EWS, SOAP: Unable to access Forefront-protected /EWS/Exchange.asmx

This is a repost. I'm really hoping to get an answer from a Microsoft Forefront support engineer. Last time my question was ignored then closed, am I in the wrong place for Forefront support?
I have this app that uses EWS to access mail, using the standard /EWS/Exchange.asmx SOAP endpoint.
One my user's mail servers is protected by Microsoft Forefront, and the initial HTTP request to
https://server_name/EWS/Exchange.asmx
is redirected (HTTP 302) to:
https://server_name/
CookieAuth.dll?GetLogon?curl=Z2FEWSZ2FExchange.asmx&reason=0&formdir=3
which is an regular HTML page, the point of which, I guess, is to make the user authenticate "manually".
I've not heard about Forefront until today, not sure how to handle it.
Is this normal behavior for Forefront (i.e. it always redirects the initial HTTP request), or is it triggered by something in my app? For example, user-agent? The formatting of my SOAP request? Some other heuristics?
If it's normal, how am I supposed to get past this page and access /EWS/Exchange.asmx?
If it's triggered by something my app is doing, how can I find out what it is?
My code runs on Android and forms its own XML requests without using any SOAP library. At the transport level, I use Apache HTTP client components. The code works fine with Office 365/Exchange Online, and, according to user reports, "self-hosted"
corporate Exchange servers with NTLM.
However, in this case, I'm not even getting an HTTP 401: the HTTP 302 is returned by the very first HTTP roundtrip.
Trying to preemptively authenticate the initial request using Basic authentication didn't make any difference.
The user who reported this issue also mentioned that another EWS based app works, so there must be a solution to it.

Quan,
Thank you for responding.
There is no error per se, but the initial HTTP request to <server>/EWS/Exchange.asmx gets redirected by Forefront (HTTP 302) to:
https://server_name/
CookieAuth.dll?GetLogon?curl=Z2FEWSZ2FExchange.asmx&reason=0&formdir=3
...which is an HTML page that asks the user to log in, "manually" by again entering his login and password. This is a problem, because my app is not a web browser.
Normally, without Forefront, the first request for Exchange.asmx returns an HTTP 401, at which point the HTTP library provides authentication data, and then the server returns actual data that the app asked for.
I do not know which Forefront it is, I'm not familiar with Forefront. Does the above URL (.../CookieAuth.dll?GetLogon) tell you that? Does it matter which Forefront it is?
I hope that you are exactly a person "who is familiar with the issue" -- specifically, Forefront for Exchange -- or can escalate my question to someone who is.

Similar Messages

  • Removing Forefront Protection for Exchange

    I am looking into moving away from Forefront Protection for Exchange since it can't be renewed (prob to Cisco Ironport).
    What exactly do I need to do remove it completely?
    Current set up:
    Exchange 2010 behind Forefront TMG.
    Forefront Protection for Exchange used to block spam and scan for viruses.
    I believe there is a edge subscription between TMG and Exchange
    Exchange transport role installed on TMG server
    Heath

    Hi,
    when FPE is integrated into TMG you first should disable the E-Mail protection in TMG. After that FPE runs indepented and you can simply uninstall it like any other installation.
    Greetings
    Christian
    Christian Groebner MVP Forefront
    Hi Christian
    Could you be more specific as to exactly what in TMG will "disable the E-Mail protection in TMG" as it relates to the uninstallation of FPE?
    E.g. In TMG, on the "E-Mail Policy" tree node with the focus on the "E-Mail Policy" tab, there are 3 configurable items that I'm unsure of will achieve the above. These are:
    "E-Mail Policy" : Enabled
    "Protection Manager Integration" : Enabled
    "Email Policy Integration Mode" : Enabled
    Any specific one of the above or all?
    Thanks
    Jaans

  • Forefront protection for exchange 2010 - updates?

