DAG Kerberos Authentication Issue Exchange 2010 on 2008R2 Servers
I have 2 Exchange 2010 servers in a DAG. The witness server is in site A along with one the Exchange servers. The second Exchange server is in a DR site. The DAG has been functioning fine for 1.5 yrs. Last weekend after a scheduled reboot of all 3 servers
involved (2 e-mail servers and the witness server), the e-mail server in the DR site cannot gain access to the witness share directory per the failover cluster manager. It says to check to see if the witness directory is on-line, etc... Using pings and
explorer, there is no problem for the DR site e-mail server to contact the witness server and directory. Even restablished the Quorem to the same directory, no issues. Upon doing a network trace though, I am receiving KERBEROS pre-authentication errors when
you start the Cluster service on the DR site e-mail server when it tries to contact the witness server:
(1.4 is the Witness server; 6.5 is the e-mail server in the DR site)
Source Destination
192.168.1.4","192.168.6.5","KRB5","319","KRB Error: KRB5KDC_ERR_PREAUTH_REQUIRED"
192.168.6.5","192.168.1.4","TCP","54","26049 > kerberos [FIN, ACK] Seq=235 Ack=266 Win=65792 Len=0"
192.168.6.5","192.168.1.4","TCP","66","26050 > kerberos [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1"
192.168.1.4","192.168.6.5","TCP","60","kerberos > 26049 [ACK] Seq=266 Ack=236 Win=66048 Len=0"
192.168.1.4","192.168.6.5","TCP","60","kerberos > 26049 [RST, ACK] Seq=266 Ack=236 Win=0 Len=0"
192.168.1.4","192.168.6.5","TCP","66","kerberos > 26050 [SYN, ACK] Seq=0 Ack=1 Win=8192 Len=0 MSS=1406 WS=256 SACK_PERM=1"
192.168.6.5","192.168.1.4","TCP","54","26050 > kerberos [ACK] Seq=1 Ack=1 Win=66048 Len=0"
192.168.6.5","192.168.1.4","KRB5","368","AS-REQ"
192.168.1.4","192.168.6.5","KRB5","282","KRB Error: KRB5KDC_ERR_PREAUTH_FAILED"
192.168.6.5","192.168.1.4","TCP","54","26050 > kerberos [FIN, ACK] Seq=315 Ack=229 Win=65792 Len=0"
192.168.1.4","192.168.6.5","TCP","60","kerberos > 26050 [ACK] Seq=229 Ack=316 Win=66048 Len=0"
192.168.1.4","192.168.6.5","TCP","60","kerberos > 26050 [RST, ACK] Seq=229 Ack=316 Win=0 Len=0"
Thoughts anyone?
Hi,
Unfortunately, the available information is not enough to have a clear view of the occurred behavior, it is not an efficient way to work in this community since we may need more resources, for example exchange log, detail cluster log (an application)
dump or ETL trace, which is not appropriate to handle in the community. I‘d like to suggest that you submit a service request to MS Professional tech support service so that a dedicated Support Professional can further assist with this request.
Please visit the below link to see the various paid support options that are available to better meet your needs.
http://support.microsoft.com/default.aspx?id=fh;en-us;offerprophone
Best regards,
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.
Similar Messages
-
Exchange 2013 EAC will not run with Exchange 2010 CAS\HT servers shut down.
Hi Folks,
A little background - We have just migrated all our user mailboxes and public folders to Office 365 using a hybrid configuration. Now that the migration is essentially finished, I'd like to decommission our on-prem Exchange infrastructure and remove the
hybrid config. We are using dirsync with password sync to replicate our AD to the cloud.
I've read that even if you remove your hybrid configuration, it's a good idea to keep one on-prem Exchange server around so you can edit Exchange attribs (such as email addresses) in a supported manner, rather than using ASDI edit, etc.
To this end, I installed a single Exchange 2013 CA\MBX server. After installation, the EAC worked fine, and I was able to view our on-prem users, groups, etc. Last week, I shut down our two Exchange 2010 CAS\HT servers as a test to see if anything broke
prior to decommissioning them (these were the hybrid servers as well). After doing so, the Exchange 2013 EAC no longer works for some reason, and behaves in a very bizarre fashion. About once every 20 times or so, it will actually start and run. The other
times, it just has you enter your creds, then generates an HTTP 500 internal server error after entering them. It seems to make no difference if you attempt to access it by the fqdn, hostname, or localhost right on the box itself. Same behavior on Chrome or
IE.
