Exchange 2010 - EWS and disabling TLS 1.0

Similar Messages

• Exchange 2010 EWS and retrieving To and From Addresses

  I'm using Microsoft EWS notification streaming to monitor a mailbox for new messages.  It is doing exactly what I need it to do except i'm having trouble pulling out the new email addresses from the message for To and From.  I'm using Microsoft's
  sample application they gave me here
  http://www.microsoft.com/en-us/download/details.aspx?id=27154 but can't figure it out.  Any help is appreciated.
  private
  static
  void OnNotificationEvent(object
  sender, NotificationEventArgs args)
  // Extract the item ids for all NewMail Events in the list.
  var newMails =
  from e
  in args.Events.OfType<ItemEvent>()
  where e.EventType ==
  EventType.NewMail
  select e.ItemId;
  // Note: For the sake of simplicity, error handling is ommited here.
  // Just assume everything went fine
  var response = _ExchangeService.BindToItems(newMails,
  new
  PropertySet(BasePropertySet.IdOnly,
  ItemSchema.DateTimeReceived,
  ItemSchema.UniqueBody,
  ItemSchema.Subject,
                                                         ItemSchema.DisplayTo,
  ItemSchema.InternetMessageHeaders,
  ItemSchema.Body));
  var items = response.Select(itemResponse => itemResponse.Item);
  //ExtendedPropertyDefinition transportMsgHdr = new ExtendedPropertyDefinition(0x007D, MapiPropertyType.String);
  foreach (var
  item in items)
  Console.Out.WriteLine("A
  new mail has been created. Received on {0}", item.DateTimeReceived);
  Console.Out.WriteLine("Subject:
  {0}", item.Subject);
  Console.Out.WriteLine("To:
  {0}", item.DisplayTo);
  Console.Out.WriteLine("Body:
  {0}", item.Body);
  Console.Out.WriteLine("ID:
  {0}", item.Id);
  Console.Out.WriteLine("Headers:
  {0}", item.InternetMessageHeaders);
  Michael Duhon

  You need to include the To and From properties in the property set your using in the Bind statement change
  var response = _ExchangeService.BindToItems(newMails,
  new PropertySet(BasePropertySet.IdOnly, ItemSchema.DateTimeReceived,
  ItemSchema.UniqueBody, ItemSchema.Subject,
  ItemSchema.DisplayTo, ItemSchema.InternetMessageHeaders,
  ItemSchema.Body, EmailMessageSchema.ToRecipients, EmailMessageSchema.From));
  Exchange will only return the properties that you ask it to.
  Cheers
  Glen

• Exchange 2010 EWS - app_global.asax-error.

