exchange 2010sp1 installation error (done via dvd with included sp1)

Not open for further replies.


Hi there !
our environment:
ad domain/forest functional level: 2003
adcs: w2k8r2 - 64bit
our domain is double-labelled, e.g. company.local
we run 1 exchange server (all roles except edge and um) as a VM,
which is not yet upgraded to sp1.
this steps were done back in April 2010 without errors: /PrepareSchema /PrepareAD /OrganizationName:eek:ur-orgname /PrepareDomain
ADSIEDIT checked and i saw the our-orgname Organization
I ran into an error when installing exch2010sp1 (from the exch2010 dvd with included sp1)
on a normal server which is domain-joined :
prereqs i took BEFORE running this task:
1) install hotfixes:

Windows6.1-KB977020-v2-x64.msu ok
Windows6.1-KB979744-x64.msu (KB979744 - LockConvoy On Windows Server 2003 Post KB 971988) ok
Windows6.1-KB979099-x64.msu (Update for Rights Management Services Client for Windows Server 2008 R2 x64 Edition (KB979099) ok
Windows6.1-KB982867-v2-x64.msu (not applicable) > nach netfw 3.5 sp1 installieren: see point 18)
Windows6.1-KB983440-x64.msu (KB983440 - Win7 rollup package (PR for QFE 810219)) ok
FilterPack64bit.exe ok

2) check powershell: ok
ps prompt > help about_windows-powershell, check that you have version 2.0
(package included in w2k8r2)

3) select features > expand remote server administration tools > expand role administration tools > expand ad ds and lds tools > expand ad ds tools > selct ad ds snap-ins and command-line tools ok
4) select features > expand .NET Framework 3.5.1 features , selct .NET Framework 3.5.1 check box ok
5) expand wcf activation, select http activation + click add required role services ok
6) select rpc over http proxy check box + click add required role services ok
7) next > on web server iis page click next ok
8) on select role services page, under security, select the digest authentiaction check box ok
9) under performance select dynamic content compression check box ok
10) under iis6 mgmt compatibility, select iis6 mgmt console check box ok
11) next > install ok
12) close ok
13) start > administrative tools, click services ok
14) in services list, point to administrative tools + click services ok
15) in services list double-click net.tcp port sharing service ok
16) in net.tcp port sharing service > properties > startup type: automatic and apply ok
17) start, wait for service to start, ok, close service console ok

18) Windows6.1-KB982867-v2-x64.msu (not applicable) > after netfw 3.5 sp1 : ok
19) reboot server ok
20) install LanguagePackBundle.exe via setup.exe while installing exchange2010(sp1);
point to this file (don't rename it !)
option from setup.exe (exchange2010sp1-dvd) is step 3: choose exchange language option > install all languages from the language bundle and point to " LanguagePackBundle.exe"
21) run setup.exe with typical exchange server installation
my installer-user was member of EnterpriseAdmins, SchemaAdmins and Organization Management (exchange)
nslookup to my domain without errors;
ping to DC without errors;
correct DNS-settings;
firewall disabled;
checked " automatically install windows server roles and features required for exchange servers"
22) after all went through i received following error message:
the following error was generated when " $error.Clear(); Set-LocalPermission" was run: " the process
does not possess the 'SeSecurityPrivilege' privilege which is required for this operation

> googled around and found out that it is an old SeSecurityPrivilege problem here:
from this blog:
I ran the policytest.exe file that you can find in the \setup\serverroles\common folder from the Exchange 2007 source media. This program confirms whether the SeSecurityPrivilege right has been found on the domain controllers in the Active Directory site. This right is set on the Domain Controller Security Policy by the /PrepareDomain process. Specifically, the process grants the Manage Auditing and Security Log right. Policytest.exe confirmed that the right was present on all domain controllers.
> remember above in my post that /PrePareDomain was done back in April/2010 !
> here is my result of the policytest.exe:
This tool will check every domain controller in the local
domain to see if the " Manage auditing and security logs"
privilege granted to the " Exchange Enterprise Servers"
group by DomainPrep has replicated to that DC. If the
policy change has not yet replicated to all DCs, then
you should avoid making policy changes on any DC that
has not received those changes yet.
You must have Domain Admin rights to run this tool
successfully. If you see an error that says:
!! LsaEnumerateAccountRights returned error 5 !!
then you don't have permission to open the LSA on the
given DC.
Local domain is " clgroup.local" (CLGROUP)
LookupAccountName returned error 1332
Abnormal exit from PolicyTest
> the consequence of that error is:
1) cannot initialize my EMC
2) all the roles (cas,hub,mbx) were cancelled
> what am i supposed to do next ?
1) configure my default domain controllers policy (Manage Auditing and Security Log right...) or wait for ad sync ?
2) after that run setup.exe from dvd again ?
> i believe i can assign the roles afterwards, but no idea how to get access to EMC console
Hope someone has an idea,
some additional infos:

- can't open EMC

- don't see any MSExchange services (under services.msc), although the bin files are under c:/program files/microsoft/exchange server/V14

- after that error: configured default domain controllers policy: Manage Auditing and Security Log right and inserted Exchange Servers in there

additional patches:

found something on EHLO:
the update for the update ? didn't apply until now though

> should i rerun setup again ?