Today as a test, I started up one of the 2010 CAS servers and lo and behold, the 2013 EAC ran without difficulty again. Any idea why this might be so? Thanks for any help,
IanHi,
From your description, I recommend you use the following URL to check if you can access EAC. I see it works for several people about this issue.
https://<Exchange 2013 CAS FQDN>/ecp?ExchClientVer=15
Hope it helps.
Best regards,
Amy Wang
TechNet Community Support -
Outlook 2011 for Mac not authenticating with Exchange 2010
Hi,
We have an issue with our Mac Clients authenticating with our Exchange Server. We have Exchange 2010 Version 14.03.0174.001.
Outlook is saying the credentials are incorrect for the user when we know they work fine in OWA and in Outlook 2010.
It seems this is since we re-keyed are SSL certificate. I have changed the EWS directory to Basic Authentication and also re-created the EWS directory. I have also re-ran all the SBS Wizards.
Is there anything else we can do to get this sorted?
ThanksHi Robert,
I found a KB for your reference:
Sending email error "Authentication failed. Error 17897" in Outlook 2011 for Mac
http://support.microsoft.com/kb/2492901
If it not matches to yours, please paste the details without sensitive information.
Thanks
Mavis
Mavis Huang
TechNet Community Support -
Active Sync Issue - Exchange 2010
Hey,
Alright I have had some issues with some iPhones connecting to our Exchange 2010 server. When i run the Testconnectivity test, I receive a timeout error on the last step:
Attempting the FolderSync command on the Exchange ActiveSync session.
The test of the FolderSync command failed.
Additional Details
Exception details:
Message: The operation has timed out
Type: System.Net.WebException
Stack trace:
at System.Net.HttpWebRequest.GetResponse()
at Microsoft.Exchange.Tools.ExRca.Extensions.RcaHttpRequest.GetResponse()
Elapsed Time: 100439 ms.
When I run the Test from Powershell I receive the following message:
[System.Net.WebException]: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. Inner error [System.Security.authentication.AuthenticationException]: The remote certificate is invalid according
to the validation procedure.
I have already taken a number of steps including removing all of the Exchange Certificates that are not current. I have also reassigned them to the correct services. I have recreated the Active Sync Virtual Directory. Among other things.
I can't seem to find anything that points me to the correct direction so if anyone has any ideas on what I can look at, it would be appreciated.
At this point, I can't create the Exchange account on any new Active Sync clients (I have tested from an iPhone and Android phone) however a few people who had the account already setup get random e-mail messages that come through.
I turns out the issue was Trend. I uninstalled this software and everything started working correctly.
-
Kerberos Authentication Issues.
Our set up is as follows. In Directory Access we have our own clients set to receive their LDAP information via DHCP from our Mac OSX server and when in our office - or indeed, at a location that does not have a Mac OS X server - Kerberos Authentication to our server works just fine.
However, when out of the office and in a location that also has a Mac OSX Server providing it's LDAP information via DHCP, naturally, we pickup that location's Kerberos Realm and this prevents us from making a connection to our Office VPN server which is running on our Mac OSX Server. To work successfully, it requires Kerberos Authentication but when prompted to enter our Kerberos password, the dialogue box appears with the local site's Kerberos Realm and even if I type in our office's Realm, it still will not work. How can we avoid this situation, other than turning off Kerberos Authentication completely.
The krux of the matter is that when off-site, my computer seems to pick up the Kerberos Realm of the system I'm in and completely forgets my own realm, thus not allowing me to authenticate until I return to my own office. I don't seem to be able to manually override it either.
Is there something I am missing here?afaict what you're expierencing is default behaviour. Kerberos on a client machine gets autoconfigured by means of reading the KerberosClient record in the LDAP database in use. This happens dynamically so having LDAP server coming from dhcp configures kerberos as laid out in that LDAP server KerberosClient record.
See man kerberosautoconfig which is the tool actually run to achieve this.
