We are preparing a mailbox for this user problem

  • Reading time:3 mins read
  • Post comments:0 Comments

Unable to create Exchange Online mailbox

When assigning an Office 365 license containing Exchange Online to a user, the mailbox may never be created. The message in the Office 365 portal is:

We are preparing a mailbox for this user

The problem can be (non-exhaustive list) :

  • Mailbox already exists as UserMailbox on Exchange on-premise
  • SMTP address already used (by an Exchange contact or other)
  • Duplicate Exchange alias (alias in Exchange or mailNickname)
  • Non compliant attribute (CountryOrRegion, City, etc.)

To fully understand the underlying issue, I recommend you to read this.

First step: identify if the mailbox exists on-premise

First, if you have a hybrid architecture (Exchange on-premise and Exchange Online) and with Azure AD Connect in place. You must check on the Exchange onpremise that the user does not have a UserMailbox type in the Exchange on-premise with Get-Mailbox -Identity xxx@domain.com

If the command returns a mailbox, it must be converted to RemoteMailbox. Be careful this will delete all the Exchange attributes already present (msExch*, mail, etc.):

Disable-Mailbox -Identity xxx@domain.com
Enable-RemoteMailbox -PrimarySmtpAddress xxx@domain.com -RemoteRoutingAddress xxx@domain.onmicrosoft.com

Then run Azure AD Connect synchronization. If the mailbox is still not created after a few minutes, go to the second step.

Second step: Check license assignment

Check that the user has an Office 365 license and that the Exchange Online service is checked.

After the license assignment, Office 365 provides the services for the user, it may take a while. The following PowerShell command identifies the provisioning status of the services:

 (Get-MsolUser -UserPrincipalName xxx@domain.com).Licenses[0].ServiceStatus 

A PendingInput state indicates that the service has not yet been provisioned, so wait a few moments. It is possible to carry out this command several times to follow the progress.

A Success state indicates that the service has been successfully provisioned.

Then run Azure AD Connect synchronization. If the mailbox is still not created after a few minutes, go to the third step.

Third step: Get-MsolUser -HasErrorsOnly helps identify the problem

In order to identify users in error, the following command should be used:

Get-MsolUser -HasErrorsOnly

We can now go in depth on the user with problem, here contact@itpro-tips.tk which is the address I want to put to my new user:

$errorsUser = (Get-MsolUser -UserPrincipalName contact@itpro-tips.tk).Errors
$errorsUser  | foreach-object {if($_.ErrorDetail -ne $null){"`nService: "+ $_.ErrorDetail.Name.split("/")[0]; "Error Message: "+ $_.ErrorDetail.ObjectErrors.ErrorRecord.ErrorDescription}}

In my case, the problem is related to the fact that the main SMTP address is already used by another object. To check this I use the Get-Recipient command:

Get-Recipient contact@itpro-tips.tk

This tells me that the contact@itpro-tips.tk email address is already in use by an email contact. It is up to you to act on this object (deletion of the object, modification of e-mail address, etc.). For my part I delete this contact.

After deleting the object that had the address I need, we must restart the Provisioning process, for this we must recover the objectID and do a Redo-MsolProvisionUser:

$objectID = (Get-MsolUser -UserPrincipalName contact@itpro-tips.tk).ObjectID
Redo-MsolProvisionUser -ObjectId $objectID

Leave a Reply

Close Menu