Exchange RPC Client Access service won’t start…
Note: I wrote this back in July 2012, but I got rid of my Wordpress site and wanted to move it over to Medium. It was still getting a few hits so thought I’d keep it available.
I was asked to go and look at a new Exchange 2010 implementation today as they couldn’t get Outlook to connect. It was a single server implementation with all roles on one box but the first thing I noticed was that the Exchange RPC Client Access service was not started. Starting it just resulted in it stopping immediately.
After looking in the Application log I found an error with Event ID 1002 MSExchangeRPC:
Failed to register service principal name ExchangeMDB. Failed with error code Access is denied (5).
After a bit of googling I found an ExpertsExchange article (Sorry, I’ve lost the link now) and it led to the following PowerShell command which resolved the issue:
Add-ADPermission -Identity "CN=ServerName,OU=OUName,DC=Domain,DC=Local"
-User "ServerName$" -AccessRights WriteProperty -Properties "Validated-SPN"
Note: Remember to put the ‘$’ after the ServerName for the -User attribute.
Also, when trying to perform this command in the Exchange shell it gave me an “Access Denied” error. To get it to correctly apply I had to do this:
1. Load up the regular Powershell command-line console.
2. Type ImportSystemModules and hit Enter. This will load a crap load of system libraries.
3. Then type the command above and it should allow you to run it.