  Im setting up an Exchange Online deployment on a costumers server enviroment. They have a single Exchange 2010 SP3 with Rollup 6 installed.
  The users started complaining that they couldnt set out-of-office messages in Outlook, and that they were prompted for Exchange password in Lync repeatedly.
  Now, im not sure if these errors came because of the Hybrid setup of its a coincidence, but here is what Ive done:
  I started the Hybrid Wizard, but this one got some errors, so it didnt complete on the first run. The error was the following:
  http://support.microsoft.com/kb/2626696
  and I ran
  ServiceModelReg.exe –r
  on the server to fix it. This solved this problem, but a new one occurred with publishing of Autodiscover and EWS online. I called it a day, and was busy the next day so this was left like this for a few days.
  The next day a few users complained that they couldnt set out of office. The next day after that, the lync error occured (there was a reboot that night. Im not sure if thats relevat). The errors in the Hybrid-wizard had then been solved, and the Hybrid-wizard
  ran through, but the EWS-problem remained. 
  Now, on the server I get this error every second or so:
  +
  System
  Provider
  [ Name]
  System.ServiceModel 3.0.0.0
  EventID
  3
  [ Qualifiers]
  49154
  Level
  2
  Task
  5
  Keywords
  0x80000000000000
  TimeCreated
  [ SystemTime]
  2014-09-25T15:36:32.000000000Z
  EventRecordID
  933734
  Channel
  Application
  Computer
  <Server Name>
  Security
  [ UserID]
  S-1-5-18
  EventData
  System.ServiceModel.ServiceHostingEnvironment+HostingManager/20974680
  System.ServiceModel.ServiceActivationException: The service '/EWS/Exchange.asmx' cannot be activated due to an exception during compilation. The exception message is: Could not load file or assembly 'App_global.asax.hid_mutt,
  Version=0.0.0.0, Culture=neutral, PublicKeyToken=null' or one of its dependencies. The system cannot find the file specified.. ---> System.IO.FileNotFoundException: Could not load file or assembly 'App_global.asax.hid_mutt, Version=0.0.0.0, Culture=neutral,
  PublicKeyToken=null' or one of its dependencies. The system cannot find the file specified. File name: 'App_global.asax.hid_mutt, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null' at System.Reflection.Assembly._nLoad(AssemblyName fileName, String codeBase,
  Evidence assemblySecurity, Assembly locationHint, StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean forIntrospection) at System.Reflection.Assembly.InternalLoad(AssemblyName assemblyRef, Evidence assemblySecurity, StackCrawlMark& stackMark,
  Boolean forIntrospection) at System.Reflection.Assembly.InternalLoad(String assemblyString, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection) at System.Reflection.Assembly.Load(String assemblyString) at System.ServiceModel.Activation.ServiceHostFactory.CreateServiceHost(String
  constructorString, Uri[] baseAddresses) at System.ServiceModel.ServiceHostingEnvironment.HostingManager.CreateService(String normalizedVirtualPath) at System.ServiceModel.ServiceHostingEnvironment.HostingManager.ActivateService(String normalizedVirtualPath)
  at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath) WRN: Assembly binding logging is turned OFF. To enable assembly bind failure logging, set the registry value [HKLM\Software\Microsoft\Fusion!EnableLog]
  (DWORD) to 1. Note: There is some performance penalty associated with assembly bind failure logging. To turn this feature off, remove the registry value [HKLM\Software\Microsoft\Fusion!EnableLog]. --- End of inner exception stack trace --- at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String
  normalizedVirtualPath) at System.ServiceModel.ServiceHostingEnvironment.EnsureServiceAvailableFast(String relativeVirtualPath)
  w3wp
  4440
  Any ideas is appreciated. 

  Hi,
  I am glad to hear that issue solved by yourself.
  Event 3 indicated that Exchange missed Anonymous authentication on autodiscover/EWS Virtual directories.
  To solve this issue, please enable Anonymous authentication on autodiscover/EWS Virtual directories through IIS manager by the following steps:
  Open IIS manager.
  Navigate to Sites>Default Web Site>Autodiscover.
  Refer to the following picture to choose Authentication, then double-click it. Try to enable Anonymous Authentication.
  Repeat steps 1-3 to enable Anonymous authentication on EWS.
  Best Regards.

• Updated: Event ID 1006 - Can not delete Mails in OWA after installing SP1 (Exchange 2010) = Outlook and OWA Light are OK

  Hi all,
  4 Exchange Servers (2 DB + 2 CAS NLB Cluster) all Exchange 2010 SP1
  Outlook work fine.
  If I delete a message in OWA i became the following errors:
  Internet Explorer:
  Die Netzwerkverbindung ist nicht verfügbar. Wenn das Problem weiterhin auftritt, wenden Sie sich mit folgendem HTTP-Statuscode an den Helpdesk: 0.
  Translation: The networkconnection is not available. If it happens again, contact the helpdesk with HTTP statuscode 0
  Firefox:
  Die Netzwerkverbindung ist nicht verfügbar. Wenn das Problem weiterhin auftritt, wenden Sie sich mit folgendem HTTP-Statuscode an den Helpdesk: 302.
  Translation: The networkconnection is not available. If it happens again, contact the helpdesk with HTTP statuscode 302
  Event ID 1006 MSExchange Mailbox Replication
  Fehler: MapiExceptionNetworkError: Unable to make connection to the server. (hr=0x80040115, ec=-2147221227)
  Before SP1 it worked fine.
  Can somebody help me ?
  Kind regards Andy

