I have gone through few cases with Exchange 2010 SP3 recently where I got the issue with some mailboxes which administrator was trying to reconnect after the user account was accidently deleted. And while connecting the mailbox, they get the error.
Connect-Mailbox -Identity '13a25282-6936-4ffe-a27f-472d0e1a2605' -Database 'DB1' -User 'domain\user' -Alias 'alias'
Cannot get the security descriptor of mailbox '13a25282-6936-4ffe-a27f-472d0e1a2605' in Exchange mailbox database 'bf71
+ CategoryInfo : NotSpecified: (0:Int32) [Connect-Mailbox], MapiOperationException
+ FullyQualifiedErrorId : 953112A0,Microsoft.Exchange.Management.MapiTasks.ConnectMailbox
Other symptoms are that we somehow after deleting the restored account from AD and creating a new account might be able to connect the disconnected mailbox successfully but it will not work and throw the same error as we try to access the mailbox permission or change the permission.
One more symptom is that you might also see the same mailbox in Disconnected mailboxes and Recipient configuration as well.
In such cases the issue arises when an administrator had user objects deleted and then partially restored somehow, or may be residing as leftovers in some container. Those objects had mailboxes that became disconnected when the objects were deleted. New AD objects were created to connect the mailboxes to, and reconnecting was successful. Then we have two objects with conflicting msExchMailboxGUID. And that is the reason we get the error while connecting the mailbox or while looking at the mailbox properties.
How to modify the MxexchMailboxguid:
Suppose a GUID that resembles the following sample GUID:
Note: These last two section needs to type as they are