    Installed Exchange EDGE server with Forefront Protection for Exchange 2010.
    Installed hotfix update rollup 4 for forefront (I think it's the latest because I haven't found any newer).
    We have basically left everything on default in forefront, and if we take a look on dashboard in gui we see this error message:
    not all the antimalware engines selected in the forefront adminstration console for scanning have been enabled for updates.
    where should we take a look whats not being updated. Please a little help.
    with best regards,
    bostjanc

    Hi.
    Meanwhile I have also found information that it has been retired
    https://social.technet.microsoft.com/Forums/forefront/en-US/400fa485-edc9-499f-8294-c196496437d8/not-all-of-the-antimalware-engines-enabled-for-updates-successfully-updated-at-the-last-attempt?forum=FSENext
    bostjanc

  • Alternative to Forefront Protection for Exchange

    Since Microsoft is discontinuing Forefront Protection for Exchange, does anyone know how long they will continue to provide updates to the anti-virus engines? To be honest, our perimeter security provides just about all the protection we need but I don't
    like not having anti-virus on Exchange, especially the mailbox servers.
    Is MS providing any alternative other than going to the cloud or are we just being forced to find a third party product? I really liked the MS product because support would always play third party products every time we had a problem. Our agreement does
    expire until 2016 but I think we will be on 2013 by then for sure and I hear 2013 has some remedial anti-virus support built in.

    Since Microsoft is discontinuing Forefront Protection for Exchange, does anyone know how long they will continue to provide updates to the anti-virus engines? To be honest, our perimeter security provides just about all the protection we need but I don't
    like not having anti-virus on Exchange, especially the mailbox servers.
    Is MS providing any alternative other than going to the cloud or are we just being forced to find a third party product? I really liked the MS product because support would always play third party products every time we had a problem. Our agreement does
    expire until 2016 but I think we will be on 2013 by then for sure and I hear 2013 has some remedial anti-virus support built in.
    3rd party or cloud is the only option. 2013 has basic malware detection.
    Twitter!:
    Please Note: My Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

  • Expiration of "Subscription license of Microsoft Forefront Protection for Exchange Server"

    We have "Microsoft Forefront Protection for Exchange
    Server" running in the company. Now I face the expiration of "Subscription license of Microsoft Forefront Protection for Exchange Server".
    I learned from
    http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-changes-to-forefront-product-roadmaps.aspx that "... products will continue to be supported through that date (12/31/2015) in order to provide with customers sufficient
    time to move to alternative solutions". My concern is, that Microsoft Forefront Protection for Exchange Server does not know about that grace period.
    It claims:
    Your Subscription license of Microsoft Forefront Protection for Exchange Server has expired. The product will continue to operate during the extended grace period
    until 5/1/2013. Subsequently, scanner updates will be disabled and the product will operate with reduced functionality.
    Is there a way to get a new license number? I called our software vendor, but Microsoft does not sell licenses anymore.
    Thank you for your assistance.

    Hi
       We just talk about exchange deployment and configuration in this forum.
       If you have any questions about licensing, please use the contact information in
    here which would be the best place for seeking the answer.
    Terence Yu
    TechNet Community Support

  • Reactivating Forefront Protection for Exchange

    My EA agreement expired few months back and with that Forefront Protection for Exchange also got expired.
    Now I have renewed EA agreement. 
    When I open Forefront Protection for Exchange, I get a message saying, "Enter your license agreement number and license end date." There is also a box to enter these details.
    Will this be reactivated if I enter my new EA agreement number and expired date.

    Hi,
    You may need to contact Microsoft to confirm this.
    Here is a article About product licensing.
    https://technet.microsoft.com/en-us/library/ee358857.aspx
    Best Regards,
    Joyce
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

  • Unable to access public folders on Exchange 2007 when user mailbox is on Exchange 2013

    Hi
    I have coexistence with Exchange 2007 and Exchange 2013. I've moved a mailbox to Exchange 2013 and now cannot view the public folders on Exchange 2007. The error message I get is "could not connect to the public folder server. microsoft exchange is
    not available. either there are network problems or the exchange server is down for maintenance."
    Mailboxes on Exchange 2007 do not have any problems viewing public folders. I can't migrate users to Exchange 2013 until this issue is resolved.
    The IIS permissions to the Public virtual directory on Exchange 2007 is set to Intergrated Windows and Basic authentication.

    Hi northerly,
    I recommend you follow the steps below for troubleshooting:
    1. Please run the Get-OutlookAnywhere cmdlet to verify the Outlook Anywhere settings on Exchange Server 2013 Client Access servers.
    2. If "ExternalHostName" is set, and "ExternalClientAuthenticationMethod" is Negotiate, change "ExternalClientAuthenticationMethod" to something other than Negotiate.
    3. If "InternaClientlAuthenticationMethod" is set to Negotiate, and "InternalRequireSSL" is True, change "InternalClientAuthenticationMethod" to something other than Negotiate, or change "InternalRequireSSL" to False.
    What's more, here is a helpful KB for your reference.
    Users of Exchange Server 2013 or Exchange Online can't open public folders or shared mailboxes on an Exchange 2010 or Exchange 2007 server
    http://support.microsoft.com/kb/2834139/en-us
    Hope my clarification is helpful.
    If there are any problems, please feel free to let me know.
    Best regards,
    Amy
    Amy Wang
    TechNet Community Support

