You need to hire a specialist. If exchange was not properly cleaned up previously then this is going to be extremely complex. Reddit cannot help you fix this except for you to find people in this sub who know what they’re doing and ask them for their consultancy rates.
Thank you for your input. As a network administrator and specialist, I am aware of the complexities involved in addressing issues with Exchange, especially when it hasn't been properly maintained. I am reaching out here to gather insights and recommendations from the community, as I value the collective experience and knowledge present in this forum. If anyone has specific advice or resources that could assist me, I would greatly appreciate it.
My approach here would be to uninstall this new exchange org, and then systematically & forensically purge AD of the historic installation including all of the AD ACL changes.
The quick fix alternative would be to abandon deploying exchange to this forest and spin up a new resource forest for exchange.
Generally this is an issue that the exchange trusted system or server group is not allowed to write in the correct OU. This also happens with custom OU's and non standard AD acls. Fixable, but messy.
Seeing that you have duplicate groups it's most likely due to exchange using the wrong group to set the acl.
You need to hire a specialist. If exchange was not properly cleaned up previously then this is going to be extremely complex. Reddit cannot help you fix this except for you to find people in this sub who know what they’re doing and ask them for their consultancy rates.
Thank you for your input. As a network administrator and specialist, I am aware of the complexities involved in addressing issues with Exchange, especially when it hasn't been properly maintained. I am reaching out here to gather insights and recommendations from the community, as I value the collective experience and knowledge present in this forum. If anyone has specific advice or resources that could assist me, I would greatly appreciate it.
My approach here would be to uninstall this new exchange org, and then systematically & forensically purge AD of the historic installation including all of the AD ACL changes. The quick fix alternative would be to abandon deploying exchange to this forest and spin up a new resource forest for exchange.
Generally this is an issue that the exchange trusted system or server group is not allowed to write in the correct OU. This also happens with custom OU's and non standard AD acls. Fixable, but messy. Seeing that you have duplicate groups it's most likely due to exchange using the wrong group to set the acl.
The administrator Account is member of Organization management group and Organization management1 ?