HTH
-Ralph -
Our company moved from on-premises Exchange 2003 to Office365 and only have 4 Exchange 2003 servers on-prem that we use for Routing email from application servers to Office365. We need to migrate these servers to Exchange 2010 then to Exchange 2013 and
only route email only. Is it possible to upgrade to Exchange 2010 by installing the transport Hub & Mailbox server options only? Our OAB and EWS services come from the CAS servers located on Office365 so we should not need a CAS server to set up Transport
rules or route mail would we? Any assistance with this would be greatly appreciated! - Thanks, DWB
DaveSince it is not internet facing we will not have to worry about configuring an Internet Domain Name when installing the first server, correct? in my planning I was going to
install the Exchange 2010 CAS/Mailbox/Transport Hub roles on one server, then upgrade it to Exchange 2013. Once this is completed I'll then install the 2 mailbox role servers in one Datacenter, and 3 more in our DRP DC. If something happens to the
primary Datacenter I would want it to fail over to the other site. For this I would have to install another CAS/mailbox server in the secondary DC. Would this plan sound about right? Since we moved to Office365 in 2010 I have not had a chance to deal with
actual servers except for the Exchange 2003 servers we still have on-premises. Each of these are located in 4 Regional offices along with single Windows 2008 R2 servers using only the IIS SMTP service for routing mail from on-prem application servers
and print/scanners which email back to the users. The plan is to move to a routing system which will provide both MTA and redundancy if one has an issue.
Dave -
Decommissioning Exchange 2010 Public Folder servers
I have 4 Exchange 2010 SP3 RU6 Public Folder servers. I need to get rid of 2 of them so I can re-use the hardware. The 2 I need to get rid of are replication partners (one replicates to the other) and only have about 5GB of PF data. I want to move the data
to the other 2 Public Folder servers (they are replication partners with each other). Those 2 servers have about 200GB of PF data. Do I just run .\MoveAllReplicas.ps1 -Server OldServer -NewServer NewServer on 1 server since it has the same data as the other
one? I am just trying to figure out how to get the data from the 2 "old" PF servers (it is the same data since 1 replicates to the other) to the 2 newer ones which are the main PF servers (again, one replicates to the other). Also, this command won't
erase what is already on the newer servers, right? I assume it will just add to the existing.
Jason
HDLHi,
You need to replicate public folder firstly, after you make sure the public folder replication is completed, you can use the .\MoveAllReplicas.ps1 to move all replicas to the server that you want to keep.
Replicating public folders won't remove the existing public folders.
You will have to run .\MoveAllReplicas.ps1 -Server OldServer -NewServer NewServer command on both server, this command actually remove the public folder replicas on the old Exchange server. If you don't remove public folders replicas on the old
server, you won't remove pulic folder database successfully.
Best regards,
Belinda Ma
TechNet Community Support -
HT Rules Priority Issue exchange 2010 sp3
I have got 12 HT rules and ALL are all the same …
Email comes in for [email protected] redirects to
[email protected] , Email comes in for
[email protected] redirects to [email protected] and so on
. Seems intermittently working.
I understand the priority is kicking in here. I move around the rules and they work …and one starts working other fails etc.
Any thoights????
thnxHi,
As Will Martin clarified, it is recommended to set the forwarding email address directly to redirect these users' emails. You can use the following cmdlet to do it:
Set-Mailbox -Identity "xxx" -DeliverToMailboxAndForward $true -ForwardingSMTPAddress "[email protected]"
For your reference:
https://technet.microsoft.com/en-us/library/dd351134%28v=exchg.141%29.aspx?f=255&MSPPError=-2147217396
Hope this can be helpful to you.
Best regards,
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
Amy Wang
TechNet Community Support -
Exchange 2010 MP - CAS servers not beeing discovered
Hi!
I have 2 CAS-servers that are not beeing discovered. Trigger on Demand discovery against these servers fails. Is there a way I can manually force these servers to this role?
Best regards
Rune HaugenHi,
Have you checked the option "Allow this agent to act as a proxy and discover managed objects on other computers" for all your Exchange servers?
Please also try to flush health service state and caches for the CAS servers.
More details about flush health service state and caches, please refer to the link below:
http://technet.microsoft.com/en-us/library/hh212884.aspx
Regards
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
Exchange 2013 co-existence with Exchange 2010 proxying issue.
Hello,
I am testing Exchange 2010 and Exchange 2013 co-existence in my test lab at the moment, with
a view to migrating our production environment to 2013 later in the year.
The lab is setup, and the problem I'm having is that internal Outlook clients cannot open
their respective mailboxes once the 2013 CAS server is introduced into the mix.