  • Forefront Protection 2010 for Exchange and CorruptedCompressedFile issue

    Hi
    I have an issue where a third-party vendor is using Cisco Prime management software to email zipped reports to various recipients on our system. However, when it hits our system, Forefront is tagging this as a "CorruptedCompressedFile"
    and stripping it from the emails.
    I've had the email sent to a personal email account and the attachment looks ok - it opens normally and there is no password. If I use Windows 7 to extract the single file and then create a new zip file, this new zip file is delivered fine to users in our
    system.
    We are running Exchange 2010 (14.03.0174.001) and Forefront Protection for Exchange (11.0.727.0).
    The file is a csv, and one example is only 2.5MB compressed, and 15MB uncompressed.
    Does anyone know what could be causing the issue here?
    Thanks
    Paul

    HI,
    In general, the files that FPE is unable to parse will be scanned as a corrupted compressed file and it can be due to multiple reasons.
    Please check the FSEAgentLog under %Program Files (x86)%\Microsoft Forefront Protection for Exchange Server\Data
    to see if any detailed information exists.
    Firstly, I recommend you to check the maximum compressed file size to make sure that it is larger than that file. You can clickPolicy
    Management in the FPE Administrator Console, and under
    Global Settings, click Advanced Options, then in the
    Global Settings - Advanced Options pane, under the Threshold Levels section.
    In addition,
    files identified as corrupted are quarantined by default. You can override quarantining for these file types by clearing the
    Quarantine corrupted compressed files
    check box under the
    Deletion Criteria
    section in the Global Settings - Advanced Options pane,,
    and then clicking
    Save. However, it is not recommended to do this as it may cause all the files identified as corrupted are not quarantined.
    Best regards,
    Susie

  • Microsoft Forefront Server Protection for Exchange Registration Service does not start automatically

    Hello,
    I am having an issue when I start my TMG 2010 machine:
    (*TMG 2010 + Forefront protection for Exchange + Exchange Edge server role, acting like a SMTP relay and Antispam filter)
    The service "Microsoft Forefront Server Protection for Exchange Registration Service"
    does not start, it is set to "Manual".
    I tried to find some information about which services should be started and which should not, but I cannot find such information, not even in Technet (my fault probably).
    Thanks in advance.
    Luis Olías Técnico/Admon Sistemas . Sevilla (España - Spain)

    Hi,
    Have you received any errors in event logs when
    you started the Microsoft Forefront Server Protection for Exchange Registration Service?
    Based on my research,
    Microsoft Forefront Server Protection Controller service is a dependency of the Microsoft Forefront Server Protection Registration service and the Microsoft Forefront
    Server Protection Registration service is a dependency of the Microsoft Exchange Transport service.
    The Microsoft Forefront Server Protection Registration service normally only runs for a brief time (less than a minute) when FPE initializes. It then shuts
    down and does not need to be running for transport scanning to occur.
    You can refer to the link below:
    Services
    Best regards,
    Susie

  • Renewal of Forefront Protection 2010 for Exchange Server until EOL

    Hello,
    We have a Open Value subscription for Forefront Protection for Exchange Server 2010 (FPE) running with an Exchange 2007 server and an Edge Server.  We attempted to renew the subscription to FPE and were automatically upgraded to FOPE and now EOP.
    Since FPE is not End of Life yet, might it be possible to renew FPE on premises until such time as the product goes End of Life? 
    thank you,
    Dan

    Hello,
    FPE on premises was available only as a subscription license in OV, OVS. for subscription products thre is not possibility to renew th elicensing if is removed from product list.
    you can purchase FOPE(in OVS) or EOP as online subscription. you can use also EOP for on premises Exchnage Server.
    on Microsoft document we have th efollowing info:
    The following are the primary ways you can use EOP for messaging protection:
    In a standalone scenario   EOP provides cloud-based email protection for your "on-premises Microsoft Exchange Server 2013 environment, legacy Exchange Server versions,
    or for any other on-premises SMTP email solution."
    As a part of Microsoft Exchange Online   By default, EOP protects Microsoft Exchange Online cloud-hosted mailboxes.
    In a hybrid deployment   EOP can be configured to protect your messaging environment and control mail routing when you have a mix of on-premises and cloud mailboxes.
    note: EOP replaces Microsoft Forefront Online Protection for Exchange (FOPE). All FOPE customers will be transitioned to EOP, as described in the
    Forefront Online Protection for Exchange (FOPE) transition center. EOP delivers the protection and control provided by FOPE, and also includes additional features.
    What's new in Exchange Online Protection describes some of these features.
    thanks
    diramoh

