Exchange 2013 CU3 - Problem with Retention Policies
Hello, I configured a retention policy for mailbox and assigned it to the mailbox iwth the set-mailbox cmdled. I issued the Start-ManagedFolderAssitant [mailbox] to force the immediate processing for the mailbox but the maibox items are not moved.
The ManagedFolderWorkCycle is set to 1 day so i waited 24 hours but no effect.
I also noticed that connecting through OWA the tab Retention Policies does not appear.
Am i missing something? Hope someione could help.
Thnaks
Hi, and thank you for your help. No I did not set the personal tag in the retention policy.
Now I added a personal tag but still i can't see the tags available in the right-click menu. The starnge thing is i see the default MRM policy tags instead. I found Event ID 9017 and 9018 but no errors are reported.
Best regards,
Raffaele
Hi,
Did you have a personal tag in this retention policy and assign it to the mailbox?
Only when you add a personal tag to retention policy and apply to user mailbox, you can see the Retention Policy option by right-clicking the message items in OWA.
For this issue, I recommend you check whether there is the Event ID 9017 and 9018 in the application log, make sure the MRM works well.
And please check if you can see the retention policy description in the Reading Pane when you click on the message items.
Best regards,
Belinda
Belinda Ma
TechNet Community Support
Similar Messages
-
Exchange 2013 CU3 Retention Policy Not working for Calendar & Tasks
We are currently on Exchange 2013 CU3 with Online Archiving Enabled for the user
Default policy is set to move all the items in mailbox which are older than 30 days to online archive mailbox.
Calendar and Tasks Items are also getting archived alongwith other Outlook items from Inbox,Deleted Items etc
Followed Technet website and created RPT for Calendar and Tasks with retention disabled
Still DPT takes precedence and move all the items under Calendar and Task to Online Archive MailboxHi Sam,
I recommend you refer to the following article, despite this for Exchange 2010, however the same applies to exhcnage 2013:
Prevent archiving of items in a default folder in Exchange 2010
To prevent the <acronym title="Default Policy Tag">DPT</acronym> from being applied to a default folder, you can create a disabled <acronym title="Retention Policy Tag">RPT</acronym> for that folder (or disable
any existing RPT for that folder). The Managed Folder Assistant, a mailbox assistant that processes mailbox items and applies retention policies, does not apply the
retention action of a disabled tag. Since the item/folder still has a tag, it's not considered untagged and the DPT isn't applied to it.
Why are items in the Notes folder still archived?
If you create a disabled <acronym title="Retention Policy Tag">RPT</acronym> for the
Notes folder, you'll see items in that folder are not deleted, but they do continue to be moved to the archive! Why does this happen? How do you prevent it?
It's important to understand that:
A retention policy can have a <acronym title="Default Policy Tag">DPT</acronym> to
archive items (using the Move to Archive retention action) and a DPT to
delete items (using the Delete and Allow Recovery or
Permanently Delete retention actions). Both apply to untagged items.
The move and delete actions are exclusive of each other. Mailbox folders and messages can have both types of tags applied - an archive tag and a delete tag. It's not an either/or proposition.
If you create a disabled RPT for the Notes folder to not delete items, the archive DPT for the mailbox would still apply and move items.
When it comes to archiving, there's only one archive policy that administrators can enforce – the <acronym title="Default Policy Tag">DPT</acronym> with 'Move to archive' action.
You can't create a <acronym title="Retention Policy Tag">RPT</acronym> with the 'Move to archive' action. This rules out using the disabled RPT approach to prevent items from being moved.
Best regards,
Niko Cheng
TechNet Community Support -
Exchange 2010 mailbox not able to access auto-mapped Exchange 2013 CU3 mailbox
Hi,
We are in co-existence with Exchange 2010 SP3 and Exchange 2013 CU3.
Outlook Anywhere and Autodiscover pointed towards Exchange 2013 CAS servers. Everything works fine irrespective where is mailbox is located Exchange 2010 or 2013.
When I tried to access auto-mapped mailbox from Exchange 2010 as primary mailbox accessing auto-mapped Exchange 2013 mailbox "Cannot expand the folder. The set of folders cannot be opened. Microsoft Exchange is not available. Either there are network
problems or the Exchange server is down for maintenance".
Exchange 2013 OutlookAnywhere "Externalclientauthenticationmethod" is Basic and "Internalclientauthencitcationmethod" is NTLM. Everything is setup as per the Tech-net recommendations.
Checked both these articles but still it is not working:
http://support.microsoft.com/kb/2839517
http://support.microsoft.com/kb/2834139
Please let me know if there are any other ideas.
RamanHi,
I recommend you refer to the following articles to troubleshoot the issue:
Troubleshooting Mailbox Auto-Mapping : Autodiscover
Details about the shared mailbox that is to be accessed will be returned to the Outlook client by the autodiscover process. This is really handy to know if you are ever in the position where you need to troubleshoot why the auto-mapping feature isn’t working
correctly
Troubleshooting Mailbox Auto-Mapping : Permissions
When you use either the Exchange Management Console or the Exchange Management Shell to grant a user with full access permission against another mailbox, permissions changes are made to allow this as you might expect. Certain Active Directory attributes
are also updated to reflect both the Active Directory account of the mailbox being accessed as well as the Active Directory account of the accessing mailbox. Specifically, you can check the contents of the msExchDelegateListLink and msExchDelegateListBL Active
Directory attributes to see these details and it is worth checking these if you have any suspicions that things aren’t working correctly.
Hope this helps!
Thanks.
Niko Cheng
TechNet Community Support -
Exchange 2013 CU3 Databases only activate on one mailbox server
Hi, guys
I have two Exchange 2013 CU3 Mailbox servers installed, one DAG, 5 databases, each has one copy. I found that if I activated three databases on Mailboxserver1 or Mailboxserver2, then after a few hours, all databases will be activated on the mailbox
server which has three databases activated. All the databases can be activated on Mailboxserver1 or Mailboxserver2, and they work well. I disabled DAC mode for preventing Event 4133 and 4376. And it has the same problem if I enable DAC mode.