  Hi,
  First, I would like to confirm the following questions:
  1. Does the issue occur on certain user mailbox via OWA or each user mailbox?
  2. Which OWA folder’s email cannot be deleted, Inbox, Sent Items or each folder?
  3. Which version of operating system is installed on the client machine, Windows XP, Windows Vista or Windows 7?
  At this stage, I suggest you temporarily disable firewall and anti-spam for a test. If the emails still cannot be removed via OWA, please refer to the following article
  and use isinteg tool to check and repair Information Store.
  Description of the Isinteg utility
  Thanks.
  Novak Wu-MSFT

• Integration b/w Exchange 2010 SP2 and Exchange 9.1.1.7 connector

  Has any succesfully integrated exchange 2010 sp2 with 9.1.1.7 conncetor ..
  Sp2 is not in the certifcation list in the connector documentation .. just want to check if any one has done this before ..
  Thanks

  Hi Sembee,
  We did this already.
  We got it working now after doing above but with the shell.
  First we confirmed if the mailbox is disabled with the following command: Get-MailboxStatistics -Database MBD01 | Where { $_.DisconnectReason -eq "Disabled" } | Format-List LegacyDN, DisplayName, MailboxGUID, DisconnectReason
  It did show as disabled but when we try to enable it we got the following: This task does not support recipients of this type.
  So we disabled the mailbox in the shell, enable it again and it was fine.
  Get-MailboxStatistics -Database MBD01 | Where { $_.DisconnectReason -eq "Disabled" } | Format-List LegacyDN, DisplayName, MailboxGUID, DisconnectReason helped us, cause in the EMC exchange showed the user as enabled.
  Thanks

• Exchange 2010 SP3 and meeting forward notification options

  I'm having an issue with meeting forward notifications in Exchange 2010 SP3. I'm working on an integration project with an existing system using the EWS Managed API. Part of this system is handling forward notifications and responses. However, we've hit
  an issue regarding the way forwards are generated by Exchange.
  In short, when a meeting request is forwarded to an external address (could be an Exchange server outside of our domain, gmail, or anything, really), the notification they receive places the meeting owner in the "sent representing" field, not the
  person who actually sent the forward. As a result, any responses from the forward recipient will go directly back to the organizer, and the user who forwarded the request may not even be visible. We do not want this to happen. We'd prefer that the forward
  show the person who actually sent it as the sender, and as a result, the response should go directly back to them, not the organizer.
  Is this possible, either through settings or flags on the Appointment object itself or through some additional configuration options in Exchange? Installing a third-party transport agent (even one that we write) is probably out of the question.

  What if you "Forward as iCalendar"
  Remember to mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you Check out my latest blog posts on www.exchangequery.com

• Exchange 2010 SP1 and SP2 are no longer supported.

  Exchange 2010 SP3 is the minimal version that should be installed on your Exchange Servers and just may contain the fixes you need to solve your issue.
  Support for 2010 SP1 and SP2 has ended.
  Before posting a question, please ensure you are running at least 2010 SP3.
  For more details:
  http://blogs.technet.com/b/rmilne/archive/2014/04/09/end-of-exchange-2010-sp2-support.aspx
  Twitter!:
  Please Note: My Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

  Exchange 2010 SP3 is the minimal version that should be installed on your Exchange Servers and just may contain the fixes you need to solve your issue.
  Support for 2010 SP1 and SP2 has ended.
  Before posting a question, please ensure you are running at least 2010 SP3.
  For more details:
  http://blogs.technet.com/b/rmilne/archive/2014/04/09/end-of-exchange-2010-sp2-support.aspx
  Twitter!:
  Please Note: My Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

• After Exchange 2010 SP3 and rollup 4 update conditional formatting causes messages not to appear in Outlook 2010

  Hi,
  after updating to exchange 2010 sp 3 from sp 2 and also updating to rollup 4, users who use conditional formatting cannot see new message unless they close and reopen Outlook.
  If you decide to change the font colour for unread messages, the messages do not appear in Outlook but a pop up indicates that a new message has arrived.
  If you reopen Outlook, the unread messasge appears.
  remove the conditional formatting and no issue with viewing unread messages as they arrive.
  running Outook version 14.0.7106.5003
  is this a known issue?  a user who never used conditional formatting will experience this right away.
  Thanks,
  rudif

