Deleting database from Exchange 2016 - error
Failed to remove monitoring mailbox object of database "abc" Exception: Active Directory operation failed on "server.def.com" This error is not retriable. Additional information: Access is denied. Active directory response: 00000005: SecErr: DSID-0315274A, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0 .
So this was the error I got after I thought I had deleted all the mailboxes on an old test database (no longer needed) in Exchange 2016, and removed it from ECP. The database has disappeared though, so all looks OK. Just wondering if this will come back to bite me one day or I can safely move on and ignore?
thanks
Solution 1:
Health mailboxes CAN be deleted and actually they should if orphaned. The link provided in BastianW answer does involve System mailboxes management and does not help in managing health mailboxes. Basically, Health mailboxes creation logic has been changed in CU6 E2013 so it's ok to remove old health mailboxes.
Health mailbox will be, anyway, recreated upon MsEchangeHM service restart.
A detailed explanation on why it may be necessary to delete monitoring mailboxes can be found here:
https://blogs.technet.microsoft.com/admoore/2015/03/11/exchange-2013-health-mailboxes/
Solution 2:
Monitoring Mailboxes are some special mailboxes which exists in some DBs (read the Microsoft Article here for more infos). You should NEVER delete them! If needed to delete a DB where they exists in, you should move them to another DB (see here or here) before you perform that action.
But I understand its to late now as the DB is gone... So you could now run the following command (more infos here):
Get-Mailbox –Monitoring
which now might show the following:
WARNING: The object contoso.com/Microsoft Exchange System Objects/Monitoring Mailboxes/HealthMailboxd52c1cfaed1243c5b424f20726c21abb has been corrupted or isn't compatible with Microsoft support requirements, and it's in an inconsistent state. The following validation errors happened: WARNING: Database is mandatory on UserMailbox.
As the health Mailbox used by the monitoring do no longer exists.
If that is the case you could follow the Howtos here or here to get that issue fixed.
P.S: The reason why you haven´t seen these mailboxes with the normal get-Mailbox might be the rason that they are deployed on the root level but you didn´t used "Set-AdServerSettings -ViewEntireForest $True". Another one is explained here and the reason is that you didn´t use the proper commands to see system mailboxes.