From the event log, I found the log when activate one database on another mailbox server, it is Event 3169:
Managed availability system failover initiated by Responder=OutlookMapiHttpDeepTestFailover Component=Outlook.
This caused the database activated on another server.
And I got the message from SCOM, like this:
Alert: Health Set unhealthy
Source: test-mbx - Outlook.Protocol
Path: test-mbx.contoso.local;test-mbx.contoso.local
Last modified by: System
Last modified time: 11/12/2013 5:15:46 AM Alert description: EMSMDB.DoRpc(Logon) step of OutlookRpcDeepTestProbe/DB-01 has failed against test-mbx.contoso.local proxying to test-mbx.contoso.local for [email protected].
Latency: 00:00:00.0320000
ActivityContext:
Outline: [30] EMSMDB.Connect(); [1][FAILED!] EMSMDB.DoRpc(Logon); Likely root cause: Momt
Details:
Error: Error returned in LogonCallResult. Error code = WrongServer (0x00000478)
Log: Mailbox logon verification
EMSMDB.Connect()
Task produced output:
- TaskStarted = 11/12/2013
5:15:25 AM
- TaskFinished = 11/12/2013
5:15:25 AM
- ErrorDetails =
- RespondingRpcClientAccessServerVersion
= 15.0.712.4012
Latency = 00:00:00.0303884
- ActivityContext =
EMSMDB.Connect() completed successfully.
EMSMDB.DoRpc(Logon)
Task produced output:
- TaskStarted = 11/12/2013
5:15:25 AM
- TaskFinished = 11/12/2013
5:15:25 AM
- Exception = Microsoft.Exchange.RpcClientAccess.RopExecutionException:
Error returned in LogonCallResult. Error code = WrongServer (0x00000478)
- ErrorDetails =
- Latency = 00:00:00.0018801
- ActivityContext =
EMSMDB.DoRpc(Logon) failed.
Task produced output:
- TaskStarted = 11/12/2013 5:15:25 AM
- TaskFinished = 11/12/2013 5:15:25 AM
- Exception = Microsoft.Exchange.RpcClientAccess.RopExecutionException:
Error
States of all monitors within the health set:
Note: Data may be stale. To get current data, run: Get-ServerHealth -Identity 'test-mbx' -HealthSet 'Outlook.Protocol'
State Name
TargetResource HealthSet
AlertValue ServerComponent
NotApplicable OutlookMapiHttpDeepTestMonitor
Outlook.Protocol Unhealthy None
NotApplicable OutlookRpcDeepTestMonitor
Outlook.Protocol Healthy None
NotApplicable OutlookRpcSelfTestMonitor
Outlook.Protocol Healthy None
NotApplicable OutlookMapiHttpSelfTestMonitor Outlook.Protocol
Healthy None
NotApplicable PrivateWorkingSetWarning....cclienta... microsoft.exchange.rpcclientacc... Outlook.Protocol Healthy
None
NotApplicable PrivateWorkingSetError....rpcclienta... microsoft.exchange.rpcclientacc... Outlook.Protocol Healthy
None
NotApplicable ProcessProcessorTimeWarning....ienta... microsoft.exchange.rpcclientacc... Outlook.Protocol Healthy
None
NotApplicable ProcessProcessorTimeError....clienta... microsoft.exchange.rpcclientacc... Outlook.Protocol Healthy
None
NotApplicable ExchangeCrashEventError....pcclienta... microsoft.exchange.rpcclientacc... Outlook.Protocol Healthy
None
NotApplicable LongRunningWatsonWarning....cclienta... microsoft.exchange.rpcclientacc... Outlook.Protocol Healthy
None
NotApplicable LongRunningWerMgrWarning....cclienta... microsoft.exchange.rpcclientacc... Outlook.Protocol Healthy
None
This test is a cause that mailbox databases in DAG is doing failover to another server
Log Name: Application
Source: MSExchangeRepl
Date: 12.11.2013 4:49:46
Event ID: 3169
Task Category: Service
Level: Information
Keywords: Classic
User: N/A
Computer: test-mbx-2
Description:
(Active Manager) Database DB-01 was successfully moved from test-mbx.contoso.local to test-mbx-1.contoso.local. Move comment: Managed availability system failover initiated by Responder=OutlookRpcDeepTestFailover Component=Outlook.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="MSExchangeRepl" />
<EventID Qualifiers="16388">3169</EventID>
<Level>4</Level>
<Task>1</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-11-12T00:49:46.000000000Z" />
<EventRecordID>1606248</EventRecordID>
<Channel>Application</Channel>
<Computer>test-mbx-2.contoso.local</Computer>
<Security />
</System>
<EventData>
<Data>DB-01</Data>
<Data>test-mbx.contoso.local</Data>
<Data>test-mbx-1.contoso.local</Data>
<Data>Managed availability system failover initiated by Responder=OutlookRpcDeepTestFailover Component=Outlook.</Data>
</EventData>
</Event>
I don't know why, anyone know what's the problem?
Thank you.
Nile Jiang- Please mark the post as answer if it answers your question.
http://www.usefulshare.comHi,
After deleting all the health mailboxes and restart
the Exchange Health Manager service, the health mailboxes are recreated successfullly, but when I check the outlook.protocol health, the OutlookRpcDeepTestMonitor or the OutlookMapiHttpDeepTestMonitor is still unhealthy. How can I fix it?
