[Migrated from MSDN Exchange Dev] Problem to install exchange 2019 for migrating from 2013 to 2019.

Yuki Sun-MSFT 41,051 Reputation points Microsoft Vendor
2020-12-14T07:45:10.697+00:00

[Note] This thread was originally posted on MSDN. As the MSDN Exchange Dev forum mainly focuses on Exchange developer questions and the TechNet Exchange forums for Non-developer Exchange have been locked down and transitioned to Microsoft Q&A for support, we manually migrated this one to Microsoft Q&A platform to continue the discussion.
[MSDN thread link] Problem to install exchange 2019 for migrating from 2013 to 2019.
[Original post]

Dear All,

I have problem with install exchange 2019 for migration from 2013 to 2019. bellow error has occurrence.

My account is

-domain admin

-enterprise Admin and Schema admin

i create a new user and give all permission and test again but not working!!!

C:\Windows\system32>M:\Setup.exe /IAcceptExchangeServerLicenseTerms /PrepareAD /OrganizationName:"First Organization"

Microsoft Exchange Server 2019 Cumulative Update 7 Unattended Setup

Copying Files...
File copy complete. Setup will now collect additional information needed for installation.

Performing Microsoft Exchange Server Prerequisite Check

Prerequisite Analysis 100%

Setup will prepare the organization for Exchange Server 2019 by using 'Setup /PrepareAD'. No Exchange Server 2016 roles
have been detected in this topology. After this operation, you will not be able to install any Exchange Server 2016
roles.
For more information, visit: https://learn.microsoft.com/Exchange/plan-and-deploy/deployment-ref/readiness-checks?view=exchserver-2019

Configuring Microsoft Exchange Server

Organization Preparation 100%
The following error was generated when "$error.Clear();
$createTenantRoot = ($RoleIsDatacenter -or
$RoleIsPartnerHosted);
$createMsoSyncRoot = $RoleIsDatacenter;

$RoleDatacenterIsManagementForest is set only in
Datacenter deployment; interpret its absense as $false
[bool]$isManagementForest = ($RoleDatacenterIsManagementForest
-eq $true);

if ($RolePrepareAllDomains)
{
initialize-DomainPermissions -AllDomains:$true
-CreateTenantRoot:$createTenantRoot -CreateMsoSyncRoot:$createMsoSyncRoot -IsManagementForest:$isManagementForest;
}

elseif ($RoleDomain -ne $null)
{
initialize-DomainPermissions -Domain $RoleDomain -CreateTenantRoot:$createTenantRoot
-CreateMsoSyncRoot:$createMsoSyncRoot -IsManagementForest:$isManagementForest;
}
else
{

