Issue description   

However, when attempting to create or modify a remote mailbox in an on-premises Exchange environment using ADManager Plus, the following error may occur:

Some error occurred when creating/modifying the Remote mailbox, No Exchange Administrative Groups Available.

This issue prevents the successful creation or modification of remote mailboxes, potentially disrupting mailbox management in hybrid setups. Resolving this error is crucial to ensure smooth mailbox operations across both on-premises and cloud environments.

Possible causes   

1. Permission issues  : The service account used in ADManager Plus doesn't have the required permissions over the Exchange on-premises server.

2. Network restrictions  : The ADManager Plus server cannot communicate with Exchange Server due to network or firewall restrictions.

3. Configuration issues  : PowerShell remoting to Exchange Server is not enabled.

Prerequisites   

• Verify that PowerShell remoting is enabled and allowed between ADManager Plus and Exchange Server.

• Confirm that the service account has the necessary permissions in Exchange.

Resolution   

Step 1: Check connectivity between ADManager Plus and Exchange Server  

1. Log in to the ADManager Plus server.
   

2. Open PowerShell and run:

• Test-NetConnection -ComputerName <ExchangeServerFQDN> -Port 80

3. If connectivity fails, ensure that the firewall allows communication on these ports. 

Step 2: Verify service account permissions  

1. Log in to the Exchange admin center (EAC).  

2. Navigate to Permissions > Admin Roles.  

3. Locate and select Organization Management.  

4. In the Members section, check if the service account is listed.  

5. If the account is missing, click Edit and add it.  

6. Save the changes and restart the ADManager Plus service to apply them.

Step 3: Enable PowerShell remoting  

1. Open PowerShell as an administrator.

2. Run the following command to enable remoting:

• Enable-PSRemoting -Force

3. Verify that PowerShell can connect to Exchange Server:

• New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://ExchangeServerFQDN/PowerShell/ -Authentication Kerberos

4. If the connection fails, check WinRM settings using:

• winrm quickconfig

Step 4: Restart ADManager Plus and reattempt mailbox creation  

1. Restart the ADManager Plus service.

2. Try creating or modifying the remote mailbox again.

Tips  

• Ensure the user account is enabled in AD before mailbox provisioning.

• Verify that the user has a valid and unique email address.

• Use the correct RemoteRoutingAddress (e.g., user@tenant.mail.onmicrosoft.com) to enable hybrid mail flow.

• Assign the appropriate mailbox database and retention policies.

• Check that Exchange GUID synchronization is enabled for hybrid environments.

• Confirm the user is synced to Entra ID if using hybrid Exchange.

• Test mail flow and connectivity after mailbox creation.

• Document changes for auditing and compliance purposes.

How to reach support