[PS] C:\Windows\system32> Get-ServerHealth -Identity 'MAILBOX1' -HealthSet 'Outlook.Protocol' | ft server,state,name,ale
rtvalue -AutoSize
Server state Name AlertValue
MAILBOX1 OutlookRpcDeepTestMonitor Healthy
MAILBOX1 OutlookMapiHttpDeepTestMonitor Unhealthy
MAILBOX1 OutlookRpcSelfTestMonitor Healthy
MAILBOX1 OutlookMapiHttpSelfTestMonitor Healthy
MAILBOX1 PrivateWorkingSetWarning....cclientaccess.service Healthy
MAILBOX1 PrivateWorkingSetError....rpcclientaccess.service Healthy
MAILBOX1 ProcessProcessorTimeWarning....ientaccess.service Healthy
MAILBOX1 ProcessProcessorTimeError....clientaccess.service Healthy
MAILBOX1 ExchangeCrashEventError....pcclientaccess.service Healthy
MAILBOX1 LongRunningWatsonWarning....cclientaccess.service Healthy
MAILBOX1 LongRunningWerMgrWarning....cclientaccess.service Healthy
Nile Jiang- Please mark the post as answer if it answers your question.
http://www.usefulshare.com -
Exchange 2013 CU3 - Outlook Web App LogOff
Hello All,
I have Exchange 2013 CU3 installed and i'm using TMG server for authentication. I am able to login through OWA but when i try to logoff it shows me message of "Close All your Browser Windows.." but OWA does not sign out.
On TMG, only Basic and NTLM authentication is supported. And in IIS Authentication for the OWA Virtual Directory is set to basic.
Can anyone please help me for TMG settings for exchange server 2013? Thankyou for the answers.Hi,
Thank you for your patience and support.
I am trying to involve someone familiar with this topic to further look at this issue. There might be some time delay. Appreciate your patience.
Thank you for your understanding and support.
Best Regards
Quan Gu -
Problem with Access Policies (create multiple resources)
I'm having a problem with Access Policies:
The first policy must create a resource.
And the following policies should create childs on the resource.
The problem here is that when policies will add the childs, the resource is not provisioned yet.
And then each one will create a resource but i just want one resource with the childs.
When the resource is already provisioned, the policies update this resource properly.
How can I fix this?
tksRicardo,
I had a similar problem. In a post-process handler I was managing the user membership in specific roles through the removeMemberUser and the addMemberUser of the tcGroupOperationsIntf class.
The last parameter of this method was a boolean which, when true, would automatically trigger the access policies programmatically in the post-process.
The problem is that there also is an OOTB event handler for triggering access policies, so I was basically triggering the access policies twice and duplicated resources were appearing.
Hope this helps.
Cheers -
Exchange 2013 EAC coexistence with Exchange 2007
Dear All,
I have an exchange organization comprized of single Exchange 2007 SP3 UR 15 running on Win2008 SP2 and two recently installed Exchange 2013 SP1 CU7 with CAS and Mailbox role running on Win 2012 R2.
Imidiantly after Exchange 2013 install, I am not able to login to Exchange 2013 EAC. When I enter my credentials domain\username, the EAC page simpli dose a quick refresh and I am back where I started.
I have tryid mutiple UTLs to access EAC page, such as:
https://localhost/ecp?ExchClientVer=15
https://localhost/ecp?ExchClientVer=14
https://localhost/ecp
Each of them show the same result, a page gets refreshet. I have tryid to move my Exchange Organization user mailbox to Exchange 2013 to see if that helps but the result.
I also noticed that OWA dosent work for mailboxes that are on Exchange 2013, they are redirected to Exchange 2007 even thou they are on Exchange 2013.
Any idea on this one?
Thank you
b.Hi,
From your description, I would like to verify if you have configured Exchange 2013 namespace and virtual directories (such as OWA, ECP, OAB, Web Services, AutoDiscover)correctly. Please make sure these virtual directories are configured correctly and check
the result.
For more information about Exchange 2007 migration to Exchange 2013, here is a helpful blog for your reference.
Step-by-Step Exchange 2007 to 2013 Migration
http://blogs.technet.com/b/meamcs/archive/2013/07/25/part-2-step-by-step-exchange-2007-to-2013-migration.aspx
Hope this can be helpful to you.
Best regards,
If you have feedback for TechNet Subscriber Support, contact
[email protected]
Amy Wang
TechNet Community Support -
Problem with Group policies and Administrator count
I have one problem with Group policies and Admnistrator count.
Win XP, Client 4.91, Client Zen 4
I use DLU for users.
the Group policies are well applied and i keep them after logout for
security reasons.
But my problem is, after logout, the Administrator count becomes this
Group policies, and the only technique that I use, is to remove the
repertories c:\windows\system32\GroupPolicy*. Administrator must
loguing again for having good policies.
Can you help me?Bill,
It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.
Has your problem been resolved? If not, you might try one of the following options:
- Do a search of our knowledgebase at http://support.novell.com/search/kb_index.jsp
- Check all of the other support tools and options available at
http://support.novell.com.
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://support.novell.com/forums)
Be sure to read the forum FAQ about what to expect in the way of responses:
http://support.novell.com/forums/faq_general.html
If this is a reply to a duplicate posting, please ignore and accept our apologies
and rest assured we will issue a stern reprimand to our posting bot.
Good luck!
Your Novell Product Support Forums Team
http://support.novell.com/forums/ -
Exchange 2013 CU3 and Firefox 26.0
I upgraded Exchange 2013 to CU3 last night. I tested the mail flow and everything worked fine sending and recieving. The problem that I am having is with OWA in firefox 26.0 (currently newest version). I get weird graphical glitches when
OWA first loads. Once you click around the display stabilizes but the biggest problem is that not all of the emails are displayed in a folder. I have a folder with a bunch of system data emails that are collected throughout the day and in firefox
I can see ~20 while in IE 9 I can see them all. The inbox also has 5 emails in it but there is a scroll bar that is completely unnecessary in firefox but not IE 9. Do you have any thoughts on this? Thank you in advance.There's no way, as there's nothing wrong with the server.
You will have to wait for the update from Firefox to get it fixed.
It's purely Browser issue As I said before.
Cheers,
Gulab Prasad,
Technology Consultant
Blog:
www.exchangeranger.com
Twitter:
LinkedIn:
Check out CodeTwo’s tools for Exchange admins
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose. -
Hi,
I am having a problem getting OAuth to work from Exchange 2013 to Lync 2013.
I have read and following the instructions online and cannot see what I am doing wrong.