initialize-DomainPermissions -CreateTenantRoot:$createTenantRoot -CreateMsoSyncRoot:$createMsoSyncRoot
-IsManagementForest:$isManagementForest;
}
" was run: "Microsoft.Exchange.Data.Directory.ADOperationException: Active
Directory operation failed on DC1.ab.local. This error is not retriable. Additional information: Access is
denied.
Active directory response: 00000005: SecErr: DSID-03152612, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
--->
System.DirectoryServices.Protocols.DirectoryOperationException: The user has insufficient access rights.
at
System.DirectoryServices.Protocols.LdapConnection.ConstructResponse(Int32 messageId, LdapOperation operation, ResultAll
resultType, TimeSpan requestTimeOut, Boolean exceptionOnTimeOut)
at
System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
at
Microsoft.Exchange.Data.Directory.GuardedDirectoryExecution.ExecuteT
at Microsoft.Exchange.Data.Directory.PooledLdapConnection.GuardedSendRequest(String forestName,
GuardedDirectoryExecution guardedDirectoryExecution, DirectoryRequest request, TimeSpan timeout, Func3 sendRequestDelegate, Int64& concurrency) at Microsoft.Exchange.Data.Directory.PooledLdapConnection.SendRequest(DirectoryRequest request, LdapOperation ldapOperation, Nullable1 clientSideSearchTimeout, IADLogContext logContext, Boolean shouldLogLastFilter)
at
Microsoft.Exchange.Data.Directory.ADDataSession.ExecuteModificationRequest(ADObject entry, DirectoryRequest request,
ADObjectId originalId, Boolean emptyObjectSessionOnException, Boolean isSync)
--- End of inner exception stack trace
---
at Microsoft.Exchange.Data.Directory.ADDataSession.AnalyzeDirectoryError(PooledLdapConnection connection,
DirectoryRequest request, DirectoryException de, Int32 totalRetries, Int32 retriesOnServer, String callerFilePath,
Int32 callerFileLine, String memberName)
at
Microsoft.Exchange.Data.Directory.ADDataSession.ExecuteModificationRequest(ADObject entry, DirectoryRequest request,
ADObjectId originalId, Boolean emptyObjectSessionOnException, Boolean isSync)
at
Microsoft.Exchange.Data.Directory.ADDataSession.Save(ADObject instanceToSave, IEnumerable`1 properties, Boolean
bypassValidation)
at
Microsoft.Exchange.Data.Directory.SystemConfiguration.ADConfigurationSession.Save(ADConfigurationObject instanceToSave,
String callerFilePath, Int32 callerFileLine, String memberName)
at
Microsoft.Exchange.Management.Tasks.InitializeDomainPermissions.CreateMonitoringMailboxContainer(MesoContainer meso)

at Microsoft.Exchange.Management.Tasks.InitializeDomainPermissions.InternalProcessRecord()
at
Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__91_1()
at
Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean
terminatePipelineIfFailed)".

The Exchange Server setup operation didn't complete. More details can be found in ExchangeSetup.log located in the
<SystemDrive>:\ExchangeSetupLogs folder.

Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,632 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Ashok M 6,516 Reputation points
    2020-12-14T08:13:18.12+00:00

    Hi,

    Please try the below steps,

    1.Have you installed all pre-requisites for Exchange 2019 - https://learn.microsoft.com/en-us/exchange/plan-and-deploy/prerequisites?view=exchserver-2019
    2.Did you run \Setup.exe /IAcceptExchangeServerLicenseTerms /PrepareSchema - Is it successful?
    3.Try adding the account you are using to "Organization Management" group and run PrepareAD
    4.Enable the Inheritance to the admin account you are using - Go to Active directory users and computers -> Turn on Advanced features: View, Advanced features -> Go to the properties of the user account -> Security tab -> Advanced ->if it says "Disabled inheritance" that means its enabled, otherwise enable it
    5.Re-launch the command prompt and run

    If still issue persists, please share the Exchange setup logs as sometimes it could be issue with specific container, for instance Deleted objects
    https://social.technet.microsoft.com/Forums/lync/en-US/36fa5502-36c4-4c9f-9f4f-8507ec777f5b/insuffaccessrights-on-exchange-2013-sp1-during-preparead?forum=exchangesvrdeploy

    If the above suggestion helps, please click on "Accept Answer" and upvote it


  2. Yuki Sun-MSFT 41,051 Reputation points Microsoft Vendor
    2020-12-14T08:28:16.987+00:00

    Hi,

    My account is
    -domain admin
    -enterprise Admin and Schema admin

    Please add the account to the "Exchange Organization Management role group" as well and see how it goes. See the prerequisites listed in this link.

    If issue persists, it's suggested to follow the steps below and check the result:

    1. Open Group Policy Management on DC, expand domain name, expand the Domain Controllers OU, right click "Default Domain Policy" > Edit> Expand Policies under Computer Configuration > Windows Settings > Security Settings -> Local Policies > User Rights Assignment >Take ownership of files or other objects
    2. Select "Define these policy settings", add Administrators group, click Apply:
      47845-1.png
    3. Run "Gpupdate /force"

    If an Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.