Symptoms

Exchange or AD related tasks fail with one of the following errors:

Task name  Initialize mailbox with E-Mail Address 'name@domain.tld' (id=7387954)
Last execution output   Provisioning request failed. Error in 'SW Managed Exchange.InitMailbox'.
There was a problem accessing Active Directory. Check your network connections and try again.

Error position:
At C:\Windows\TEMP\tmp_098ac56a-d5ba-40b0-bb00-5640dd8eb01d_ztyg51jv.c4z\tmp_098ac56a-d5ba-40b0-bb00-5640dd8eb01d_ztyg51jv.c4z.psm1:3757 char:31
+ $steppablePipeline.End <<<< ()
Type: Parallels.Wpe.PowerShell.PowerShellException.

or

Task name Grant permissions for public folder 'PF' (id=123456)
Method name     
grantFolderPermissionsHandler on OBJREF:Exchange:0:getPublicFolder:565134
Last execution output   
Provisioning request failed. Error in 'SW Managed Exchange.ModifyFolder'.
Exception calling "Execute" with "3" argument(s): "Multiple objects with legacy DN /O=CHOST/OU=EXCHANGE ADMINISTRATIVE GROUP (JKRJERIEWQORURIE123)/CN=RECIPIENTS/CN=USERNAME123 were found. Property Name: "
Error position:
At C:\Program Files\Parallels\Windows Provisioning Engine\Providers\Common\ProviderUtils\ProviderUtils.psm1:53 char:26
+ [void]$Context.Execute <<<< ($Provider, $Method, $exec_data)
Type: Parallels.Wpe.PowerShell.PowerShellException.

The following error can be also found in Event Viewer:

...
Microsoft.Exchange.Data.Directory.Recipient.NonUniqueRecipientException: Multiple objects with legacy DN /o=chost/ou=Exchange Administrative
   Group (JKRJERIEWQORURIE123)/cn=Recipients/cn=USERNAME123 were found.

...

Cause

There are objects with duplicate LegacyExchangeDN in Active Directory.

Resolution

LegacyExchangeDN attribute corresponds to X500 e-mail type in Exchange. The situation with duplicate attribute values can occur in case of migration. See the following articles for the reference:

To fix the issue, please do the following:

  1. Check the name of the the mailbox:

    [PS] C:\Users\pem_admin\Desktop>Get-Mailbox "info" -ResultSize Unlimited | ?{$_.LegacyExchangeDN -like "*<USERNAME>"} | fl UserPrincipalName
    UserPrincipalName : mailbox@domain.tld
    
  2. List both conflicting mailboxes using the script:

    $Mbx = Get-Mailbox "mailbox@domain.tld"
    Write-Host "Searching for: " $Mbx.LegacyExchangeDN
    Get-Mailbox $Mbx.LegacyExchangeDN | select -expand Identity WindowsEmailAddress
    
  3. Find adsiedit.msc and verify that it has duplicate LegacyExchangeDN

  4. Via Exchange Management Console (or Exchange Power Shell) remove the conflicting X500 record X500:/O=CHOST/OU=EXCHANGE ADMINISTRATIVE GROUP (JKRJERIEWQORURIE123)/CN=RECIPIENTS/CN=USERNAME123 from this mailbox using Exchange Management Console

  5. Re-run the task and make sure it is completed successfully

  6. Add the X500 record back to the mailbox if needed

Internal content

Link on internal Article