On the Exchange 2013 server, I get the following error when I run:
Test-OAuthConnectivity -Service EWS -TargetUri
https://exchserver2.domainname.local/ews/ -Mailbox "Jack"
RunspaceId : 920118a3-6ab2-45dc-9b68-de68133de95e
Task : Checking EWS API Call Under Oauth
Detail : The configuration was last successfully loaded at 01/01/0001 00:00:00 UTC. This was 1059263714 minutes
ago.
The token cache is being cleared because "use cached token" was set to false.
Exchange Outbound Oauth Log:
Client request ID: 19ad80f6-7751-429f-aac5-e802105fbbc6
Information:[OAuthCredentials:Authenticate] entering
Information:[OAuthCredentials:Authenticate] challenge from
'https://exchserver2.domainname.local/ews/Exchange.asmx' received: Bearer
client_id="00000002-0000-0ff1-ce00-000000000000",
trusted_issuers="[email protected]",Negotiate,NTLM
Information:[OAuthCredentials:GetToken] client-id: '00000002-0000-0ff1-ce00-000000000000', realm: '',
trusted_issuer: '[email protected]'
Information:[OAuthCredentials:GetToken] start building a token for the user domain 'domainname.co.uk'
Information:[OAuthTokenBuilder:GetAppToken] start building the apptoken
Information:[OAuthTokenBuilder:GetAppToken] checking enabled auth servers
Error:[OAuthTokenBuilder:GetAppToken] unable to continue building token; no locally configured issuer
was in the trusted_issuer list, realm from challenge was also empty. trust_issuers was
[email protected]
Error:The trusted issuers contained the following entries
'[email protected]'. None of them are configured locally.
Exchange Response Details:
HTTP response message:
Exception:
System.Net.WebException: The request was aborted: The request was canceled. --->
Microsoft.Exchange.Security.OAuth.OAuthTokenRequestFailedException: The trusted issuers contained the
following entries '[email protected]'. None of them are
configured locally.
at Microsoft.Exchange.Security.OAuth.OAuthTokenBuilder.GetAppToken(String applicationId, String
destinationHost, String realmFromChallenge, IssuerMetadata[] trustedIssuersFromChallenge, String
userDomain)
at Microsoft.Exchange.Security.OAuth.OAuthTokenBuilder.GetAppWithUserToken(String applicationId,
String destinationHost, String realmFromChallenge, IssuerMetadata[] trustedIssuersFromChallenge, String
userDomain, ClaimProvider claimProvider)
at Microsoft.Exchange.Security.OAuth.OAuthCredentials.GetToken(WebRequest webRequest,
HttpAuthenticationChallenge challengeObject)
at Microsoft.Exchange.Security.OAuth.OAuthCredentials.Authenticate(String challengeString, WebRequest
webRequest, Boolean preAuthenticate)
at Microsoft.Exchange.Security.OAuth.OAuthCredentials.OAuthAuthenticationModule.Authenticate(String
challenge, WebRequest request, ICredentials credentials)
at System.Net.AuthenticationManager.Authenticate(String challenge, WebRequest request, ICredentials
credentials)
at System.Net.AuthenticationState.AttemptAuthenticate(HttpWebRequest httpWebRequest, ICredentials
authInfo)
at System.Net.HttpWebRequest.CheckResubmitForAuth()
at System.Net.HttpWebRequest.CheckResubmit(Exception& e, Boolean& disableUpload)
at System.Net.HttpWebRequest.DoSubmitRequestProcessing(Exception& exception)
at System.Net.HttpWebRequest.ProcessResponse()
at System.Net.HttpWebRequest.SetResponse(CoreResponseData coreResponseData)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.GetResponse()
at Microsoft.Exchange.Monitoring.TestOAuthConnectivityHelper.SendExchangeOAuthRequest(ADUser user,
String orgDomain, Uri targetUri, String& diagnosticMessage, Boolean appOnly, Boolean useCachedToken,
Boolean reloadConfig)
ResultType : Error
Identity : Microsoft.Exchange.Security.OAuth.ValidationResultNodeId
IsValid : True
ObjectState : New
It appears to work fine from Lync 2013 to Exchange 2013.
When I run: Test-CsExStorageConnectivity -sipuri [email protected] -Binding Nettcp -Verbose in Lync 2013 I get a successful outcome:
VERBOSE: Successfully opened a connection to storage service at localhost using
binding: NetNamedPipe.
VERBOSE: Create message.
VERBOSE: Execute Exchange Storage Command.
VERBOSE: Processing web storage response for ExCreateItem Success.,
result=Success, activityId=0bbdc565-4a05-4b57-bf95-0c75488a1ef6, reason=.
