Monday, September 26, 2011

RMS Shared Identity user FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042 not found

Today I was re-installing Exchange 2010 into an Active Directory forest which previously had Exchange 2010 installed. The schema was already extended with the Exchange 2010 SP1 schema extensions.

When installing Exchange 2010, installation of the Hub Transport role failed with the following error:

The following error was generated when "$error.Clear();
if ( ($server -eq $null) -and ($RoleIsDatacenter -ne $true) )
Update-RmsSharedIdentity -ServerName $RoleNetBIOSName
" was run: "RMS Shared Identity user FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042 not found.".

FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042 is a Exchange 2010 built in arbitration user account which must exist in every Exchange 2010 environment. The GUID never changes, it is always "4c1f4d8b-8179-4148-93bf-00a95fa1e042".

The setup failed because someone deleted this user account from Active Directory!

How can we get it back?

You have two ways to get this mailbox back. If you have a computer on your network with the Exchange 2010 management tools installed, you can create the user account using powershell with the following command:

New-Mailbox -Arbitration -Name FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042 -UserPrincipalName FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042@default_accepted_domain

For more information on this see Microsoft KB978776

What happens if you do not have exchange management shell installed on any computers? Well there is another way to get this account back. This account is originally created when you prepare the domain/schema. If you run /PrepareAD on your domain it will re-create this account for you. See below:


  1. Hi Clint, I notice you don't get many comments on your posts. Just wanted to say thanks and to keep up the good work!

    This post in particular really helped me out, but I have used some of your others as a reference.

    Thanks all the way from the USA,

  2. Hi, I tried the /PrepareAD command on the Exchange server but it did not create the account. Then I ran the command from the CD on the domain controller and wolla!!

  3. many thanx bro :D

  4. Hi, thanks for this article, i had to run the /prepareAD on the DC to get it working. After installation i cannot add the existing users back to the exchange console. it is complaining about users not having mailbox

  5. Hello, i am having the same issue. Does anyone have a solution for me.

  6. thanks this was what i was looking for.

  7. thanks man, i got a similar problem 5 mins ago. but now the problem is resolved !!

  8. I just had this problem when installing Exchange 2013. After deleting the account as per KB978776 the install then failed with the message you have given.
    I needed to uninstall what there was of the Exchange 2013 first and then run the PrepareAD.

    FYI - To the people who could get the PrepareAD to work on the Exchange server, check that you have the AD tools installed and have an account that is a member of Schema Admins.

  9. Another success ... in a long string of errors, mind you, but this one was really holding me up. Thanks!

  10. Thank you sir... Worked on Exchange 2010 / Server 2012 without AD tools installed.

  11. You are the great!!!!!!!

  12. Thank you for this. i've tried creating the useraccount in ADUC but with no luck. I kept getting the same error during the Exchange2013 Setup.

  13. Wao!!!! That was exactly what I needed. You have saved me hours of work. I am moving SBS 2011 to new hardware.

  14. You, sir. are a GENIUS. Thanks SO much. This worked a treat!!!

  15. Just saved me a ton of time setting up an Exchange 2013 lab VM. Worked great!