  Hi rudif,
  If the issue only happens to users who use conditional formatting and OWA can work well for all mailbox, I think the issue should be in client side.
  Please try to reset View then set the conditional formatting back to have a try. If the issue continues, please try to recreate the Outlook profile to check whether the issue persists. Also try restarting Outlook in Safe mode by running
  Outlook /safe switch.
  Thanks,
  Winnie Liang
  TechNet Community Support

• Exchange 2010 EMC and EMS errors - BLOCKED by software restriction

  EMC has this message:
  Initialization failed "Execution calling 'GetSteppablePipeline" with "1" arguement: File D:\program files\Microsoft\Exchange Server\V14\RemoteScripts\ConsoleInitialize.ps1 cannot be loaded because its execution is blocked
  by software restriction policies" 
  EMS has this error:
  "There were errors in loading the format data file: D:\Program Files\Microsoft\Exchange 2010\V14\Bin\exchange.format.ps1x
  ml, , D:\Program Files\Microsoft\Exchange 2010\V14\Bin\exchange.format.ps1xml : File skipped because of the following validation exception: File D:\Program Files\Microsoft\Exchange 2010\V14\Bin\exchange.format.ps1xml cannot be loaded because its execution is
  blocked by software restriction policies. For more information, contact your system administrator."
  All other powershell scripts work just fine.  It is not the execution policy.  That is set properly.  Authenticode returns valid on the files. There are no settings it GPO to control or cause this. Email working fine.  It just started
  after a reboot for updates.  Any other thoughts before I spend $500 for a call?
  Server2008 Standard SP2
  Update Rollup 4 v2 for Exchange Server 2010 SP2
  Thank you

  The long and short of it was Microsoft Certificates didn't update and were expired. I was not given a reason why this happened but the final solution after Microsoft spent 2 weeks on this was to first reinstall Exchange Service Pack 3, reboot. Install
  update rollup 8, and reboot.  This fixed the EMC but not the shell.  Then they reinstalled the rollup 8 again and one more reboot.  Everything now works.  I'd say with all the other little tweaks they looked at as possible suspect and "other
  things" they fixed in their efforts to solve this, I defiantly got my money's worth.  Despite not really knowing what really caused the issue in the first place

• Calendar Sharing between 2 organisation Exchange 2010 SP3 and Exchange online with Federation Trust.

  Hi...
   Our company is running Exchange Server 2010 SP3 Standart would like to have Shared calendar with organisation running with Exchange online.
   We made a Federation trust between organisations and I checked that one certificate was installed and the rule for their domain was created. but when I try to share my calendar I always receive.
  "Calendar sharing is not available with the following contacts because of permission settings on your network."
  Name I took from GAL or input manually and always same. Forgot to mention that we migrated from Exchange 2003 to 2010 SP3 and all old exchange servers I removed. I tried everything that I know and read and nothing helped.
  Hope for your support.
  Thank you.

