Cannot create new users into Exchange 2016 server (Hybrid) in a new Child Domain

Question

Hi,

We have added a new child domain, to the existing root AD abc.company.com domain called xyz.abc.company.com and want to be able to create new user account in the the child domain that will sync into Exchange Online form the 2016 Exchange server. However when adding the new user to the child domain OU you can browse to the child domain OU required and get the following error message when saving the user details.

The call to Microsoft Exchange Active Directory Topology service on server 'TopologyClientTcpEndpoint (localhost)' returned an error. Error details No suitable domain controller was found in domain 'xyz.abc.company.com'. Errors: .

I have read a few forums that mention running Setup.exe /IAcceptExchangeServerLicenseTerms /PrepareSchema command for new Exchange servers, but will this work for an Exchange server where all we need to do is add the new domain to the existing one? And if this is the fix for this situation is there a risk running this command could 'break' the existing domain Schema and how could this be mitigated?

The child domain is reachable and working fine in all other respects. I have authorized the new domain in exchange and emails are working fine if I add a new user with the new domain to an existing abc.company.com AD OU.

Any guidance would be appreciated.

Thanks Quincy

Answer 1

Hello Quincy,

Based on your description " when adding the new user to the child domain OU" then you got the error above, may I know what the child domain OU means?

Generally, if you only need to add the child domain to Exchange and AD under Primary domain, first you could add a domain suffix in AD environment, and also add the child domain in Exchange server as an accepted domain for mail flow purpose. However, according to my tests in my lab. When creating new users (or mailbox) with the new child domain, the user objects would be put in an OU under the primary domain. For example I have a primary domain contoso.com, and the child domain is child.contoso.com, the user with this child domain need to be put in the OU under contoso.com but not the child.contoso.com. If you need to create users with child.contoso.com and also put the user in the OU under child.contoso.com, you would need to establish another DC put in the same forest in AD, then you could be able to do that. By the way, for the command you mentioned above, as far as I know it is used to refresh and extend the AD domain schema when you have already installed Exchange server in the environment. Generally it would not affect the existing domain schema. For more details, please refer to https://docs.microsoft.com/en-us/Exchange/plan-and-deploy/prepare-ad-and-domains?view=exchserver-2019.

Please feel free to let me know if you have any other concern, thanks.

Best Regards,

Oliver

Answer 2

Hi Oliver,

My issue was resolved by running the Setup.exe /IAcceptExchangeServerLicenseTerms /PrepareSchema and Setup.exe /IAcceptExchangeServerLicenseTerms /PrepareAllDomains commands on the Child Domain controller. Running the /PrepareAllDomains switch instead of the singular /PrepareAD command made the difference in my case. Another tip is to ensure you can see the Schema master from the child domain controller and vice versa.

Thanks you for your assistance.

Quincy.