  • Symantec Mail security & Forefront protection for Exchage on same environment

    We are Running Symantec Mail security on Edge transport with all strict antispam policies but still some users once in a while recieve a spam here or there ,so we are planning to install Forefront Protection for exchange on hub transport , so both products
    are running , is this a do able scnerio , will we face any issues....please suggest from Microsoft point of view,

    Hi,
    As far as I know,  no single tool or process can eliminate all spam. For more spam features and easier management, you can elect to purchase the Forefront Online Protection for Exchange (FOPE) hosted email filtering service or the next version
    of this service, Microsoft Exchange Online Protection (EOP).
    http://technet.microsoft.com/en-us/library/jj218660(v=exchg.150).aspx
    http://technet.microsoft.com/en-us/library/jj673032(v=exchg.150).aspx
    Thanks,
    Angela Shi
    TechNet Community Support

  • Forefront Protection Exchange 2010

    Does an Exchange Enterprise license cover you for Forefront Protection Exchange 2010?

    Hello,
    Only these Exchange license cover Forefront Protection for Exchange 2010 :
    Enterprise CAL with services
    Standard CAL + Enterprise with services
    Source (in french sorry):
    http://www.microsoft.com/exchange/2010/fr/fr/Licences.aspx
    Regards,
    Follow me on Twitter http://www.twitter.com/liontux | My Blog (French/English) :
    http://security.sakuranohana.fr/

  • Support Forefront Protection 2010 for Exchange 2010 SP3

    Hi
    I have a simple question: Is there a full support of FPE 2010 (Version 11.0.727.0) for Exchange 2010 SP3 (and Rollup Updates)?
    Thomas

    Hi,
    It seems that FPE 2010 for exchange 2010 SP3 is supported and you need to install the Rollup 4. For more detailed information, please refer to the link below:
    Hotfix Rollup 4 for Microsoft Forefront Protection for Exchange
    Updates for Microsoft Forefront and Related Technologies
    Hope this helps!
    Susie

  • Problems with scan jobs Forefront protection 2010 for exchange server administrator console

    Dears,
    I have the following problem with the
    CAS server:
    How do I fix it?
    thanks for your reply
    Edwin Duran Ospina

    Hi,
    FPE will now post a warning if any items are present in the Undeliverable archive folder. You could remove the stuck email from "%Program Files (x86)%\ Microsoft Forefront Protection for Exchange Server\Data\Archive\Undeliverable".
    For more information: http://support.microsoft.com/kb/2420647
    Best Regards,
    Joyce
    We
    are trying to better understand customer views on social support experience, so your participation in this
    interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

  • Frorefront Protection for Exchange 2010 Version Number

    Afternoon Community
    I am currently research and planning the upgrade of an MS Exchange 2010 Virtual Server. One of the steps requires the upgrade of Forefront Protection for Exchange to be updated to the latest Rollup (KB230203 - Rollup 5). Due to ongoing projects i am aware
    that Forefront has never been upgraded by us.
    A few weeks ago we noticed our license for the product was due to expire, so we extended the license until Dec 2015. I have noticed that the version number of Forefront is now showing as 11.0.727.0 (Forefront Protection 2010 w Rollup 4). We havent installed
    any of the Rollup Hotfixes and i can find no trace of the install under control panel/programs and features.
    1. Has anyone recently updated their license and seen that it has changed their version number?
    2. How can i confirm that no Rollup Hotfix has been installed?
    3. If i go ahead and try to install KB2619883 (Rollup 4), will it cleanly install or will it fail as Forefront thinks the package is already at the correct level?
    Any help on this issue would be greatly appreciated.
    Barry Fitzpatrick

    Hi,
    Maybe you can check the Installed Updates in Programs and Features under Control Panel. In addition, if you have Windows PowerShell, you can use Get-Hotfix cmdlet to get the hotfixes that have been applied to the local computer.
    Best regards,
    Susie

Maybe you are looking for