Wednesday, February 4, 2009

Exchange 2007 PurportedSearch Error

This "PurportedSearch" error was a hard one to track down. I was installing the Mailbox role, for the Exchange 2003 to Exchange 2007 migration, and during the perquisites stage it would error out because there was an invalid character present in a custom Recipient Policy, as listed below:

Mailbox Role Prerequisites

An unexpected '(' character is found in the 'purportedSearch' attribute of the Recipient Policy 'firstdotlast', it will cause setup to fail. Please remove it and rerun setup. Current value: (&(&(& (mailnickname=*) (| (&(objectCategory=person)(objectClass=user)(!(homeMDB=*))(!(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=user)(|(homeMDB=*)(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=contact))(objectCategory=group)(objectCategory=publicFolder)(objectCategory=msExchDynamicDistributionList) )))).

I did numerous searches on the web and I found nothing conclusive; that's when I decided to burn one of the two Support Incidents I get with my TechNet subscription. The Microsoft tech knew right away what the issue was and how to get around it. It seems the old recipient policy in LDAP form needs to be converted to OPATH during an Exchange 2003 to 2007 migration and I hadn't done that...really, who knew? I hadn't read this in any of my numerous Exchange 2007 books or saw it on any website, but maybe I missed it.

The workaround was to open the ADSI editor(adsiedit.msc) and browse over to the recipient policy in question, copy and save the contents to a text file, then clear the value.
Here's the path for the ADSI editor: Configuration -> CN=Configuration,DC=company,DC=com -> CN=Services -> CN=Microsoft Exchange -> CN=Company -> CN=Recipient Policies -> CN=custom policy

Once that was done, I re-ran the Exchange 2007 Mailbox role installation and it went perfectly. Next was to reopen the ADSI editor and take the data from the text file and repopulate the purportedSearch value.

The Microsoft tech was very helpful and pointed me to a TechNet article regarding the conversion from LDAP to OPATH Recipient Policies. Now why wasn't this addressed in the Exchange 2007 installer? It would have been a simple script to do this in the background, or at the very least how about a real clue from the installer stating the actual problem. In any case, it is all working now.

No comments:

Post a Comment