1
Answer

AD Account creation failure for name/address having numbers

Kiran Chinta

Kiran Chinta
6y
709
1

While performing queries against Active Directory Domain Services using one of the .NETs’ reference/namespace i.e., System.DirectoryServices, we are unable to create AD account containing numeric(s) in Display Name or Email Address. It’s a 2 step process, creating the mailbox and then updating all the other attributes. While creating the mailbox we are not getting any error, however while updating the attributes to the same mailbox we are getting an custom error as mailbox / sAMAccountName doesn’t exist.

We are using the same DC throughout the code. Moreover, the code is working fine if the proposing display name and email address doesn’t have numeric(s). Since the Exchange 2016 servers have been upgraded to CU8, we are facing this issue. We are using the .NET code instead of Exchange to avoid manual intervention. It’s integrated with other systems to auto generate the mail boxes and AD accounts. It’s a 2 step process because we can’t pass all the other attributes to the New-Mailbox cmdlet. Once the mailbox gets created, we are updating it with the other attributes.

In Event Viewer, the object was created, modified & finally deleted. The deletion is happening automatically which is exceptional.

Attached the code snippet
 
 
Answers (1)
1
Amira Bedhiafi

Amira Bedhiafi

345 5k 652.5k 4w

The issue you're encountering with creating Active Directory (AD) accounts containing numbers in the Display Name or Email Address may stem from validation constraints introduced after upgrading to Exchange 2016 CU8.

Your .NET code uses System.DirectoryServices to create a mailbox and update its attributes in a two-step process. While the mailbox creation succeeds, updating attributes fails with an error indicating the mailbox or sAMAccountName doesn’t exist, and the object is eventually deleted.

To debug, make sure the strPrimarySmtpAddress and strName are correctly formatted, especially when appending numbers, as shown in your code:

strPrimarySmtpAddress = dr["firstName"].ToString().Replace(" ", "").Replace(".", "") + "." + dr["lastName"].ToString().Replace(" ", "").Replace(".", "") + i.ToString() + strSMTPDomain;
strName = dr["firstName"].ToString().Replace(".", "") + " " + dr["lastName"].ToString().Replace(".", "") + " " + dr["workerID"].ToString();

Aslo , you need to verify that no naming constraints or custom scripts are enforcing restrictions on numeric characters. 

try {
    powershell.Invoke();
} catch (Exception ex) {
    WriteToErrorLog("Error creating mailbox", ex.Message, "Application Exception");
}
Next Recommended Forum