Home / server / Questions / 1158224
Accepted
tb1
Asked: 2024-04-20 05:04:24 +0800 CST

Exchange Hybrid mode - The value [ArchiveGUID] of property "ArchiveGuid" is used by another recipient object. Please specify a unique value

  • 772

We are running Exchange Hybrid Mode with remote mailbox and archive in M365. One of our employees left many months ago and so their mailbox went to soft deletion/retention. Their AD object was only disabled (never deleted), so when it got restored and synced back through Entra Connect, a new M365 user with same alias but (empty) mailbox was created (which was fine).

Our issue is that the AD user still has the prior msExchArchiveGUID for the user, and this archive is still soft deleted in EOL, but again, the user in M365 is a different version of the user. I need to figure out how to tell AD to create a new (empty) archive for the M365 user now active.

Details:

In EAC:

If I run: Get-RemoteMailbox returningUser | fl displayname, ArchiveGuid it reports from the msExchArchiveGUID property in AD.:

ArchiveGuid : some-legit-archive-guid-number

In EOL:

If I run: Get-Mailbox returningUser | fl archiveguid I get:

ArchiveGuid : 00000000-0000-0000-0000-000000000000

However, if I run: Get-EXOMailbox -SoftDeletedMailbox -Archive | where { $_.alias -eq 'returningUser' } | select Guid

I get:

Guid 
---
some-legit-archive-guid-number

What I've tried: Deleting the Hybrid-based archive, syncing, then re-adding:

In EAC: Disable-RemoteMailbox returningUser -Archive, run Entra Connect, everything looks good. msExchArchiveGUID in AD is empty. When I run Enable-RemoteMailbox returningUser -Archive the pesky prior msExchArchiveGUID returns.

I've read a lot of examples of mismatches where the solution is telling EAC to use the EOL version of the Archive GUID, but in this case it seems to be that EOL can't use the EAC version of the GUID because it's soft deleted and tied to a prior artifact user.

If anyone knows how to tell EAC to stop looking (wherever it is looking) for that prior ArchiveGUID and just issue a new archive, I'd be grateful!

Thanks!

Last note: If I run this:

Get-MsolUser -HasErrorsOnly | fl DisplayName,UserPrincipalName,@{Name="Error";Expression={($_.errors[0].ErrorDetail.objecterrors.errorrecord.ErrorDescription)}}

The error is:

{The value "some-legit-archive-guid-number" of 
property "ArchiveGuid" is used by another recipient object. 
Please specify a unique value.}

(aka same soft deleted GUID)

exchange-hybrid

1 Answers

  1. Best Answer

    The resolution ended up requiring a direct change to AD object attributes:

    While EAC had the mailbox archive enabled, I had to go directly into the AD object attributes and clear out:

    1. msExchArchiveGUID
    2. msExchArchiveName
    3. msExchArchiveStatus (set to 0)

    Then when the sync ran, it created a new error:

    Failed to enable the new cloud archive 00000000-0000-0000-0000-000000000000 of mailbox
some-mailbox-guid-id because a different archive [new-archive-guid-id] exists. 
To enable the new archive, first disable the archive on-premises. 
After the next Dirsync sync cycle, enable the archive on-premises again.

    Once this error came up, I went to a Guid to hexadecimal converter and converted the [new-archive-guid-id] to hexadecimal.

    Finally, I went back into AD and:

    1. msExchArchiveGUID <-- new hexadecimal value
    2. msExchArchiveName <-- original archive name
    3. msExchArchiveStatus (set to 1)

    For whatever reason it was not enough to disable the archive in EAC - they had to be cleared while the archive was "on" / perform the sync.

    I also had to keep running:

    Get-MsolUser -HasErrorsOnly | fl DisplayName,UserPrincipalName,@{Name="Error";Expression={($_.errors[0].ErrorDetail.objecterrors.errorrecord.ErrorDescription)}}

    during these steps in order to track the error status between forced Entra Connect syncs.

    If anyone knows the MSGraph Powershell equivalent of this Get-MSolUser command, it would be great to learn. Thanks!

    • 1