The
setup is listed below:
EXCHANGE 2010 Servers
TESTLABEXCH01 - CAS,HT,MBX - Exchange 2010 SP3
TESTLABEXCH02 - CAS,HT,MBX - Exchange 2010 SP3
Both servers are part of a CAS Array - casarray01.testlab.local
Both servers are part of a DAG - DAG01.testlab.local
RpcClientAccessServer on all 2010 databases set to casarray01.testlab.local
The A record for casarray01.testlab.local points to the IP of the VIP of a load balancer.
The loadbalancer serves
the following ports: 25,80,443,143,993,110,995,135,60200,60201
OutlookAnywhere is enabled on both servers:
ClientAuthenticationMethod : Ntlm
IISAuthenticationMethods : {Basic, Ntlm}
Internal and external mail flow works without issue before the 2013 server is introduced.
Internal and external client access works without issue before the 2013 server is introduced.
Part Two to follow.....
MattEXCHANGE 2013 Servers :
TESTLABEXCH03 - CAS,MBX - Exchange 2013 SP1
OutlookAnywhere is enabled on the server:
ClientAuthenticationMethod : Ntlm
IISAuthenticationMethods : {Basic, Ntlm}
RpcClientAccessServer on all 2013 databases set to casarray01.testlab.local
(This an inherited setting I assume from the pre-existing 2010 organization)
Split DNS is in place and all internal/external URL's point to either:
autidiscover.external.com
mail.external.com
The A record for the mail.external.com points to the IP of the load balancer VIP
The CNAME record for autodiscover.external.com points to mail.external.com
When the TESTLABEXCH03 is added to the load balancer config,
and given highest priority this is when the Outlook clients stop working.
Any existing profiles in Outlook 2010/Outlook 2013 can no be opened as there is a persistent
credentials prompt.
Upon trying to create a new profile, the process errors when reaching the "Log onto server"
stage and again prompts for credentials.
Running the test-outlookconnectivity cmdlet from
either of the 2010 servers produces the following results.
[PS] C:\Windows\system32>Test-OutlookConnectivity -Protocol:http
ClientAccessServer ServiceEndpoint
Scenario Result Latency
TESTLABEXCH02 autodiscover.external.com Autodiscover:
Web service request. Success 343.20
TESTLABEXCH02 casarray01.testlab.local RpcProxy::VerifyRpcProxy.
Success 0.00
TESTLABEXCH02 casarray01.testlab.local RFRI::GetReferral.
Failure -1.00
TESTLABEXCH02 casarray01.testlab.local NSPI::GetProfileDetails.
Failure -1.00
TESTLABEXCH02 casarray01.testlab.local
Mailbox::Connect. Failure -1.00
TESTLABEXCH02 casarray01.testlab.local
Mailbox::Logon. Skipped -1.00
If remove the 2013 CAS server from the loadbalancer config and
all connections go directly to the 2010 servers again, all of the above tests pass and Outlook connectivity is also restored.
IIS has been reset on all 3 servers incidentally, following any changes made whilst troubleshooting.
I'm struggling to see what I'm missing here, if anyone can assist in troubleshooting this
matter further, or point out any errors in my setup it would be greatly appreciated.
Regards
Matt
Matt -
Relay issue from Unix across Exchange 2003 OWA server in Exchange 2010 environment
Hi,
I'm trying to resolve an issue. We have one Exchange 2003 server left in our environment. The rest is now Exchange 2010. We are working to decommission this server. Monitoring the SMTP logs, I am working with the various groups to get the traffic
off this server and onto the Exchange 2010 environment.
The issue we are finding is with a work flow. This Java app for eBis sends email to users. This is done correctly through Exchange 2010 and gets delivered from our HUB/CAS servers to the target user mailbox. This email has several links the user must click
for approving or rejecting requests. Upon clicking Approve, a new email window opens (we use Outlook 2010). The TO address is in the format of [email protected] Upon clicking Send, our Exchange 2010 HUB/CAS servers accept the
email, because one of our send connectors has, as address space, *.domain.corp. However, the email address being used it not an alias on any Exchange 2010 mailbox, so it appears Exchange 2010 is sending this email on to the Exchange 2003 server, which
also is an SMTP server. I *think* this server is looking at the address after @ to determine where to send it (ebisserver.domain.corp, which is valid in our DNS), and sends it on to that server, where the java "listener" program intercepts
the mail, processes it and then saves it to a file somewhere.