  1)I deleted everything and made step by step as indicated in your articles.
  2) recreated organisation relationship:
  RunspaceId            : xxxxxxxxxx
  DomainNames           : {xxxxxxx.microsoftonline.com, xxxxxxxxx.onmicrosoft.com, xxxxxxx.com}
  FreeBusyAccessEnabled : True
  FreeBusyAccessLevel   : LimitedDetails
  FreeBusyAccessScope   :
  MailboxMoveEnabled    : False
  DeliveryReportEnabled : False
  MailTipsAccessEnabled : False
  MailTipsAccessLevel   : None
  MailTipsAccessScope   :
  TargetApplicationUri  : outlook.com
  TargetSharingEpr      :
  TargetOwaURL          :
  TargetAutodiscoverEpr : https://pod12312.outlook.com/autodiscover/autodiscover.svc/WSSecurity
  OrganizationContact   :
  Enabled               : True
  ArchiveAccessEnabled  : False
  AdminDisplayName      :
  ExchangeVersion       : 0.10 (14.0.100.0)
  Name                  : xxx
  DistinguishedName     : CN=xxx,CN=Federation,CN=uxx,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=uxxx,DC=com
  Identity              : Lxx
  Guid                  : a8xxx
  ObjectCategory        : upxxs.com/Configuration/Schema/ms-Exch-Fed-Sharing-Relationship
  ObjectClass           : {top, msExchFedSharingRelationship}
  WhenChanged           : 27/01/2015 3:23:47 PM
  WhenCreated           : 26/01/2015 9:41:39 AM
  WhenChangedUTC        : 27/01/2015 8:23:47 PM
  WhenCreatedUTC        : 26/01/2015 2:41:39 PM
  OrganizationId        :
  OriginatingServer     : xxx.upxxxns.com
  IsValid               : True
  3. Configured Sharing Policies:
  [PS] C:\Windows\system32>Get-SharingPolicy
  Name                      Domains                                  Enabled    Default
  Default Sharing Policy    {*:CalendarSharingFreeBusySimple}        True       False
  Lxxx                              {lxxx.com:CalendarSharingFreeBusy...     True       True
  added my mail box to sharing policy but in the end receive same error 
  Calendar sharing is not available with the following contacts because of permission settings on your network.
  In EventViewer everything seems to be fine....
  No errors on policy creation... How can be checked this permission
  settings on your network they are on exchange on in DC ? 

• Exchange 2010 SP3 and UR6 Query - Order of Install

  hi,
  I need to update my Exchange 2010 SP2 Servers to SP3 and Update Rollup 6.
  Can someone confirm the update order for me?
  I have 5 servers;
  Live Data Centre:
  2 x HUB / CAB (Using Windows NLB)
  2 x Mailbox (DAG)
  Disaster Recovery:
  1 x Multi-Role Server (CAS / HUB and Mailbox) - this is also Part of the DAG
  Two Questions:
  1.) What is the Order in which I install SP3 on these Servers? Should it be Live Data Centre: HUB / CAS, Mailbox Servers and THEN the Multi-Role Server at DR?
  2.) When Upgrading each server, should I do SP3, reboot, check and THEN install Update Rollup 6 - or should I upgrade all Servers to SP3 and then start the process again to get to Update Rollup 6?
  Thanks in advance for your help with this query.
  Regards,
  Adam

  1) Internet facing CAS first in each AD site. Order: CAS> HUB> UM> MBX
  2) Personally, I would install SP3, reboot, then install SP6, but its really up to you.
  http://technet.microsoft.com/en-us/library/bb629560(v=exchg.141).aspx
  Upgrade Exchange 2010 to Exchange 2010 SP1, Exchange 2010 SP2, or Exchange 2010 SP3
  Twitter!: Please Note: My Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

• Renew SSL Certificate for for two Exchange 2010 Server and the new rules.

  I find DigitCert's website always helpful with cert questions.They've got a pretty helpful page here: https://www.digicert.com/internal-names.htmIt looks like they've got a tool for Exchange, but I've not used it myself, so can't say if it works or how well: https://www.digicert.com/internal-domain-name-tool.htmI bet Microsoft have something on their website too that helps with this sort of question.I'd say you register a completely new domain and use that for public facing and internal servers. Or you could just create a sub domain of an existing one, i.e. subdomain.mydomain.com and use that, i.e. public_exchange.subdomain.mydomain.com and internal_exchange.subdomain.mydomain.com.

  Hi there , 
  My exchange 2010 Server Certificate is about to expire and i am going to renew it but according to the new rules for SSL Certificate Issuing we can not include our Local Servers Names and Local FQDN such as myserver.contoso.local, my issue is that i have 2 exchange servers one is internet-facing Server (where the certificate is initiated and installed) and one is non-internet-facing Exchange server.
  if i am going to renew my certificate with public only name, I have to create a split Domain that reflects my external links to the internal Users, what shall i do for the non-internet-facing server? do i need to create another record in my split DNS Server and add it to my Certificate Request ? 
  This topic first appeared in the Spiceworks Community