VERBOSE: Activity tracing:
2015/01/02 19:15:55.616 Autodiscover, send GetUserSettings request,
[email protected], Autodiscover
Uri=https://exchserver2.domainname.local/autodiscover/autodiscover.svc, Web
Proxy=<NULL>
2015/01/02 19:15:55.616 Autodiscover.EWSMA trace,
type=AutodiscoverRequestHttpHeaders, message=<Trace
Tag="AutodiscoverRequestHttpHeaders" Tid="30" Time="2015-01-02 19:15:55Z">
POST /autodiscover/autodiscover.svc HTTP/1.1
Content-Type: text/xml; charset=utf-8
Accept: text/xml
User-Agent: ExchangeServicesClient/15.00.0516.004
</Trace>
2015/01/02 19:15:55.624 Autodiscover.EWSMA trace, type=AutodiscoverRequest,
message=<Trace Tag="AutodiscoverRequest" Tid="30" Time="2015-01-02 19:15:55Z"
Version="15.00.0516.004">
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope
xmlns:a="http://schemas.microsoft.com/exchange/2010/Autodiscover"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<a:RequestedServerVersion>Exchange2013</a:RequestedServerVersion>
<wsa:Action>http://schemas.microsoft.com/exchange/2010/Autodiscover/Autodiscove
r/GetUserSettings</wsa:Action>
<wsa:To>https://exchserver2.domainname.local/autodiscover/autodiscover.svc</
wsa:To>
</soap:Header>
<soap:Body>
<a:GetUserSettingsRequestMessage
xmlns:a="http://schemas.microsoft.com/exchange/2010/Autodiscover">
<a:Request>
<a:Users>
<a:User>
<a:Mailbox>[email protected]</a:Mailbox>
</a:User>
</a:Users>
<a:RequestedSettings>
<a:Setting>InternalEwsUrl</a:Setting>
<a:Setting>ExternalEwsUrl</a:Setting>
<a:Setting>ExternalEwsVersion</a:Setting>
</a:RequestedSettings>
</a:Request>
</a:GetUserSettingsRequestMessage>
</soap:Body>
</soap:Envelope>
</Trace>
2015/01/02 19:15:55.704 Autodiscover.EWSMA trace,
type=AutodiscoverResponseHttpHeaders, message=<Trace
Tag="AutodiscoverResponseHttpHeaders" Tid="30" Time="2015-01-02 19:15:55Z">
HTTP/1.1 200 OK
Transfer-Encoding: chunked
request-id: 5917d246-64b0-48e2-ad79-f9b6cffb5bea
X-CalculatedBETarget: exchserver2.domainname.local
X-DiagInfo: EXCHSERVER2
X-BEServer: EXCHSERVER2
Cache-Control: private
Content-Type: text/xml; charset=utf-8
Set-Cookie: ClientId=FTFXWUQWWRJVBMNBG; expires=Sat, 02-Jan-2016 19:15:55 GMT;
path=/;
HttpOnly,X-BackEndCookie=actas1(sid:S-1-5-21-3691024758-535552880-811174816-113
5|smtp:[email protected]|upn:[email protected])=u56Lnp2ejJqBx8jIn
sqbxpvSz8rHx9LLzp7O0sbOzcnSzcqcmZqem8aempmcgYHNz87K0s/N0s/Oq87Gxc7KxcrK;
expires=Sun, 01-Feb-2015 19:15:55 GMT; path=/autodiscover; secure; HttpOnly
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-FEServer: EXCHSERVER2
Date: Fri, 02 Jan 2015 19:15:55 GMT
</Trace>
2015/01/02 19:15:55.704 Autodiscover.EWSMA trace, type=AutodiscoverResponse,
message=<Trace Tag="AutodiscoverResponse" Tid="30" Time="2015-01-02 19:15:55Z"
Version="15.00.0516.004">
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:a="http://www.w3.org/2005/08/addressing">
<s:Header>
<a:Action
s:mustUnderstand="1">http://schemas.microsoft.com/exchange/2010/Autodiscover/Au
todiscover/GetUserSettingsResponse</a:Action>
<h:ServerVersionInfo
xmlns:h="http://schemas.microsoft.com/exchange/2010/Autodiscover"
xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<h:MajorVersion>15</h:MajorVersion>
<h:MinorVersion>0</h:MinorVersion>
<h:MajorBuildNumber>1044</h:MajorBuildNumber>
<h:MinorBuildNumber>21</h:MinorBuildNumber>
<h:Version>Exchange2013_SP1</h:Version>
</h:ServerVersionInfo>
</s:Header>
<s:Body>
<GetUserSettingsResponseMessage
xmlns="http://schemas.microsoft.com/exchange/2010/Autodiscover">
<Response xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<ErrorCode>NoError</ErrorCode>
<ErrorMessage />
<UserResponses>
<UserResponse>
<ErrorCode>NoError</ErrorCode>
<ErrorMessage>No error.</ErrorMessage>
<RedirectTarget i:nil="true" />
<UserSettingErrors />
<UserSettings>
<UserSetting i:type="StringSetting">
<Name>InternalEwsUrl</Name>
<Value>https://exchserver2.domainname.local/EWS/Exchange.asmx</Value>
</UserSetting>
<UserSetting i:type="StringSetting">
<Name>ExternalEwsUrl</Name>
<Value>https://exchserver2.domainname.co.uk/EWS/Exchange.asmx</Value>
</UserSetting>
<UserSetting i:type="StringSetting">
<Name>ExternalEwsVersion</Name>
<Value>15.00.1044.000</Value>
</UserSetting>
</UserSettings>
</UserResponse>
</UserResponses>
</Response>
</GetUserSettingsResponseMessage>
</s:Body>
</s:Envelope>
</Trace>
2015/01/02 19:15:55.704 Autodiscover, received GetUserSettings response,
duration Ms=88, response=NoError
2015/01/02 19:15:55.706 Lookup user details,
sipUri=sip:[email protected], [email protected],
sid=S-1-5-21-3691024758-535552880-811174816-1135, [email protected],
tenantId=00000000-0000-0000-0000-000000000000
VERBOSE: Items choice type: CreateItemResponseMessage.
VERBOSE: Response message, class: Success, code: NoError.
VERBOSE: Item: Microsoft.Rtc.Internal.Storage.Exchange.Ews.MessageType, Id:
AAMkADAwNWZkZWI0LWM5NGYtNDUxNy05Nzk3LWZhZjRiY2Y4MTU4NwBGAAAAAADLP1MgTEXdQ7zQSlb
qPl++BwBauhRZTfLbTYZ+hBWtK784ANcdmUYqAACSqIurRqgYSZwMhT/IBw89AACnT6G9AAA=,
change key: CQAAABYAAACSqIurRqgYSZwMhT/IBw89AACnip6b, subject: , body: .
VERBOSE: Is command successful: True.
Test passed.
All my certificates on the Exchange 2013 and Lync 2013 servers are from my local CA.
I use APP with the public certificates as my reverse proxy for people connecting from outside the network.
In Lync, the OAuthTokenIssuer certificate created through the Lync deployment wizard is issued to domainname.local (my primary sip domain) and the Subject Alternative names include domainname.co.uk
I then exported this certificate to the Exchange Server and use the Set-AuthConfig to use this certificate for OAuth.
from what I read this was what I was supposed to do.
is this correct?
I have tried so many things I don't know what do to next.
Should the OAuth certificate in exchange be the one exported from Lync?
