Exchange 2013 request certificate remain pending after complete

Similar Messages

• Exchange 2013 MSExchange Certificate Notification Error 2001

  I literally have no idea of what to do with this error. I only see it when I restart the our Exchange 2013 Front End server.
  Log Name:      Application
  Source:        MSExchange Certificate Notification
  Date:          9/20/2013 2:28:46 PM
  Event ID:      2001
  Task Category: General
  Level:         Error
  Keywords:      Classic
  User:          N/A
  Computer:      front end server
  Description:
  A transient failure has occurred. The problem may resolve itself. Diagnostic information:
  Microsoft.Exchange.Data.DataSourceOperationException: The request failed. The remote server returned an error: (401) Unauthorized. ---> Microsoft.Exchange.WebServices.Data.ServiceRequestException: The request failed. The remote server returned an error:
  (401) Unauthorized. ---> System.Net.WebException: The remote server returned an error: (401) Unauthorized.
     at System.Net.HttpWebRequest.GetResponse()
     at Microsoft.Exchange.WebServices.Data.EwsHttpWebRequest.Microsoft.Exchange.WebServices.Data.IEwsHttpWebRequest.GetResponse()
     at Microsoft.Exchange.WebServices.Data.ServiceRequestBase.GetEwsHttpWebResponse(IEwsHttpWebRequest request)
     --- End of inner exception stack trace ---
     at Microsoft.Exchange.WebServices.Data.ServiceRequestBase.GetEwsHttpWebResponse(IEwsHttpWebRequest request)
     at Microsoft.Exchange.WebServices.Data.ServiceRequestBase.ValidateAndEmitRequest(IEwsHttpWebRequest& request)
     at Microsoft.Exchange.WebServices.Data.ExchangeService.InternalFindFolders(IEnumerable`1 parentFolderIds, SearchFilter searchFilter, FolderView view, ServiceErrorHandling errorHandlingMode)
     at Microsoft.Exchange.WebServices.Data.ExchangeService.FindFolders(FolderId parentFolderId, SearchFilter searchFilter, FolderView view)
     at Microsoft.Exchange.Data.Storage.Management.EwsStoreDataProvider.InvokeServiceCall[T](Func`1 callback)
     --- End of inner exception stack trace ---
     at Microsoft.Exchange.Data.Storage.Management.EwsStoreDataProvider.InvokeServiceCall[T](Func`1 callback)
     at Microsoft.Exchange.Data.Storage.Management.EwsStoreDataProvider.GetOrCreateFolderCore(String folderName, FolderId parentFolder, Func`1 creator)
     at Microsoft.Exchange.Data.Storage.Management.AsyncOperationNotificationDataProvider.GetDefaultFolder()
     at Microsoft.Exchange.Data.Storage.Management.EwsStoreDataProvider.<>c__DisplayClass1b`1.<InternalFindPaged>b__13()
     at Microsoft.Exchange.Data.Storage.Management.EwsStoreDataProvider.InvokeServiceCall[T](Func`1 callback)
     at Microsoft.Exchange.Data.Storage.Management.EwsStoreDataProvider.<InternalFindPaged>d__21`1.MoveNext()
     at Microsoft.Exchange.Data.Storage.Management.AsyncOperationNotificationDataProvider.<GetNotificationDetails>d__57.MoveNext()
     at System.Linq.Enumerable.WhereEnumerableIterator`1.MoveNext()
     at Microsoft.Exchange.Servicelets.CertificateNotificationServicelet.RemoveAllNotification()
     at Microsoft.Exchange.Servicelets.CertificateNotificationServicelet.UpdateDataInMbx(List`1 certificates)
     at Microsoft.Exchange.Servicelets.CertificateNotificationServicelet.Work()

