don’t forget to verify the audit log mailbox!

Did you enjoy this article? You may also like Create mailbox database Exchange 2016. Don’t forget to follow us and share this article.

ALI TAJRAN

ALI TAJRAN

ALI TAJRAN is a passionate IT Architect, IT Consultant, and Microsoft Certified Trainer. He started Information Technology at a very young age, and his goal is to teach and inspire others. Read more »

This Post Has 0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top