Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

You see validation errors for users in the Office 365 portal or in the Azure Active Directory Module for Windows PowerShell


View products that this article applies to.

PROBLEM

You (the administrator) receive validation errors in the Office 365 portal or in the Microsoft Azure Active Directory Module for Windows PowerShell. 
  • In the Office 365 portal, you experience one or more of the following symptoms:
    • A red circle with an "X" is displayed next to a user.
    • The following error message is displayed at the top of a user management page:
      There’s an error on one or more user accounts. To see which users are affected and the detailed error message, filter the list of users by Users with errors, select a user, and then click Edit.
      Additionally, when you view the properties of the user, you see a message in the following format:
      <Service>: <Error Message>
      The following is an example of such an error message:
      Exchange: The name "<Name>" is already being used. Please try another name
  • In the Azure Active Directory Module for Windows PowerShell, you get a validation error message when you run a cmdlet. For example, when you run the Get-MsolUser -UserPrincipalName johnsmith@contoso.com | Select Errors, ValidationStatus cmdlet, you get the following error message:
    Errors : {Microsoft.Online.Administration.ValidationError,
    Microsoft.Online.Administration.ValidationError,
    Microsoft.Online.Administration.ValidationError}
    ValidationStatus : Error

↑ Back to the top


CAUSE

The cause of the issue depends on the validation error. For more information about a specific error, run the appropriate Windows PowerShell cmdlet based on the object type in the Azure Active Directory Module for Windows PowerShell. 

For contacts

The following cmdlet retrieves all the errors on the object:
$errors = (Get-MsolContact –ObjectID <Object_ID>).Errors 
The following cmdlet iterates through each error and retrieves the service information and error message:
$errors | foreach-object {"`nService: " + $_.ErrorDetail.Name.split("/")[0]; "Error Message: "+ $_.ErrorDetail.ObjectErrors.ErrorRecord.ErrorDescription} 
For example, run the following cmdlets:
$errors = (Get-MsolContact –ObjectID 430ecced-b2c5-455b-94df-ab2b5756b060 ).Errors 
$errors | foreach-object {"`nService: "+ $_.ErrorDetail.Name.split("/")[0]; "Error Message: "+ $_.ErrorDetail.ObjectErrors.ErrorRecord.ErrorDescription} 

For groups

The following cmdlet retrieves all the errors on the object:
$errors = (Get-MsolGroup –ObjectID <Object_ID>).Errors 
The following cmdlet iterates through each error and retrieves the service information and error message:
$errors | foreach-object {"`nService: " + $_.ErrorDetail.Name.split("/")[0]; "Error Message: "+ $_.ErrorDetail.ObjectErrors.ErrorRecord.ErrorDescription} 
For example, run the following cmdlets:
$errors = (Get-MsolGroup –ObjectID 430ecced-b2c5-455b-94df-ab2b5756b060 ).Errors 
$errors | foreach-object {"`nService: "+ $_.ErrorDetail.Name.split("/")[0]; "Error Message: "+ $_.ErrorDetail.ObjectErrors.ErrorRecord.ErrorDescription} 

For users

The following cmdlet retrieves all the errors on the object of interest:
$errors = (Get-MsolUser -UserPrincipalName "<User_ID>").Errors 

The following cmdlet retrieves all the errors for all users on Azure AD: 

Get-MsolUser -HasErrorsOnly -All | ft DisplayName,UserPrincipalName,@{Name="Error";Expression={($_.errors[0].ErrorDetail.objecterrors.errorrecord.ErrorDescription)}} -AutoSize -wrap

To obtain the errors in CSV format, use the following cmdlet: 

Get-MsolUser -HasErrorsOnly | select DisplayName,UserPrincipalName,@{Name="Error";Expression={($_.errors[0].ErrorDetail.objecterrors.errorrecord.ErrorDescription)}} | Export-csv c:\temp\validationerrors.csv

The following cmdlet iterates through each error and retrieves the service information and error message:

$errors | foreach-object {"`nService: " + $_.ErrorDetail.Name.split("/")[0]; "Error Message: " + $_.ErrorDetail.ObjectErrors.ErrorRecord.ErrorDescription}
For example, run the following cmdlets:
$errors = (get-msoluser -userprincipalname "johnsmith@contoso.com").Errors 
Get-MsolUser -HasErrorsOnly -All | ft DisplayName,UserPrincipalName,@{Name="Error";Expression={($_.errors[0].ErrorDetail.objecterrors.errorrecord.ErrorDescription)}} -AutoSize -wrap
Get-MsolUser -HasErrorsOnly | select DisplayName,UserPrincipalName,@{Name="Error";Expression={($_.errors[0].ErrorDetail.objecterrors.errorrecord.ErrorDescription)}} | Export-csv c:\temp\validationerrors.csv
$errors | foreach-object {"`nService: "+ $_.ErrorDetail.Name.split("/")[0]; "Error Message: "+ $_.ErrorDetail.ObjectErrors.ErrorRecord.ErrorDescription} 
The output will resemble the following:
Service: MicrosoftCommunicationsOnline

Error Message: The value of the msRTCSIP-LineURI field in your local Active Directory is not unique, or the WorkPhone filed for the user conflicts with other users. Correct the value in your local Active Directory or in the tenant admin UI. After you correct it, the value will be updated in your Microsoft Online Services directory during the next Active Directory synchronization.

↑ Back to the top


SOLUTION

The following table lists some common validation errors.

Note This isn't a complete list of validation errors. For errors that aren't on the list, try to resolve the issue based on the information that's included in the error message.
Error messageCauseResolution
Exchange: The name … is already being used. Please try another name.UnknownRun the following cmdlet:

Set-MsolUser –UserPrincipalName <UserPrincipalName of the User> 
Exchange: Couldn't find object "<ObjectID>". Please make sure that it was spelled correctly or specify a different object.There is another object that is referenced from this object (such as permissions), and that object can't be found.Check the permissions such as Full Access, Send As, Send On Behalf permissions. Make sure those users exist, or remove the permissions.
Exchange: Group "namprd03.prod.outlook.com/Microsoft Exchange Hosted Organizations/contoso.onmicrosoft.com/Puget Sound/BLDG 1" can't be converted to a room list. Room lists can only have room mailboxes or room lists as members. "namprd03.prod.outlook.com/Microsoft Exchange Hosted Organizations/contoso.onmicrosoft.com/BLDG 1\/Room100" is not a room mailbox or a room list.This is a room list that contains members that aren’t room mailboxes or other room lists. Make sure that the group contains only room mailboxes or room lists. For more information, go to the following Microsoft TechNet websites:
Exchange: No mailbox plan with SKU 'BPOS_L_Standard' was found. User has no access to email.The company previously had an Office 365 for professionals or small businesses plan or an Office 365 Small Business plan.Nothing. User has access to email messages.
Lync: The value of the msRTCSIP-LineURI field in your local Active Directory is not unique, or the WorkPhone filed for the user conflicts with other users. Correct the value in your local Active Directory or in the tenant admin UI. After you correct it, the value will be updated in your Microsoft Online Services directory during the next Active Directory synchronization.More than one user in Office 365 has msRTCSIP-LineURI or WorkPhone properties that match. This includes the scenario in which two or more users in multiple Office 365 companies have the same msRTCSIP-LineURI or WorkPhone values.The msRTCSIP-LineURI or WorkPhone property must be unique in Office365.

↑ Back to the top


MORE INFORMATION

To view the objects that have an error associated with them, run the following Windows PowerShell commands in the Azure Active Directory Module for Windows PowerShell.
  • Get-MsolUser | Where {$_.Errors –ne $null} | Select ObjectID, DisplayName 
  • Get-MsolContact | Where {$_.Errors –ne $null} | Select ObjectID, DisplayName 
  • Get-MsolGroup | Where {$_.Errors –ne $null} | Select ObjectID, DisplayName 
Note The Windows PowerShell commands in this article require the Azure Active Directory Module for Windows PowerShell. 

For more information about Azure Active Directory Module for Windows PowerShell, go to the following Microsoft website:

↑ Back to the top



Still need help? Go to Microsoft Community.

↑ Back to the top


Keywords: o15, o365e, o365a, yespartner, o365, tsg, exo, vkbportal231, uacrossref, lynconline, pscommand, o365m, o365022013, o365p, vkbportal339, vkbportal343, o365ud, sbo, kb, vkbportal237

↑ Back to the top

Article Info
Article ID : 2741233
Revision : 10
Created on : 8/20/2020
Published on : 8/21/2020
Exists online : False
Views : 406