We are at a loss as to how to get Exchange 2010 to do this instead of Exchange 2003... once this traffic is eliminted from Exchange 2003, I can proceed with decommission of this server. Any help troubleshooting this issue is appreciated.The only reason the Exchange 2010 server would route outbound mail through an Exchange 2003 server is that you have an SMTP Connector defined on the Exchange 2003 server that has a more specific domain than you have on the Exchange 2010 server. You
should be able to see all your Send Connectors (an SMTP Connector on Exchange 2003 looks like a Send Connector in Exchange 2010) by running Get-SendConnector.
Ed Crowley MVP "There are seldom good technological solutions to behavioral problems." -
Exchange 2010 - 2013 Coexistence Issues
I am migrating from Exchange 2010 to Exchange 2013, the Exchange 2013 is built in a different Geo-location site with its dedicated domain controllers in the new site. I have confirmed the mail flow between Exchange 2010 and 2013 mailboxes. I am able to discover
Exchange 2010 servers from 2013 environment via Get-ExchangeServer shell command. However, I am not to discover Exchange 2013 servers from 2010 environment.
I need to configure Outlook Anywhere and Service Connection Point (Autodiscover) on Exchange 2010 to accept connections from Exchange 2013 servers.
Any suggestions would be much appreciated, thanks!Hi ,
Please have a look in to the below mentioned blog after reading that blog i came to know few things .
I am not sure ,i thought exchange 2013 servers will not be displayed in exchange 2010 management shell.
Better and advisable method is to configure your exchange 2010 and 2013 servers via EAC or Shell in exchange 2013.
http://exchangeserverpro.com/exchange-server-2010-2013-migration-managing-co-existence-environment/
Taken from the above blog :
You can’t use the Exchange 2010 EMC to manage Exchange 2013 objects and servers. While customers upgrade to Exchange 2013, we encourage them to use the EAC to:
Manage Exchange 2013 mailboxes, servers, and corresponding services.
View and update Exchange 2010 mailboxes and properties.
View and update Exchange 2007 mailboxes and properties.
We encourage customers to use Exchange 2010 EMC to create Exchange 2010 mailboxes.
We encourage customers to use Exchange 2007 EMC to create Exchange 2007 mailboxes.
Customers can continue to perform management tasks using the Exchange Management Shell and script tasks.
Regards
S.Nithyanandham
Thanks S.Nithyanandham -
Silly Doubt in Exchange 2010 - Datacenter SwitchOver
Hi Team
i have a very silly doubt in my exchnage 2010 environment with two sites
two mailbox servers (Site A ) and another two mailbox servers in site B .All the four mailbox servers is same DAG
site A mailbox database copies are available in site B and Vice Versa.
in site A , if two mailbox servers is down / not reachable, automatically the database are moved from site A to Site B and mounted over there. and normal mailflow is happening with interruption of few sec / minutes
then why we need Datacenter SwitchOver and what is is purpose of doing Datacenter SwitchOver and Datacenter SwitchBack, as the mailflow is functioning without any issue
it may be silly , but i would like to be very clear from top of my head
thanks teamHi Li,
Correct , that is not a problem for me now. The problem is below as mentioned
i just started the datacenter switch over from one site to another site and unfortunately i have been halted in the initial stage itself in my test environment
Site: Main-Office
One Domain Controller: Indlabbitesdc01.labbites.co.in - Hosting
DNS Services
One Hub Server: Indlbht01.labbites.co.in - Witness Server
2 CAS server (CAS ARRAY) - casarray1.labbites.co.in and casarray2.labbites.co.in
Casarray IP: 172.29.137.50
2 Mailbox Servers – Indlbmb01.labbites.co.in and indlbmb02.labbites.co.in
Dag Name: DAG1
DAG IP: 172.29.137.140
Site: GUINDY-OFFICE
- No WIteness server in this SIte
One Additional Controller: Labdeldc01.labbites.con.in
One HUB and CAS Server: indlbguex01.labbites.co.in
2 Mailbox servers – indlbgumbx01.labbites.co.in and indlbmb03.labbites.co.in
Both mailbox servers are members in DAG1
As per Plan , DAC is enabled in DAG1
Next step i shutdown all the servers Site:
Main-Office and trying to open the powershell from one of the mailbox from Site: GUINDY-OFFICE for issuing the command Run the Stop-DatabaseAvailabilityGroup cmdlet in the shell and i got
the below error
VERBOSE:
Connecting to indlbgumbx01.labbites.co.in
[indlbgumbx01.labbites.co.in]
Connecting to remote server failed with the following error message : WinRM cannot proces
s
the request. The following error occured while using Kerberos authentication: There are currently no logon servers available to service the logon request.