In Lync, should the OAuthTokenIssuer certificate include the servername or lyncserver.domainname.local or just be domainname.local like it is at the moment?
thank-you
jackThomas,
thanks for giving this the time. I have run the Configure-EnterpriseApplication.ps1 script following by remove-PartnerApplication so many times that I was wondering if there are other setting that
Configure-EnterpriseApplication.ps1 creates that aer not removed when you run
remove-PartnerApplication.
is there a way to completely remove everything that is confirmed when you run
Configure-EnterpriseApplication.ps1 so I can run Configure-EnterpriseApplication.ps1 without there being any configurations left from when I previously run that command?
thanks
jack
[PS] C:\Windows\system32>Get-PartnerApplication |fl
RunspaceId : cb2fb328-769d-4b32-8b7b-1fa35e2994f5
Enabled : True
ApplicationIdentifier : 00000004-0000-0ff1-ce00-000000000000
CertificateStrings : {MIIGcDCCBVigAwIBAgITPgAAARIHL+ig32UAAQAAAAABEjANBgkqhkiG9w0BAQUFADBcMRUwEwYKCZIm
iZPyLGQBGRYFbG9jYWwxHTAbBgoJkiaJk/IsZAEZFg1HdWlkZUNsb3RoaW5nMSQwIgYDVQQDExtHdWlkZ
UNsb3RoaW5nLUFQUFNFUlZFUjEtQ0EwHhcNMTUwMTEwMTIxODIzWhcNMTcwMTA5MTIxODIzWjB7MQswCQ
YDVQQGEwJHQjEPMA0GA1UECBMGTG9uZG9uMQ8wDQYDVQQHEwZMb25kb24xHzAdBgNVBAoTFkd1aWRlIEN
sb3RoaW5nIExpbWl0ZWQxCzAJBgNVBAsTAkhRMRwwGgYDVQQDExNHdWlkZUNsb3RoaW5nLmNvLnVrMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzDzaLsjJfktsbwIJ998ihsZM/0rKGdIt8rIx00oc
HA7w0uVyz2UqnP9a8uRi6HkA7djbynlmGG0hKSUUQngXxz7q2dY6q9rcY5Rw2mJOMeppounx44FFp4+4e
5HQKviLTYo+3DBGIR0mYDqxanKPS00d0f7HDLvmVb90hjdrbE372JBdcNNHs2OHRqg37bN2fAbwd22c9x
2kvi0rESFnr+KcIGECVInCTHLJ7fwVqvi4hvRqtz7KLZsMXprpgeVDs45EMMRtwJ5Hw8uZR4CFz4dHSlo
dIVgDPn8Ns2vGhcUK0JU4WkDbjnqo1SJzHlqtNjiu//wGcn77PAiM0yhyQIDAQABo4IDCjCCAwYwCwYDV
R0PBAQDAgWgMCEGCSsGAQQBgjcUAgQUHhIAVwBlAGIAUwBlAHIAdgBlAHIwEwYDVR0lBAwwCgYIKwYBBQ
UHAwEwHQYDVR0OBBYEFOY3whPicRAXNsTDSIg3FexpaCKdMHUGA1UdEQRuMGyCH0x5bmNTZXJ2ZXIyLkd
1aWRlQ2xvdGhpbmcuY28udWuCH0x5bmNTZXJ2ZXIyLkd1aWRlQ2xvdGhpbmcubG9jYWyCE0d1aWRlQ2xv
dGhpbmcuY28udWuCE0d1aWRlQ2xvdGhpbmcubG9jYWwwHwYDVR0jBBgwFoAUDHst3gUSMGwvkiNTPavmi
UEWgtQwggEuBgNVHR8EggElMIIBITCCAR2gggEZoIIBFYaBzWxkYXA6Ly8vQ049R3VpZGVDbG90aGluZy
1BUFBTRVJWRVIxLUNBLENOPURvbVNlcnZlcjIsQ049Q0RQLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2V
zLENOPVNlcnZpY2VzLENOPUNvbmZpZ3VyYXRpb24sREM9R3VpZGVDbG90aGluZyxEQz1sb2NhbD9jZXJ0
aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/b2JqZWN0Q2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9pbnSGQ
2h0dHA6Ly9jcmwuZ3VpZGVjbG90aGluZy5sb2NhbC9jcmxkL0d1aWRlQ2xvdGhpbmctQVBQU0VSVkVSMS
1DQS5jcmwwgdUGCCsGAQUFBwEBBIHIMIHFMIHCBggrBgEFBQcwAoaBtWxkYXA6Ly8vQ049R3VpZGVDbG9
0aGluZy1BUFBTRVJWRVIxLUNBLENOPUFJQSxDTj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxDTj1TZXJ2
aWNlcyxDTj1Db25maWd1cmF0aW9uLERDPUd1aWRlQ2xvdGhpbmcsREM9bG9jYWw/Y0FDZXJ0aWZpY2F0Z
T9iYXNlP29iamVjdENsYXNzPWNlcnRpZmljYXRpb25BdXRob3JpdHkwDQYJKoZIhvcNAQEFBQADggEBAD
87GUPi02czEMO2Op0CeKBBpGwsfjYR9+RlC2uKAoH8PbWAxYNP3Ke6BtPeFy+95GGAJd5Z0+6LpO/AagA
+zeY/tocZQjy0pYaU4/TPZgD+ZB/8sU982msu+8waO316ipBcf/87n9ZW3Jjk5DcVbtwrZErrGRe9DEn8
QArN0jroLfaRtbDumse1Lp76+dxFuVhlLWcUXtIKaxm+UU9DS94EwJMtN54lDm3EG6hVdiGUR7TYqZU0K
HGm7HciIhuO+2rhAazOBiIAAW6wZRUpFKZONSVD6bKrQCzL12LvynQ7XC6Itgr4JGzNCmoN43dXwVCkWo
amTDdZY4h+QBqUvvY=}
AuthMetadataUrl : https://lyncserver2.domainname.local/metadata/json/1
Realm : domainname.local
UseAuthServer : False
AcceptSecurityIdentifierInformation : True
LinkedAccount : domainname.local/Users/LyncEnterprise-ApplicationAccount
IssuerIdentifier :
AppOnlyPermissions :
ActAsPermissions :
AdminDisplayName :
ExchangeVersion : 0.20 (15.0.0.0)
Name : LyncEnterprise-786f61476b634278a3c9b9e4ec08b660
DistinguishedName : CN=LyncEnterprise-786f61476b634278a3c9b9e4ec08b660,CN=Partner
Applications,CN=Auth Configuration,CN=domainname,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=domainname,DC=local
Identity : LyncEnterprise-786f61476b634278a3c9b9e4ec08b660
Guid : 07495125-ccd4-4443-82d9-74fc3b955cdf
ObjectCategory : domainname.local/Configuration/Schema/ms-Exch-Auth-Partner-Application
ObjectClass : {top, msExchAuthPartnerApplication}
WhenChanged : 10/01/2015 17:14:55
WhenCreated : 10/01/2015 17:14:55
WhenChangedUTC : 10/01/2015 17:14:55
WhenCreatedUTC : 10/01/2015 17:14:55
OrganizationId :
Id : LyncEnterprise-786f61476b634278a3c9b9e4ec08b660
OriginatingServer : DomServer2.domainname.local
IsValid : True
ObjectState : Unchanged -
Exchange 2013 owa integration with ADFS and cooexistance with exchange 2007
Team,
