When migrating from Exchange 2003 often in the combination when a customer uses a third party utility to create user accounts you can get into trouble with trailing whitespaces in the Display name of the user. A user with a trailing whitespace in the display name cannot be managed by the Exchange Management Console (EMC) of Exchange Management Shell (EMS). The errors/warnings needs to be fixed.
WARNING: Object msexchangeblog.lan/Resources/Users/Johnson, has been corrupted and it is in an inconsistent state. The following
validation errors have occurred:
WARNING: The DisplayName property contains leading or trailing whitespace, which must be removed.
You can do this one by one, but if there are loads of them you can use the script below.
get-mailbox -identity jjohnson | Foreach { Set-Mailbox -Identity $_.Identity -DisplayName $_.DisplayName.Trim() -EmailAddressPolicyEnabled $false}
Use the “-emailaddresspolicyenabled $false” parameter if the Email Address Policy does not match the email addresses of your users. If you don’t disable the policy, the Email Address Policy will be applied on the user. This is also happening when moving the user to Exchange 2010. Is the Email Address Policy is well used, then you can leave out the “-emailaddresspolicyenabled $false” parameter.
“‘@’, where ‘@’ cannot be the last character” error
Another issue that I can across was that some Active Directory users didn’t have an User Principal Name filled in. When fixing the user object like described in the blog of Daniel Davis ( blog ), the user can be managed by the EMC and the EMS.
WARNING: The property value is invalid. The value can’t contain leading or trailing whitespace.
WARNING: The object msexchangeblog.lan/Resources/Users/Johnson, John has been corrupted, and it’s in an inconsistent state. The following validation errors happened:
WARNING: Property expression “jjohnson” isn’t valid. Valid values are: Strings that includes ‘@’, where ‘@’ cannot be the last character
You can fix the error by adding the UserPrincipalName one by one, or you can use a tool like Admodify.NET .
You can walk through the following steps to fix the UPN on the user accounts:
- Start ADModify.exe
- In Domain List, select the domain
- In Domain Controller List, select one of your domain controllers
- Hit the green button
- Your domain name will be appearing in the Domain Tree List
- Browse to your OU where the affected Domain Users are
- Select the OU and click on Add to list
- Select the affected users and click on Next
- Select the Account tab and select UPN
- Select Legacy Account and %SAMAccountName% is filled in
- Select your domain name and hot Go!