[Error Fixed]: Remove MailboxDatabase Operation Fails to Clean up Health Mailboxes Error

When trying to remove a mailbox database from Exchange Server, the mailbox remove may fail and you get an error message something like the below:

Failed to remove monitoring mailbox object of database "<database name>". Exception: Active Directory operation failed on <server name>. The error is not retriable. Additional information: Access is denied. Active Directory response: 00000005: SecErr: DSID-031520B2, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0.

The error message itself indicates that the Exchange Server has tried to delete an Active Directory object but failed due to insufficient rights.

The system mailboxes in the mailbox database have an assigned Active Directory user to it. During the cleanup process, the application also tries to delete the Active Directory object associated with it. So, you cannot just delete the object manually as this may cause inconsistency in the database or the Exchange Server configuration. You must investigate the reason why it is not deleting the object. There could be underlying issues which are causing this.

Possible Solutions to Resolve the Remove MailboxDatabase Operation Fails Issue

As indicated in the message, you need to check if there are right permissions for the Exchange Server on the Active Directory Schema. The Exchange Server must have full permissions on the Active Directory Organizational Unit (OU), which has all the Exchange Server System objects. To do so, follow these steps:

• Click on Start and then click on Administrative Tools.
• Click on Active Directory Users and Computers.
• Click on View and then click on Advanced Features.
• Expand the domain, expand Microsoft Exchange System Objects, and click on Monitoring Mailboxes.

Here, you will find all the health mailboxes related to all the mailbox databases associated with your infrastructure. You need to confirm that the Exchange Server has sufficient rights on the Organizational Unit (OU).

• Right-click on Monitoring Mailboxes and click on Properties.
• Click on the Security tab and click on Advanced.

• You need to find the entry called Exchange Servers. In the list of Access, there should be an entry with permission type – Delete subtree. If there isn’t, you need to click on Add, search for Exchange Servers, and give it access to Delete subtree with Allow.

• Click on OK.
• Then, click on OK to finalize the change.

After this operation is done, again try to remove the mailbox database.

If you have multiple Active Directory servers, wait for some time until the change has been fully propagated on all Active Direcotry servers.

It’s also important and recommended to check the audit log and change management to find the cause behind such an issue and to understand what has changed recently on the server. This will assist in finding the root cause.

There is also a possibility that there are replication issues or corruption in the Active Directory schema, causing such issues. If the problems persist even after giving the permissions, then run a full diagnosis of the Active Directory. A Domain Controller Diagnostics should be executed on domain controllers (see below), including a replication check.

Dcdiag

This will give a good overview of the health and status of the schema.

Now, check the replication summary. This can be done by using the repadmin command as given below.

Repadmin /replsummary

The above commands should be executed on all the domain controllers in the infrastructure, even on the read-only domain controllers. If there is no issue and the problem still persists, it’s recommended to open a call with the Active Directory or Server administrators for further investigation.

To Conclude

You can follow the above stepwise process to resolve the “Remove MailboxDatabase operation fails to clean up health mailboxes” error. In case the database has an issue or is corrupted and you need to move the data to another mailbox database, then you can use an advanced Exchange Database Recovery Software, such as Stellar Repair for Exchange. This software can help you open the corrupt database (EDB) file of any Exchange version and of any size. It allows to export the mailboxes and other data from EDB file directly to a live Exchange Server database or Office 365. It offers features, like priority exports for VIP users, parallel export, and automatic mailbox matching to speed up and enhance the export performance.

Was this article helpful?

YES0

NO

About The Author

Shelly Bhardwaj

I am a Product Consultant and is associated with Stellar Data Recovery from last 8 years. I write about the latest technology tips and provide custom solutions related to Exchange Server, Office 365, MS Outlook, and many other Email Clients & different flavors of OS Servers. Read More