  We're in the same boat.  This is a production installation, running on Windows Server 2012, that we've been getting that error on for months.  We just updated to CU3 and the error is still there.  It doesn't seem to impact anything as far
  as I can see, so I'm not certain that it matters.
  For what it's worth, we use a single certificate for the IIS,POP,IMAP,SMTP services on all of our CAS servers.  It's issued from our internal CA and has ~13 entries in the SAN for various purposes.  It was issued from a custom template that we
  use for various purposes, so it's possible there's something about the certificate that something somewhere doesn't like.   Unfortunately the error doesn't seem to contain any specifics, so it's difficult to tell what's happening.
  The event immediately after the error is information event 2002:
  A round of expiration check has finished. The next round is scheduled at...
  Also at the same time there is a warning in the system log for Event 6037, LSA (LsaSrv)
  The program w3wp.exe, with the assigned process ID 2804, could not authenticate locally by using the target name HTTP/owa.langslb.domain.com. The target name used is not valid. A target name should refer to one of the local computer names, for example,
  the DNS host name.
   Try a different target name.
  The address is the address used by our hardware load balancer for our CAS servers.  The IP for the name will be one of the CAS.  On reboot, even if the load balancer doesn't have time to detect one of the systems being offline, it would have a
  percentage chance of getting the IP of an already online system. 
  I have the exact same error with Exchange 2013 CU3 CAS servers. can any one explain what is that about? and how to resolve it?

• Exchange 2013 wildcard certificate - problem IMAP POP Because the matter is not a fully qualified domain name

  Hi all, I have an Exchange 2013 SP1, I have installed a third-party SSL certificate and correctly on the server, but when I assign the POP and IMAP services, I see this error
  The certificate with thumbprint XXXXXXXXX and subject '*. Xxxx.yyy' can not be used for POP SSL / TLS connections because the matter is not a fully qualified domain name (FQDN). Use the Set-POPSettings X509CertificateName command to set the FQDN of the service.
  I tried to run this command and restart the POP and IMAP services
  ImapSettings set-ca-server-1-X509CertificateName mail.xxxxx.yyy
  POPSettings set-ca-server-1-X509CertificateName mail.xxxxx.yyy
  But the POP and IMAP services, the certificate is not assigned.
  You know as you can solve
  regards
  Microsoft Certified IT Professional Server Administrator

  Hi,
  Before we go further, I’d like to confirm if you can use POP and IMAP properly.
  If everything goes well, we can safely ignore it:
  http://www.hsuconsulting.com/wildcard-ssl-certificate-exchange-2013-imap-and-pop-error/
  If not, we can try the following commands :
  Set-POPSettings -ExternalConnectionSetting {mail.domain.com:995:SSL}
  Set-ImapSettings -ExternalConnectionSetting {mail.domain.com:993:SSL}
  http://careexchange.in/how-to-enable-and-configure-pop-imap-in-exchange-2013/
  Note: Microsoft is providing the above information as convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information
  found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
  If you have any question, please feel free to let me know.
  Thanks,
  Angela Shi
  TechNet Community Support

• Multiple Exchange 2013 SSL Certificates & Web Services URLs

  I have two Exchange 2013 CU5 Standard servers in a DAG.  Both servers have both the CAS and Mailboxes roles installed.  
  The servers are running Server 2012 Standard.  The DAG uses a file share witness server.  
  The witness server and one Exchange server, which is usually the active server, are on the same subnet in our primary data centre. 
  The second Exchange server is on a different subnet in our backup data centre across town.
  The domain that these servers are in is part of a forest with another domain. 
  That domain is, physically, in another jurisdiction.  The domains share a namespace. 
  All users in both domains have username at name.com as their e-mail address.
  The other domain has two Exchange 2013 servers in a DAG.  It also has one Exchange 2007 server, that is being phased out. 
  All messages that my domain users send to external recipients pass though the Exchange servers in my domain, a firewall for my domain, an Internet connection, a firewall in the other domain, the Exchange servers in the other domain, the firewall for
  the other domain, and then out to the external recipients.  The reverse path is followed for inbound mail from external senders. 
  All ActiveSync traffic for my users passes through the Exchange servers and a proxy server in the other domain. 
  I have a self-signed SAN certificate on the Exchange servers in my domain. 
  That certificate is also deployed on all of the mobile devices that my users have.
  I have been asked to see if I can set things up so that a test user can send and receive e-mail with their mobile device, and have that traffic go from my Exchange servers, through the firewall for my domain, and out to external recipients. 
  Due to a lack of test systems, I have been asked to develop this on my production servers, without disrupting the existing mail flow. 
  Is that possible?  What would need to be done to accomplish this? 
  If the test is possible, and successful, my Exchange servers, and all other relevant systems, would be changed so that all mail traffic from my domain no longer goes through the other domain.

