Exchange Update Failed KB ID 0001923
Problem
While attempting to install an Exchange CU update, (CU15 for Exchange 2019), I got this error.
Error:
The following error was generated when "$error.Clear();
#
# O15# 2844081 - Create PartnerApplication "Exchange Online" in DC and On-Premise
#
$exch = [Microsoft.Exchange.Data.Directory.SystemConfiguration.WellknownPartnerApplicationIdentifiers]::Exchange;
$exchApp = Get-PartnerApplication $exch -ErrorAction SilentlyContinue -DomainController $RoleDomainController | Where { $_.UseAuthServer } | Where { [string]::IsNullOrEmpty($_.IssuerIdentifier)};
if ($exchApp -eq $null)
{
$exchAppName = "Exchange Online";
$exchApp = New-PartnerApplication -Name $exchAppName -ApplicationIdentifier $exch -Enabled $RoleIsDatacenter -AcceptSecurityIdentifierInformation $false -DomainController $RoleDomainController;
}
# Create application account for Exchange
$appAccountName = $exchApp.Name + "-ApplicationAccount";
$appAccount = Get-LinkedUser -Identity $appAccountName -ErrorAction SilentlyContinue -DomainController $RoleDomainController;
if ($appAccount -eq $null)
{
$appAccountUpn = $appAccountName.Replace(" ", "_") + "@" + $RoleFullyQualifiedDomainName;
$appAccount = New-LinkedUser -Name $appAccountName -UserPrincipalName $appAccountUpn -DomainController $RoleDomainController;
Set-PartnerApplication -Identity $exchApp.Identity -LinkedAccount $appAccount.Identity -DomainController $RoleDomainController;
}
foreach ($roleName in ("UserApplication", "ArchiveApplication", "LegalHoldApplication", "Mailbox Search", "TeamMailboxLifecycleApplication", "MailboxSearchApplication", "MeetingGraphApplication"))
{
$roleIdentity = Get-ManagementRole $roleName -DomainController $RoleDomainController;
$roleAssignment = Get-ManagementRoleAssignment -Role $roleIdentity.Identity -RoleAssignee $appAccount.Identity -DomainController $RoleDomainController;
if ($roleAssignment -eq $null)
{
New-ManagementRoleAssignment -Role $roleName -User $appAccount.Identity -DomainController $RoleDomainController;
}
}
" was run: "Microsoft.Exchange.Data.Directory.ADObjectAlreadyExistsException: Active Directory operation failed on EXCH-2019.ubique.com. The object 'CN=Exchange Online-ApplicationAccount,CN=Users,DC=ubique,DC=com' already exists. ---> System.DirectoryServices.Protocols.DirectoryOperationException: The object exists.
at System.DirectoryServices.Protocols.LdapConnection.ConstructResponse(Int32 messageId, LdapOperation operation, ResultAll resultType, TimeSpan requestTimeOut, Boolean exceptionOnTimeOut)
at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
at Microsoft.Exchange.Data.Directory.GuardedDirectoryExecution.Execute[T](String bucketName, Func`1 action, Int64& concurrency)
at Microsoft.Exchange.Data.Directory.PooledLdapConnection.GuardedSendRequest(String forestName, GuardedDirectoryExecution guardedDirectoryExecution, DirectoryRequest request, TimeSpan timeout, Func`3 sendRequestDelegate, Int64& concurrency)
at Microsoft.Exchange.Data.Directory.PooledLdapConnection.SendRequest(DirectoryRequest request, LdapOperation ldapOperation, Nullable`1 clientSideSearchTimeout, IADLogContext logContext, Boolean shouldLogLastFilter)
at Microsoft.Exchange.Data.Directory.ADDataSession.ExecuteModificationRequest(ADObject entry, DirectoryRequest request, ADObjectId originalId, Boolean emptyObjectSessionOnException, Boolean isSync)
--- End of inner exception stack trace ---
at Microsoft.Exchange.Data.Directory.ADDataSession.AnalyzeDirectoryError(PooledLdapConnection connection, DirectoryRequest request, DirectoryException de, Int32 totalRetries, Int32 retriesOnServer, String callerFilePath, Int32 callerFileLine, String memberName)
at Microsoft.Exchange.Data.Directory.ADDataSession.ExecuteModificationRequest(ADObject entry, DirectoryRequest request, ADObjectId originalId, Boolean emptyObjectSessionOnException, Boolean isSync)
at Microsoft.Exchange.Data.Directory.ADDataSession.Save(ADObject instanceToSave, IEnumerable`1 properties, Boolean bypassValidation)
at Microsoft.Exchange.Data.Directory.Recipient.ADRecipientObjectSession.Save(ADRecipient instanceToSave, String callerFilePath, Int32 callerFileLine, String memberName)
at Microsoft.Exchange.Data.Directory.Recipient.ADRecipientObjectSession.Microsoft.Exchange.Data.IConfigDataProvider.Save(IConfigurable instance, String callerFilePath, Int32 callerFileLine, String memberName)
at Microsoft.Exchange.Configuration.Tasks.SetTaskBase`1.InternalProcessRecord()
at Microsoft.Exchange.Configuration.Tasks.NewTaskBase`1.InternalProcessRecord()
at Microsoft.Exchange.Configuration.Tasks.NewADTaskBase`1.InternalProcessRecord()
at Microsoft.Exchange.Configuration.Tasks.Task.b__91_1()
at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)".
The IMPORTANT part of that error is this line.
The object ‘CN=Exchange Online-ApplicationAccount,CN=Users,DC=domain-name,DC=com’ already exists.
Solution : Exchange Update Failed
Now I know this server was not in Hybrid mode nor did it have any connection to Exchange online. So I simply manually removed that account, use the first commend to locate the Exchange Online account, then (providing it exists of course,) delete it with the second command.
Get-PartnerApplication Remove-PartnerApplication "Exchange Online"
I thought that would solve the problem, unfortunately it DID NOT, I had to locate the user object and manually delete it from AD.
Then the upgrade proceeded without error.
Related Articles, References, Credits, or External Links
NA