Possible causes are:
-The user name or
password specified are invalid.
-Kerberos is used
when no authentication method and no user name are specified.
-Kerberos accepts
domain user names, but not local user names.
-The Service Principal
Name (SPN) for the remote computer name and port does not exist.
-The client and
remote computers are in different domains and there is no trust between the two domains.
After checking for
the above issues, try the following:
-Check the Event
Viewer for events related to authentication.
-Change the authentication
method; add the destination computer to the WinRM TrustedHosts configuration setting or us
e HTTPS transport.
Note that computers
in the TrustedHosts list might not be authenticated.
-For more
information about WinRM configuration, run the following command: winrm help config. For more information,
see the about_Remote_Troubleshooting
Help topic.
+ CategoryInfo
: OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [], PSRemotingTransportExc
eption
+ FullyQualifiedErrorId
: PSSessionOpenFailed
Exception calling "GetComputerDomain"
with "0" argument(s): "The local computer is not joined to a domain or the domain
cannot be contacted."
At C:\Program Files\Microsoft\Exchange
Server\V14\bin\ConnectFunctions.ps1:204 char:70
+ [System.DirectoryServices.ActiveDirectory.Domain]::GetComputerDomain
<<<< ().Forest.Name
+ CategoryInfo
: NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId
: DotNetMethodException
Exception calling "GetComputerSite"
with "0" argument(s): "The specified domain either does not exist or could not be c
ontacted.
At C:\Program Files\Microsoft\Exchange
Server\V14\bin\ConnectFunctions.ps1:164 char:92
+ $localSite=[System.DirectoryServices.ActiveDirectory.ActiveDirectorySite]::GetComputerSite
<<<< ()
+ CategoryInfo
: NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId
: DotNetMethodException
Exception calling "FindAll"
with "0" argument(s): "Unknown error (0x80005000)"
At C:\Program Files\Microsoft\Exchange
Server\V14\bin\ConnectFunctions.ps1:253 char:17
+ $search.FindAll
<<<< ()
+ CategoryInfo
: NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId
: DotNetMethodException
You cannot call a method
on a null-valued expression.
At C:\Program Files\Microsoft\Exchange
Server\V14\bin\ConnectFunctions.ps1:146 char:33
+
$siteName = $siteDN.ToString <<<< ().SubString(3).Split(",")[0]
+ CategoryInfo
: InvalidOperation: (ToString:String) [], RuntimeException
+ FullyQualifiedErrorId
: InvokeMethodOnNull
WARNING:
No Exchange servers are available in the Active Directory site . Connecting to an Exchange server in another
Active Directory site.
Failed to connect to an
Exchange server in the current site.
Enter
the server FQDN where you want to connect.: lbdeldc01.labbites.co.in
VERBOSE: Connecting to
lbdeldc01.labbites.co.in
[lbdeldc01.labbites.co.in]
Connecting to remote server failed with the following error message : WinRM cannot process t
he request. The following
error occured while using Kerberos authentication: There are currently no logon servers avail
able to service the logon
request.
Possible causes are:
-The user name or
password specified are invalid.
-Kerberos is used
when no authentication method and no user name are specified.
-Kerberos accepts
domain user names, but not local user names.
-The Service Principal
Name (SPN) for the remote computer name and port does not exist.
-The client and
remote computers are in different domains and there is no trust between the two domains.
After checking for
the above issues, try the following:
-Check the Event
Viewer for events related to authentication.
-Change the authentication
method; add the destination computer to the WinRM TrustedHosts configuration setting or us
e HTTPS transport.
Note that computers
in the TrustedHosts list might not be authenticated.
-For more
information about WinRM configuration, run the following command: winrm help config. For more information,
see the about_Remote_Troubleshooting
Help topic.
