Resolution
How do I create an Exchange 2003 mailbox without generating any errors?
goal
How do I resolve a "Catastrophic Failure" error when creating a mailbox?
goal
How do I prevent loss of UDP packets larger than 512 bytes?
fact
Directory and Resource Administrator 7.x
fact
Microsoft Windows Server 2003
symptom
ERROR: "Catastrophic Failure" received when trying to create an Exchange 2003 mailbox
symptom
ERROR: "CreateMailbox returned an error:hr = 8000FFFF while Creating the mailbox for the user LDAP://MAILDC01/cn=Test Account,OU=Departments,DC=Domain,DC=GOV" logged to Server logs.
Error description: The specified domain either does not exist or could not be contacted.
symptom
DRA queries the global catalog but does not receive a response.
cause
This issue may be due to a FireWall/DNS configuration issue.
fix
In Windows 2003 there is a new feature for DNS called Extension Mechanisms for DNS (EDNS0). It allows DNS servers to receive and send UDP packets larger than 512 bytes. If there is a firewall between the root DNS servers (GC) and child domain DNS servers, a firewall may drop UDP packets larger than 512 bytes. Thus, when DRA queries the global catalog, DRA never receives a response. The problem may not materialize until the server is rebooted and the cached GC is cleared.
You can resolve this issue by disabling EDNS0 on DNS servers. Note: This issue would typically cause other network issues in the environment.
For more information about this issue, see Microsoft KB article 832223.
http://support.microsoft.com/default.aspx?scid=kb;en-us;832223