Hi Vinc,
I have run into a issue looks like yours.
The reason is some necessary DLLs for starting Exchange services were missing.
Do you run the EXBPA for the exchange 2010 RTM server, any information?
I would suggest that you prompt a backup and rebuild of the server using /recoverserver, if the The RTM install was working normally, and then upgrade to SP1 was attempted again.
If it is urgent, I also would suggest you open a ticket from MS. Because that if you want confirm the issue, we must retrieve many logs to analyze.
Not open for further replies.
Thread starter Similar threads Forum Replies Date
B Exchange 2010SP1 Distribution list Owner/Manager Exchange Server Administration 2
A Exchange 2010sp1. Several times a day, a warning event ID 906 source ESE Exchange Server Administration 6
A Exchange 2010sp1. Retention policy will not delete messages from "deleted item" Exchange Server Administration 11
A Ol16 desktopT suddenly can't connect with Exchange Using accounts in Outlook 5
T How can Exchange be configured to sync/push one-way so that the server data can't be affected Exchange Server Administration 0
E How to display "Change Folder" in Change Default Email Delivery Location in Exchange Outlook 2016 Using Outlook 1
J Outlook 2016 Moving IMAP emails to Exchange Using Outlook 1
L How to Import Exchange OST file into Outlook? Using Outlook 3
O Outlook 365 Exchange .ost within Personal Vaul Using Outlook 0
D Outlook 2016 Migrate 'On My Computer' (local storage) Calendar from Mac Outlook to Exchange Account Using Outlook 5
A .restrict results changing after moving to Exchange online Outlook VBA and Custom Forms 0
D Can Exchange Admin Center create a pst for users email/contacts/calendar? Exchange Server Administration 0
S Messages moved / deleted by auto-archive are not synchronized to exchange Exchange Server Administration 8
llama_thumper Setting up forwarders on Exchange server Exchange Server Administration 0
D Importing Outlook Categories from another domain (Exchange 2016/Outlook 2016) Using Outlook 4
M WMI query for Get Disk IO performance in exchange Exchange Server Administration 0
B Outlook 2013/Exchange 2013 - Conf Rooms not fully booking "resolved conflict" meetings Using Outlook 3
D Adding Enterprise Exchange Email Account to Outlook Prevents Sending via Account Using accounts in Outlook 10
O Benefits of Exchange over IMAP and why would I choose Exchange? Using Outlook 2
F Delete/create/reset Exchange mailbox on Using accounts in Outlook 3
A Prevent connection to Public Folders on Exchange? Exchange Server Administration 3
S Add Exchange Account as Secondary to Existing PST? Exchange Server Administration 1
S Adding new Exchange (2016) rule very slow down Microsoft Outlook Exchange Server Administration 0
CWM030 A quick question for Diane about Exchange Exchange Server Administration 2
G How to have domain client use owa server instead of exchange server while connect to network Using Outlook 1
J Outlook 2016 message content does not display -; exchange Using accounts in Outlook 9
C Filter/Search emails sent to internal Exchange address only Using Outlook 2
B Copy/Move Exchange inbox to Pop inbox Using Outlook 4
Fozzie Bear Correct Method to set up accounts as Exchange Using accounts in Outlook 7
P AutoArchive exchange folder to exchange folder Using Outlook 1
J Syncing notes between Outlook 2016/Exchange and Outlook for Android Using Outlook 2
Brian Murphy Exchange Online Everything a Transport Rule should do and cannot Exchange Server Administration 1
E Customer wants a portion of GAL from exchange to sync down to Android contacts via Activesync Using Outlook 2
R Problem with searching public folders Exchange 2013/16 Exchange Server Administration 2
I outlook 2016 manual exchange config Using Outlook 0
R Add Exchange Account to existing POP3 Outlook 2007 Profile Using Outlook 0
Fozzie Bear Office 365 Home Premium with Exchange Online email accounts Using Outlook 3
Commodore Microsoft Exchange Add-in Using Outlook 2
D Winmail.dat with MS Exchange Personal and Using accounts in Outlook 5
I Outlook 2013 Transition to Exchange - weirdnesses Using accounts in Outlook 4
E you don't have permission to perform this action exchange 2016 Exchange Server Administration 0
Diane Poremsky Set Another Data File as Default When Using an Exchange Account New Articles 0
PMR0001 Exchange cf Exchange ActiveSync Exchange Server Administration 1
PMR0001 Mydomain and Exchange post EAS Using Outlook 1
F Contacts folders not syncing with hosted exchange Using Outlook 3
L Receiving work/Exchange email to my personal email Using Outlook 2
R Outlook 2016 - How to change password in MS Exchange email client Using Outlook 0
T Uploading Outlook 2016 Contacts to Exchange Server Drops "Company" field data in 30% of records Exchange Server Administration 4
Diane Poremsky Mail-enable Exchange Public Folders New Articles 0
Similar threads