+ CategoryInfo
: OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [], PSRemotingTransportExc
eption
+ FullyQualifiedErrorId
: PSSessionOpenFailed
[PS] C:\Windows\system32> -
OWA Exchange 2010 and 2013 Co-Existance
Hi All
I have 2 new Exchange 2013 Multi role servers in a test environment. I have setup the namespace's in the following way
Communcal OWA URL - exchange.domain.co.uk/owa
Server 2013 Boxes
OWA URL Internal and External - owa.domain.co.uk/owa
Server 2010 Boxes
OWA Internal - legacy.domain.co.uk
OWA External - legacy.domain.co.uk
Authentication on Exchange 2010 boxes is set to basic, form based.
Authentication on Exchange 2013 boxes is set to basic and form based.
When users hit are exchange.domain.co.uk/owa it is sent to 2013 servers. This we then want to process all requests and proxy connections to 2010. Accessing a 2013 mailbox is fine, however 2010 users just get the message, opening mailbox, it then sticks on
Still Working on it for indefinite and never progress'.
Have tried removing the External URL from 2010 as I have seen suggested elsewhere but this makes no difference.
ECP address' match what OWA are and certificates include all 3 namespaces.
Many THanks in advance for any assistance
JasonHi All
I have 2 new Exchange 2013 Multi role servers in a test environment. I have setup the namespace's in the following way
Communcal OWA URL - exchange.domain.co.uk/owa
Server 2013 Boxes
OWA URL Internal and External - owa.domain.co.uk/owa
Server 2010 Boxes
OWA Internal - legacy.domain.co.uk
OWA External - legacy.domain.co.uk
Authentication on Exchange 2010 boxes is set to basic, form based.
Authentication on Exchange 2013 boxes is set to basic and form based.
When users hit are exchange.domain.co.uk/owa it is sent to 2013 servers. This we then want to process all requests and proxy connections to 2010. Accessing a 2013 mailbox is fine, however 2010 users just get the message, opening mailbox, it then sticks on Still
Working on it for indefinite and never progress'.
Have tried removing the External URL from 2010 as I have seen suggested elsewhere but this makes no difference.
ECP address' match what OWA are and certificates include all 3 namespaces.
Many THanks in advance for any assistance
Jason -
Microsoft Exchange 2010 and Outlook 2013
My colleagues computer suddenly crashed yesterday and it wouldn't restart without a system restore.
Now when we try to open up Outlook it says that you must connect to Microsoft Exchange at least once before you can usse your Outlook Data file (.ost)
Also The PC has lost the trust relationship on the domain
We have exchange 2010 and the servers OS is Microsoft Windows Small Business Server 2011 and the Client PC is running off of Windows 8.
Can you please help me resolve this issue?
kind regards
Steve Bradshaw
[email protected]It might be possible that the MAPI key (which enables Outlook to synchronize with Exchange) has been deleted due to the System crash. So, in order to establish the connection, you need to Reconnect the OST file to the original MAPI profile and then reconnect
then MAPI profile to Exchange Server.
If the above method fails to resolve the issue, then the best option for you would be to take the help of any professional OST to PST Conversion Software, which will help you to Extract data from your OST file and convert it to PST file which you can import
back to your Outlook to establish the connection with Exchange Server again.
You can check this
presentation for more info.
Maybe you are looking for
-
101. What is true about the primary index of a table? More than one answer is correct. a) The key fields of the table make up the primary index b) The primary index ID is designated by the Database Adminstrator c) The developer designates the fields
-
Can I use my Time Capsule 1TB as an external hard drive to store my music library but with a cable connection(Ethernet or USB) and not Wi-Fi.
-
Transfer Music from Lumia 920 to ipod
Hi I have a Lumia 920 and I downloaded a lot of music through Nokia music on my phone. The same music was transferred on to my laptop. Now I want to transfer the same on to my ipod. Is there a way I can do that? itunes is not picking up the download
-
I m not able to browse safari and mail icon is not working?
I m not able to browse safari. My email icon is not functioning at all, so I can not see any email like yahoo, hotmail, gmail. Page is completly blank. thank you for your support.
-
Marks underneath screen of Lumia 820
Ive had my NNokia Lumia 820 approx 4-5 weeks and though Ive got no software problems with the phone, about a week ago, I noticed what looked like smudge marks on the underneath of the screen, at the top under the speaker and in the bottom left corner