• Exchange 2010 sp3 and WSUS

  I have a DAG environment with Exchange 2010.  last week I moved from sp2 RU6 to sp3 rtm. I then manually installed RU6 for sp3. the correct verison numbers are being displayed in the EMC under Help>About Exchange Server 2010 (it shows version 14.03.0195.001) I
  verified the version numbers on this site -
  http://social.technet.microsoft.com/wiki/contents/articles/240.exchange-server-and-update-rollups-build-numbers.aspx
  My question is, in WSUS, it shows that all my servers with exchange on  them, (a management server with the EMC only, 2 exchange servers for the DB, a CAS server and a DR exchange server) need SP3 RU2. 
  1) Will this disrupt the current SP3 RU6 installation?
  2) Would it be better to just decline the SP3 RU2 update in WSUS? 
  3)Should I just proceed with the installation and see what happens?
  If I am on the wrong forum, please let me know.
  thanks
  Ian 
  Ian

  Hi
  I prefer doing rollups by downloading the file and installing it on the server from an elevated prompt. 
  Deploying it with WSUS always leaves room for error.
  Rather manually download the file and plan the installation.
  Hope this helps. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

• Securing publishing exchange 2010 OWA and ActiveSync with WAP 2012

  Hello,
  my client have the following environment:
  Exchange 2010 sp3
  AD 2003
  we want to secure activesync and owa by using reverse proxy. TMG/UAG life ends 2015, then we study WAP 2012 and ADFS 3.0. the difficulties is there is not enough experience feedback, specially for this environnement.
  Is there any incompatibility ?
  do you know good articles and blogs which address this issue ?
  Thanks in advance

  Are any other options available since posting in June 2014?  Specifically for securing ActiveSync connections from smartphones on the Internet.  We are running Exchange 2010 in AD 2008  
  TMG has already transitioned from mainstream to extended support.  Not only is there less support now, to my understanding there is still a licensing cost for this product.  Paying for a product at EOL seems inadvisable.
  Web Access Protocol (WAP) looked like the right choice, but to secure communications from domain users on unknown devices over the Internet requires Exchange 2013 which is "claims aware".  Exchange 2010 is not and what we are left with is
  configuring WAP in pass-thru mode, allowing unauthenticated Internet traffic into our internal network where the Exchange CAS server is. 
  Is there any Microsoft solution to authenticate the user before allowing the user's device to connect to our CAS server on our internal network.

• Exchange 2010 OWA and ASA5510 - Wrong URL?

  I'm in the final steps of migrating my customer's Exchange server from Exchange 2003 to Exchange 2010.  I've got all the mailboxes moved and am testing the OWA access.  Under Exchange 2003, the internal/external users were able to access OWA thru the following URL:
  http://mail.mycustomer.org/exchange
  It would pop up a login box, they'd put in their domain info and get connected to their mailbox.
  After migrating to Exchange 2010, the user had to change the URL to httpS://mail.mycustomer.org/exchange or httpS://mail.mycustomer.org/owa, but it worked internally.  When I test it externally, I get the following page:
  https://mail.mycustomer.org/+CSCOE+/wrong_url.html
  I  have next to no experience with Cisco devices, management, and/or maintenance, but what I've found in my research points to an issue w/ our ASA5510 and the port 443 required by the SSL connection to the Exchange server.  Any help to resolve this issue so that my external users will be able to access OWA would be greatly appreciated.  Thanks.

  Hi,
  Can you check the output of the following commands
  show run http
  show run webvpn
  These are basically the 2 services that utilize the port TCP/443 port on the ASA.
  The first commands output will show some settings related to the ASDM which is the GUI for the ASA management. The second command output will show settings related to the SSL VPN.
  Both of these services can be modified to use some other port than TCP/443 which would leave the port free for your server.
  I assume that you only have one public IP address at your disposal which is configured on the ASA interface and you have no extra public IP address? Otherwise this should be no problem at all.
  Naturally if you change the port on ASDM or SSL VPN it will cause some inconvinience for users of those services. Ofcourse you have the option to map the local TCP/443 port of the server to some other public port like TCP/444 but again this might cause inconvinience to the users also.
  - Jouni