RESOLUTION:
1. The migration account needs to be:
a. Found in the GAL
b. Local administrator on the migration server
c. To be member of the exchange Organization Manager group (see below Powershell command)
d. Ideally the account needs to have enough exchange and AD permissions
to see the exchange and AD structure
e. If you have different domains/subdomains:
try to create the migration account(or move it) in parent domain xxx.xxx
and use it in the migration pre-requisite checker instead.
f. On the migration server, under server manager, make sure the following is selected:
- .NET 3.5 and .NET 4.5 are selected
- powershell 2.0 is selected
g. The Migration server/workstation needs to be added to the network
Other permissions that you should have/run are as follows:
2. Get-Mailbox -ResultSize unlimited | Add-MailboxPermission –User migadmin-acct
-AccessRights FullAccess -InheritanceType All
Notes: put all in one line, and migadmin-acct is your migration account
3. get-mailboxdatabase | add-adpermission -user <username> -extendedrights receive-as
4. Add-RoleGroupMember 'Organization Management' -member <UserAcct>
where <UserAcct> is the admin’s SecurityPrincipalIdParameter.
5. The admin account must be configured
with remote PowerShell enabled, by this Exchange Shell command:
Set-User <alias> -remotepowershellenabled $true
6. Make sure that you have a working SSL/Certificate in place
if you are using one in your environment