  You could set a test send connector for @outsidedomain.com to use your Exchange servers as source servers, and make sure you have at least one reverse DNS entry (PTR) in place for whatever IP your external firewall presents to the world for the Exchange
  servers. This is critical in order not to have the rest of the world discard your emails (spammers usually fail the reverse DNS name).
  For incoming traffic, you could use a DNS domain that you own and that's not in use currently (eg oldcompany.com belonging to someone your current employer purchased) and have an MX record for this pointing to the public IP address(es) of the published Exchange
  servers.
  However mail routing cannot be done to work one way with mobile devices and another way with Outlook. In this case both ActiveSync and Outlook are simply interfaces to send/receive emails using your common SMTP infrastructure. So once configured for the
  test as above, both ActiveSync, Outlook, OWA, EWS clients will send/receive emails in the same way. In the example above - anyone sending to @outsidedomain.com, regardless it's the users hosted on your Exchange servers or the ones in the other domain, will
  be sent using the new route.

• Exchange 2013 stops receiving external email after about 8 hours

  Hello,
  Just installed 2013 excahnge server 3 days ago. We noticed after the first night that we did not receive any external emails throughout the night.  I could not find anything wrong with receive connectors.  Telnet works internally when this
  happens but NO access from public side testing with telnet.  After I reboot the exchange server everything functions just fine and normal for about 8 hours until it happens again.
  I dont know what to check or look for at this point.  Very new to exchange 2013.  Any kind of advice would be helpful at this time.
  It is not a firewall issue.  Same firewall and set of rules that we use for other/old mail servers.  We only have 1 exchange server that has all roles.
  Lead Pusher

  OK... Did alot of testing and spent some time with Microsoft's support on the phone.
  I believe there is actually two problems going on in this thread.
  1. Exchange 2013 Admins that have changed the default receive connectors are experiencing a conflict on the scope settings. Make sure that none of the receive connectors are using the same ports, and that you have not modified the security settings in anyway
  unless you really know what you are doing.
  If you are unsure of what the settings should be after you have change them, the only suggestion I have right now, (as I have not taken the time to do screen shots or write down all the default settings) is to install Exchange 2013 on a virtual machine and
  look at them, then change back the settings that do not match.
  2. The Malware Agent has a flaw that is causing the the Microsoft Exchange Transport service to endlessly wait on the Malware Agent to process a message that it just can't handle. (Two reboots of the entire server may be needed to clear this, or sometimes
  you can get away with restarting the Microsoft Exchange EdgeSync service.)
  The Microsoft technician had me perform a sequence of steps that highlighted this. To see if this is infact your problem you can perform the following steps.
  A)  Once the Exchange server stops processing messages, figure out the rough time it stopped processing messages.
  B)  Open the event viewer.
  C)  Under "Windows Logs", right click "Application", select "Filter Current Log...", check "Warning" and "Error", then click "OK".
  D) Scroll down the log to the rough time that your Exchange Server stopped processing messages. You are looking for a slew of errors about the same time from "MSExchange Extensibility" (1051), "MSExchange Transport" (9201), "MSExchange
  Transport" (9201), "MSExchange Extensibility" (1056), "MSExchangeTransport" (10003), and "MSExchange Common" (4999).
  It is the "MSExchangeTransport" (10003) that I believe is the real problem. The Microsoft technician agreed. He did not want to spectulate as to exactly what was going on, but it seems to me that since he had me disable the "Malware Agent"
  for now, that it is indeed the problem. 
  E) So.... Open the Exchange Management Console and type "Disable-TransportAgent", followed by enter. It will prompt "Supply values for the following parameters:". Enter "Malware Agent", press enter again. Type "A",
  for yes to all.
  or
  http://technet.microsoft.com/en-us/library/jj150526.aspx"
  F) Go to run, enter "services.msc". On the window that opens, find "Micorosoft Exchange Transport" and restart it.
  I know this is NOT a fix, but a work around that is less than desired as the Malware Agent is a filter to keep unwanted emails out. I highly recommend running some sort of 3rd party spam/Malware filter that has been fully tested to run with Exchange
  2013 if you do this.
  Microsoft is to contact me back once they can figure out why this is happening, and I believe in the end a patch for Exchange 2013 will be produce to correct the problem.
  In the mean time.... don't waste your money on paying Micorosoft for support, as I have already done this.
  For the individuals who say they are not experiencing trouble, I am going to go out on a limb here and say that either you have a 3rd party software program that is filtering the mail before it reaches the Malware Agent, you have disabled the Malware Agent,
  or you are using another mail server to forward email to your Exchange 2013 server. With either of these cases you are much less likely to see this problem.
  One last issue that a few people may be experiencing, is Exchange 2013, running on Server 2012 that is a VM. Several VM setups have a bug with the VM NIC management interface and Windows Server if you are using the same NIC for both. For example Xen
  Server 5.6 and XEN XCP both have this bug. There is an patch for XEN Server 5.6, but so far nothing for Xen XCP.
  I have spent many hours trying to figure my problems with Exchange 2013 and I will not swear that my entire post is correct, but I have gotten very much closer to a stable mail server after much work. If you feel that anything is incorrect, please reply
  back and let me know why, so that we may all benifit.
  P.S. Sorry for the mis-spellings and what not, I am very tired at the moment, and was forced to use explorer, because this site is not liking Chrome at the moment. (Will not let me login)

