Duplication issue

Daniel Brase 196 Reputation points
2020-10-26T11:22:16.047+00:00

Hi,

we have an issue with some cmdlets if a user was synced with AAD Connect, removed from Azure (including RemoveFromRecycleBin) and synced again. Because of forced removing of the user, he had a new object id. That was expected as well as the immutable id is still the same. If we now run a get-syncrequest -mailbox <upn> (as long the mailbox is still on premise) or get-mailboxlocation -user <upn> (regardless of the mailbox is on premise or not) we get an error like this: 

There are multiple recipients matching the identity "<upn>". Please specify a unique value.
    + CategoryInfo          : NotSpecified: (:) [Get-MailboxLocation], ManagementObjectAmbiguousException
    + FullyQualifiedErrorId : [Server=BE0P281MB0258,RequestId=f681fabf-d919-4fd3-9809-448e85e823c5,TimeStamp=26.10.2020 11:05:13] [FailureCategory=Cmdlet-ManagementObjectAmbiguousException] F08196D3,Microsoft.Exchange.Management.RecipientTasks.GetMailboxLocation
    + PSComputerName        : outlook.office365.com

It seems that there is still an abandoned entry in Azure AD or ExchangeOnline. It's quite annoying that my scripts throw those errors. Does anyone have an idea why this happen or how I can remove those abandoned entries?

Thanks, Daniel.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,560 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Daniel Brase 196 Reputation points
    2020-10-27T08:24:15.847+00:00

    In reply to the comment of @Andy David - MVP because the comment section is limited to 1000 characters:

    No, a get-recipient doesn't throw an error. I have found only get-syncrequest and get-mailboxlocation cmdlets that fail but I haven't tried all other cmdlets in Exchange Online yet. Using the ObjectID may work as a workaround but doesn't solve the problem. Regarding support case: I have already opened one (#22032128) one month ago (still open) but I'm afraid they have no clue what's going on so I decided to post it here in the hope that a specialized engineer notices this issue. First they said it's because the user has not been migrated to Exchange Online yet. That was true but I can reproduce the issue even once the user has been migrated to Exchange Online. If this is a general issue I assume that this can be reproduced easily in any other environment with AAD Connect in place. Maybe someone can test it in his environment?

    Steps to reproduce:

    • Create a user on premise and sync it to AAD
    • Remove the user from AAD: Remove-MsolUser -UserPrincipalName <upn>
    • Remove the user from AAD recycle bin: Remove-MsolUser -UserPrincipalName <upn> -RemoveFromRecycleBin
    • Force a sync or wait until next sync starts
    • Use "Get-MailboxLocation -User <upn>" or "Get-SyncRequest -Mailbox <upn>" to get the error.
    0 comments