Share via

Facing issue while installing Microsoft Exchange server 2019 in production environment

Sunil Kumar 20 Reputation points
2025-01-23T07:14:02.5633333+00:00

Failed [Rule:GlobalUpdateRequired] [Message:Global updates need to be made to Active Directory, and this user account isn't a member of the 'Enterprise Admins' group.]

Failed [Rule:GlobalServerInstall] [Message:You must be a member of the 'Organization Management' role group or a member of the 'Enterprise Admins' group to continue.]

Failed [Rule:DelegatedBridgeheadFirstInstall] [Message:You must use an account that's a member of the Organization Management role group to install or upgrade the first Mailbox server role in the topology.]

Failed [Rule:DelegatedCafeFirstInstall] [Message:You must use an account that's a member of the Organization Management role group to install the first Client Access server role in the topology.]

Failed [Rule:DelegatedFrontendTransportFirstInstall] [Message:You must use an account that's a member of the Organization Management role group to install the first Client Access server role in the topology.]

Failed [Rule:DelegatedMailboxFirstInstall] [Message:You must use an account that's a member of the Organization Management role group to install or upgrade the first Mailbox server role in the topology.]

Failed [Rule:DelegatedClientAccessFirstInstall] [Message:You must use an account that's a member of the Organization Management role group to install or upgrade the first Client Access server role in the topology.]

Failed [Rule:AdInitErrorRule] [Message:Setup encountered a problem while validating the state of Active Directory: Couldn't find the Enterprise Organization container. See the Exchange setup log for more information on this error.]

We have created an additional account for the Exchange deployment and granted Enterprise Admin, Domain Admin, and Schema Admin rights.

The Exchange and AD servers are located in the same site, and the Exchange server subnet is associated with this site.

Previously, we deployed the Exchange server, but it crashed due to a hardware issue. As a result, we removed the Microsoft Exchange organization from ADSI Edit in the configuration partition. This is a new deployment.

Exchange Server
Exchange Server
A family of Microsoft client/server messaging and collaboration software.
1,433 questions
0 comments
Accepted answer
  1. Alex Zhang-MSFT 4,495 Reputation points Microsoft Vendor
    2025-01-29T01:00:57.5933333+00:00

    Hello, @Sunil Kumar,

    Great to know that the issue has already been resolved and thanks for sharing the solution so that others experiencing the same thing can easily reference this!

    Since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others(https://docs.microsoft.com/en-us/answers/support/accepted-answers#why-only-one-accepted-answer)", I'll repost your solution in case you'd like to "Accept (https://learn.microsoft.com/en-us/answers/support/accept-answer#accepted-answer-in-a-question-thread)" the answer).     

    Issue Symptom:

    The author ran into a series of errors related to permissions and Active Directory while deploying Exchange.

    Resolution:

    The issue has been resolved by removing Exchange objects from Active Directory. Here’s a summary of the steps we followed:

    Object Removal:

    We removed all Exchange-related objects from both the Configuration Partition and the Domain Partition using ADSI Edit.

    Schema and AD Preparation:

    We prepared the schema and Active Directory using the following commands:

    setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms_DiagnosticDataOFF

    setup.exe /PrepareAD /IAcceptExchangeServerLicenseTerms_DiagnosticDataOFF

    Installation:

    After successfully preparing the schema and AD, the installation process proceeded without any further issues.

    Hope you can consider accepting the answer as it could help other members of the Microsoft Q&A community who have similar questions and are looking for solutions.

    Thank you for helping to improve Microsoft Q&A!

    Best Wishes,

    Alex Zhang

    1 person found this answer helpful.

3 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Andy David - MVP 151.8K Reputation points MVP
    2025-01-23T12:50:49.07+00:00

    Ok, removing via adsiedit prob broke some things.

    The server should have been recovered running:

    https://learn.microsoft.com/en-us/exchange/high-availability/disaster-recovery/recover-exchange-servers?view=exchserver-2019

    If you cant get it going, I would highly recommend you open a support ticket with Microsoft and do no further damage.

    2 people found this answer helpful.
    0 comments
  2. Xintao Qiao-MSFT 6,115 Reputation points Microsoft Vendor
    2025-01-24T08:10:47.4733333+00:00

    Hi,@Sunil Kumar

    This issue is about encountering a series of errors related to permissions and Active Directory while deploying Exchange.

    1.Ensure that the account you are using is a member of the Enterprise Admins and Schema Admins groups. Sometimes, it can take a while for permissions to propagate. Verify that the account is also a member of the Organization Management role group.

    2.Since you mentioned removing the Microsoft Exchange organization from ADSI Edit, ensure that you have properly cleaned up any remnants of the previous Exchange installation. This includes checking the Configuration partition in ADSI Edit to ensure that there are no Exchange-related objects left. Verify that there are no residual Exchange objects in Active Directory users and computers.

    3.Re-run the "setup /PrepareSchema", "setup /PrepareAD", and "setup /PrepareDomain" commands to ensure that your AD schema and configuration are properly configured for Exchange.

    More information can be found in Prepare Active Directory and domains for Exchange Server, Active Directory Exchange Server, Exchange Server Active Directory, Exchange 2019 Active Directory | Microsoft Learn

    If none of the above works, we recommend that you contact phone technical support as soon as possible for more detailed guidance. Find Microsoft 365 for business support phone numbers by country or region - Microsoft 365 admin | Microsoft Learn

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    0 comments
  3. Sunil Kumar 20 Reputation points
    2025-01-25T05:25:00.5733333+00:00

    Hi Xintao & Andi,

    Thank you for your prompt response and assistance.

    The issue has been resolved by removing Exchange objects from Active Directory. Here’s a summary of the steps we followed:

    Object Removal:

    We removed all Exchange-related objects from both the Configuration Partition and the Domain Partition using ADSI Edit.

    Schema and AD Preparation:

    We prepared the schema and Active Directory using the following commands:

    setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms_DiagnosticDataOFF

    setup.exe /PrepareAD /IAcceptExchangeServerLicenseTerms_DiagnosticDataOFF

    Installation:

    After successfully preparing the schema and AD, the installation process proceeded without any further issues.

    Thank you again for your support during this process. Please let us know if you need further details.

    Best regards,

    Sunil

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.