• Fresh install of Exchange 2013. 500 Internal error after trying to login via ECP

  Hi folks,In the process of migrating someone from their onsite infrastructure to Cloud ( local city's datacentre). They currently have AD/File+ Print (2008R2) with Exchange on same VM (yeah I know and I am fixing this with new move) and Terminal Server (2008R2).Cloud move will have Server 2012 R2 AD/F+P, Exchange 2013 SP1 on Server 2012 R2 and RDS on Server 2012 R2 VM's. Have setup VPN between the onsite infrastructure and Cloud VM's. AD/DC are in sync. Exchange has been installed with both mailbox and CAS roles after doing Schema & Domain prep and Domain updates. Exchange server and AD/DC in Cloud are joined to onsite infrastructure domain. Exchange on cloud is using cloud AD/DC's DNS.
  Cloud AD/DNS can ping onsite AD/PDC fine. Cloud Exchange can ping onsite TS fine but it cannot ping onsite AD/DNS. This is my 2nd issue. Onsite AD/PDC...
  This topic first appeared in the Spiceworks Community

  This is Exchange 2013 Sp1 or CU5 ?
  Cheers,
  Rhoderick
  Microsoft Senior Exchange PFE
  Blog:
  http://blogs.technet.com/rmilne 
  Twitter:   LinkedIn:
    Facebook:
    XING:
  Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

• Exchange 2013 ECP "500 Unexpected Error" after Updates

  Hi *,
  after installing the latest Server 2012 Updates, i get the error "500 Unexpected Error" when i try to Login to the Exchange ECP. There wer no changes to the URL or front-/backend.
  I also tried the Workaround focussed over here: http://social.technet.microsoft.com/Forums/exchange/en-US/777b51ee-330d-43cc-a56e-4614d44aed7b/unable-to-access-owa-or-ecp-something-went-wrong-or-500-unexpected-error?forum=exchangesvrclientsentries but
  there were no entries like CN=Services at the ADSI edit.
  Best Regards
  Max @ Magelan Support

  Hi Max,
  Please double check the port bindings are correct.
  Please try to run lodctr /r and reset IIS as administrator.
  Found a similar thread for your reference:
  Unable to access ECP. -  "500 unexpected error"
  http://social.technet.microsoft.com/Forums/en-US/b4b7c47e-cde4-4c62-8bb1-91a5430d4814/unable-to-access-ecp-500-unexpected-error?forum=exchangesvrclients
  Thanks
  Mavis
  Mavis Huang
  TechNet Community Support