I have successfully integrated adfs 3.0 and Exchange 2013 owa and ecp. However, we have a coexistence environment with exchange 2007. When you access owa, which then redirects you to adfs, sign-in, and then get redirected back to owa. If your
mailbox is still within exchange 2007, you get a blank login page. If you mailbox is in exchange 2013 then you successfully get the owa page for 2013. The problem is that all exchange 2007 mailbox users get blank pages at login. So I have determined
that exchange 2013 cas is not doing the service location lookup on the mailbox to determine if a redirect to the legacy owa address is needed. Is there a configuration setting that I might be missing? Or does the integration with adfs and owa not support
the much needed mailbox lookup for a coexistance environment? A side note: if we enable FBA with owa, both login scenarios work just fine (legacy and new 2013). The legacy namespace has been created, and applied to the exchange 2007 urls.Hi,
Try using AD FS claims-based authentication with Outlook Web App and EAC
http://technet.microsoft.com/en-us/library/dn635116(v=exchg.150).aspx
Thanks,
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Simon Wu
TechNet Community Support -
Exchange 2013 co-existence with 2007 can not send from 2013 - receives OK
2013 SP1 -separate servers for MBX and CAS - 4 of each. Exchange 2007 configured as a CCR
I am in co-existence mode but have not yet switched on the legacy.domainname.com. I have a new certificate installed on all servers - 2007 and 2013 with the legacy namespace included
I can receive on the exchange 2013 servers and can send to exchange 2013 users but cannot send to 2007 users or externally. I have enabled protocol logging and I'm seeing:
2014-04-02T00:57:31.476Z,Outbound Primary,08D1120CF8FEEDBA,0,,10.0.9.1:25,*,,attempting to connect
2014-04-02T00:57:52.521Z,Outbound Primary,08D1120CF8FEEDBA,1,,10.0.9.1:25,*,,"Failed to connect. Winsock error code: 10060, Win32 error code: 10060, Error Message: A connection attempt failed because the connected party did not properly respond after a
period of time, or established connection failed because connected host has failed to respond 10.0.9.1:25"
The client has a pair of Axway mailgateway appliances (Tumbleweed). We can Telnet between the exchange 2013 servers and the Axways. There is a firewall between these mail gateways and the exchange servers and the following ports were opened - 25,443,465,995,110
I used the existing send connectors from 2007 and just added the mailbox servers to them. I created 2 new receive connectors to match 2 specialist 2007 connectors.
But I still can't send mail. Any suggestions where next to check?Hi Tony
Based on the protocol logs error looks like there is connectivity problem between Ex2007 and Ex2013
First you can try dropping an email through Telnet from Exchange 2013 to Exchange 2007 to see the message failure happens at which transit.
You can add the IP address of Exchange 2013 in Exchange 2007 default receive connector and vice versa.
Restart the transport service and try sending an email from exchange 2013 to Exchange 2007 and see the results
Also you can try creating a dedicated receive connector for Exchange 2007 in Exchange 2013 and vice versa if the above step does not work
Also try disabling the firewall and see if it helps.
Remember to mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you -
Exchange 2013 co-existence with Exchange 2010 proxying issue.
Hello,
I am testing Exchange 2010 and Exchange 2013 co-existence in my test lab at the moment, with
a view to migrating our production environment to 2013 later in the year.
The lab is setup, and the problem I'm having is that internal Outlook clients cannot open
their respective mailboxes once the 2013 CAS server is introduced into the mix.
The
setup is listed below:
EXCHANGE 2010 Servers
TESTLABEXCH01 - CAS,HT,MBX - Exchange 2010 SP3
TESTLABEXCH02 - CAS,HT,MBX - Exchange 2010 SP3
Both servers are part of a CAS Array - casarray01.testlab.local
Both servers are part of a DAG - DAG01.testlab.local
RpcClientAccessServer on all 2010 databases set to casarray01.testlab.local
The A record for casarray01.testlab.local points to the IP of the VIP of a load balancer.
The loadbalancer serves
the following ports: 25,80,443,143,993,110,995,135,60200,60201
OutlookAnywhere is enabled on both servers:
ClientAuthenticationMethod : Ntlm
IISAuthenticationMethods : {Basic, Ntlm}
Internal and external mail flow works without issue before the 2013 server is introduced.
Internal and external client access works without issue before the 2013 server is introduced.
Part Two to follow.....