• Exchange 2007 migrate to Exchange 2013

  Dear MS Support,
  I did migrate Exchange 2007 to Exchange 2013
  The install complete, the exchange 2007 and 2013 can work together successful
  DAG has created and work fine
  Below is capture on exchange group after migrate
  The exchange 2007 work fine with outlook anywhere, all the users can connected and send and receive mail in 5 year
  The cerificate enroll with
  Alternative Names: mail.biendongpoc.vn
  The autodiscover on exchange 2007:
  [PS] C:\Windows\system32>Get-ClientAccessServer | ft Identity,*uri* -AutoSize
  Creating a new session for implicit remoting of "Get-ClientAccessServer" command...
  Identity      AutoDiscoverServiceInternalUri
  BDPOC-SERVER1 https://mail.biendongpoc.vn/Autodiscover/Autodiscover.xml
  I have created new certificate for Two exchange 2013
  The certificate enroll with
  Alternative Names: cas.biendongpoc.vn
  I have create cname cas point to dag  on DNS server
  I have create A record autodiscover.biendongpoc.vn point to IP of dag.biendongpoc.vn
  I did migrate mailbox from exchange 2007 to exchange 2013, the migrate successful , the outlook can
  connected to Exchange 2013 and working perfectly
  Our problem, the account exchange 2007 work not stable ,
  sometime it connect to mail.abc.com, sometime it connect to cas.abc.com
  If the outlook connect to cas.biendongpoc.vn, the request put password and i can't connect to exchange 2007, if outlook connect to mail.biendongpoc.vn i can connect
  It is not stable for current exchange 2007
  Anyone who can help me ?
  Thanks

  Hi
  huynhtrongnhatminh,
  I suggest you please go through this article.
  http://blogs.technet.com/b/exchange/archive/2014/03/12/client-connectivity-in-an-exchange-2013-coexistence-environment.aspx
  Please check this for step by step guide.
  http://blogs.technet.com/b/meamcs/archive/2013/07/25/part-1-step-by-step-exchange-2007-to-2013-migration.aspx
  Please point your autodiscover and commonname to Exchange2013 CAS
  Please configure your URLs. There is no CAS array in Exchange2013 but the concept of single name space remains.
  You need to have an A record (e.g. legacy.domain.com) in yout external DNS and add that name (legacy.domain.com) in your certificate for exchange 2007 users to have access externally. 
  Configure your commonname URLs in Exchange2013. Point commonname and autodiscover to exchange2013 in both external and internal DNS servers
  Configure URLshttp://www.mustbegeek.com/configure-external-and-internal-url-in-exchange-2013/
  No CASARRAY in 2013http://exchangeserverpro.com/exchange-2013-client-access-server-high-availability/
  Please configure splitdns or pinpoint DNS in your internal DNS server if not configured
  http://exchange.sembee.mobi/network/split-dns.asp
  Thanks, MAS
  Please mark as helpful if you find my comment helpful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

• Upgrade of Integation Services (Windows 2012 R2) on Windows 2008 R2 with Exchange 2013 SP1 DAG fails

  Here is the scenario:
  Legacy Host: Windows 2008 R2
  Guest VM: Windows 2008 R2 with Exchange 2013 SP1 DAG cluster.
  After importing the VM (2008 R2 and Exchange 2013 DAG) into a 2012 R2 host (Cluster).  (copy VM files to new 2012 R2host) Everything works fine.
  Then upgrading "Installation Services" (for Windows 2012 R2 host) on the imported VM runs fine with no errors to the "Restart" prompt. VM than shows: "Configuring Windows updates 32% complete. Do not turn
  of your computer." Hangs there for about 20 minutes until is says "shutting down". Hangs there for 20 minutes until power off. Restart to normal start; "Preparing to configure Windows. Do not turnoff your computer." proceeds slowly
  to "Configuring Windows updates 32% complete. Do not turn of your computer." hangs there again indefinite. Sometime hangs at shutdown cycle and "Configuring Windows updates 32% complete. Do not turn of your computer." indefinitely.
  I moved 20 other machines from a 2008 R2 host to new Windows 2012 R2 hosts all of these machines install the 2012 R2 Integration services just fine on the 2008 R2 VM. Just the 2008 R2 VMs clustered (DAG) and Exchange 2013 SP1 do not take the Integration
  Services upgrade.
  Any advise from Microsoft? I know I could decommission the DAG and Exchange machines and install Integration services on the native box before Exchange and DAG and that would sure work, but I'd rather avoid that amount of work for a simple integration layer
  upgrade.
  Thanks
  Gerhard Waterkamp ACSLA Inc.