MattEXCHANGE 2013 Servers :
TESTLABEXCH03 - CAS,MBX - Exchange 2013 SP1
OutlookAnywhere is enabled on the server:
ClientAuthenticationMethod : Ntlm
IISAuthenticationMethods : {Basic, Ntlm}
RpcClientAccessServer on all 2013 databases set to casarray01.testlab.local
(This an inherited setting I assume from the pre-existing 2010 organization)
Split DNS is in place and all internal/external URL's point to either:
autidiscover.external.com
mail.external.com
The A record for the mail.external.com points to the IP of the load balancer VIP
The CNAME record for autodiscover.external.com points to mail.external.com
When the TESTLABEXCH03 is added to the load balancer config,
and given highest priority this is when the Outlook clients stop working.
Any existing profiles in Outlook 2010/Outlook 2013 can no be opened as there is a persistent
credentials prompt.
Upon trying to create a new profile, the process errors when reaching the "Log onto server"
stage and again prompts for credentials.
Running the test-outlookconnectivity cmdlet from
either of the 2010 servers produces the following results.
[PS] C:\Windows\system32>Test-OutlookConnectivity -Protocol:http
ClientAccessServer ServiceEndpoint
Scenario Result Latency
TESTLABEXCH02 autodiscover.external.com Autodiscover:
Web service request. Success 343.20
TESTLABEXCH02 casarray01.testlab.local RpcProxy::VerifyRpcProxy.
Success 0.00
TESTLABEXCH02 casarray01.testlab.local RFRI::GetReferral.
Failure -1.00
TESTLABEXCH02 casarray01.testlab.local NSPI::GetProfileDetails.
Failure -1.00
TESTLABEXCH02 casarray01.testlab.local
Mailbox::Connect. Failure -1.00
TESTLABEXCH02 casarray01.testlab.local
Mailbox::Logon. Skipped -1.00
If remove the 2013 CAS server from the loadbalancer config and
all connections go directly to the 2010 servers again, all of the above tests pass and Outlook connectivity is also restored.
IIS has been reset on all 3 servers incidentally, following any changes made whilst troubleshooting.
I'm struggling to see what I'm missing here, if anyone can assist in troubleshooting this
matter further, or point out any errors in my setup it would be greatly appreciated.
Regards
Matt
Matt -
Exchange 2013 CU3 Can't Access ECP from Office365 Enabled Account
We recently upgraded our Exchange 2013 server to CU3 to fix the OWA redirection error. Unfortunately, we've now noticed that any admin mailboxes that have been 'moved' to Office365 can not access ECP and instead get a redirect warning to OWA.
I had to create a new, onprem admin account to access in the meantime. This is the message I see:
Use the following link to open this mailbox with the best performance:
http://outlook.com/owa/ACME.onmicrosoft.com
X-FEServer: EXCHANGE
Date: 12/3/2013 6:13:23 PM
more detail...
I assume this is due to the fix for OWA redirection? How do I manage Exchange with my 'oncloud' mailbox accounts?Hi,
I think it will be more suitable to ask this question on Exchange Online forum:
http://social.technet.microsoft.com/Forums/msonline/en-US/home?forum=onlineservicesexchange
Thanks,
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Simon Wu
TechNet Community Support -
Exchange 2013 S/MIME with Server 2008 R2
So I am trying to configure S/MIME on my 2013 Exchange server, but the process in which I need to export the rootca is vague and only applies to Server 2012/Windows 8 because of the export-certificate command.
http://technet.microsoft.com/en-us/library/hh848628.aspx
My domain consists of a single DC/CA and member server that hosts Exchange. Both servers are on Server 2008 R2, and I have installed PowerShell v4.0 on my DC to try an export the certificate but it continues to fail with:
export-certificate : The term 'export-certificate' is not recognized as the name of a cmdlet, function, script file,
or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and
try again.
The examples given to set up the export are equally vague:
PS C:\>$cert= (Get-ChildItem -Path cert:\CurrentUser\My\EEDEF61D4FF6EDBAAD538BB08CCAADDC3EE28FF) <--What path is this referencing??If anybody has experience doing this I would greatly appreciate some guidance.MikeI was able to figure out the export portion. I needed to select both of my Root CA's certificates then run through the export wizard and export to .sst was available. Now the problem I'm having is when attempt to import the certs into Exchange
2013.
[PS] C:\>Set-SmimeConfig -SMIMECertificateIssuingCA (Get-Content rootca1.sst -Encoding Byte)
Starting a command on the remote server failed with the following error message : The WinRM client sent a request to the remote WS-Management service and was notified that the request size exceeded the configured MaxEnvelopeSize quota.
For more information, see the about_Remote_Troubleshooting Help topic.
+ CategoryInfo : OperationStopped: (exchange.contoso.com:String) [], PSRemotingTransportExcept
ion
+ FullyQualifiedErrorId : JobFailure
+ PSComputerName : exchange.contoso.com
Maybe you are looking for
-
In OSX 10.8, can I use the same apple id to get updates for iPhoto and iMovie?
Hi, so there are several sites that I work at that have multiple OSX 10.8 devices. I was wondering if there was a way that I can use the same apple ID to update iPhoto or iMovie? Apparently its needed for updates now. Alternatively, is there a way th
-
How do I download new versions of tracks that are already in my Library?
I downloaded about a hundred songs from iTunes between last night and this morning. A number of the tracks do not play to the end of the file, cutting off in the middle instead of playing to the end. I tried making an .mp3 copy of several of them, an
-
EPM 11.1.2.2 Interactive Reporting Email Notifications
The URL we give to our users to access Workspace contains a virtual host record. The URL does not contain the actual hostname of the machine. So rather than http://serverA/workspace/index.jsp, the URL is something like http://interactivereporting/wor
-
Hi! I have some problem with the password control of the sbRIO (NI9605). I have setup an password in web configuration, and I can see it works at the web configuration and FTP. But I have problem with it from teh source code. When I run the above I g
-
ServerManager.exe - This application could not be started. - Windows Server 2012 R2
Hello All, We have a Dell Precision M4800 installed with Windows Server 2012 R2, and we are unable to get the Server Manager working. When we click on ServerManager, the below error occurs, Error Message: ServerManager.exe - This application could no