  Hi,
  Could you try use the following method to fix this issue first?
  1. Run the System Update Readiness Tool, then check if there is any error in the Checksur.log and checksur.persist.log.
   1. Please run the System Update Readiness Tool on this affected server. Please download this tool from the following Microsoft article:
   Description of the System Update Readiness Tool for Windows Vista, for Windows Server 2008, and for Windows 7
   http://support.microsoft.com/kb/947821/en-us
  2. The System Update Readiness Tool creates the log files that captures any issues that the tool found or fixed. The log files are located at the following location:
  %SYSTEMROOT%\Logs\CBS\
  3. Please paste the checksur.log here for analysis.
  If there is no error found, please try the following step.
  ==================================
  2. Use Fix it tool to reset the Windows Update components.
   1. Open the following link.
   http://support.microsoft.com/kb/971058/en-nz
   2. Select Windows 8.1, Windows 8 and Windows 7 in the product selection box.
   3. Click “Run Now” to reset the Windows Update components.
  Note: We can reset the Windows Updates manually by following the steps in the KB above.
  3. Use the System File Checker tool to repair missing or corrupted system files
   1. Open the command promote with Administrators.
   2. At the command prompt, type the following command, and then press ENTER:
       sfc /scannow
  Any errors are found in the steps above, please let me know.
  Hope this helpful.
  Best Regards,
  Jason Zeng
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

• Can I find which mailstore an account was in before migration to Exchange 2013?

  I have a user mailbox that was recently moved from Exchange 2007 to Exchange 2013. The user has (after more than 2 weeks) decided to report some of her inbox subfolders are empty when they should contain messages. We have snapshot manager for Exchange
  doing backups of the 2013 databases, and going back to when she was migrated I can not find any messages contained in these folders. The only option I can see is to see if I can run a restore from Exchange 2007. However, as each mailstore is backed up using
  it's own policy I would really need to know which one she was in before migration. Is there any way to trace this using powershell or some hidden tool in Exchange?

  The first thing I would check is to see if she had any PST files (I ran into this issue at a migration I did about a year ago and they didn't tell us about it).  
  If that doesn't help, then you can run:
  Get-MailboxStatistics -Identity user -IncludeMoveHistory | FLThis should give you the database the user was on prior to the move request.
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread

• Exchange 2013 Public Folder Missing in Outlook

  Hello,
  i have succesfully migrated from Exchange 2010 to Exchange 2013.
  Everything was running after i migrated the public folders they disappeared on the Clients after starting Outlook 2013.
  We are able to see the public Folders in OWA but not in Outlook.
  Anybody know this Problem and can help?
  regards
  René

  Hi,
  Based on the description, everything was running after you migrated from Exchange 2010 to Exchange 2013. When you upgraded from Outlook 2010 to Outlook 2013, you couldn't see public folders in Outlook 2013. However, you could see public folders in Outlook
  2010, but you couldn't expand it. OWA worked well.
  If I misunderstood your concern, please feel free to let me know.
  About "No we had migrated to Office 2013 before but tested it now with Outlook 2010.", was the Outlook 2010 client a remaining Outlook 2010 client?
  Did the issue affect all users or some of them?
  Could you please switch between online mode and cached mode to check the result?
  Best regards,
  Belinda
  Belinda Ma
  TechNet Community Support

• Exchange 2013 CU5 fresh install suffering issues with services not starting and coexistence with 2007

  Hi everyone,
  Hope you can help me out on a couple of issues I've been experiencing during the initial stages of a project to upgrade an on premise Exchange 2007 to 2013.
  On Monday last week I installed the first Exchange 2013 server into the network after a few weeks of careful planning, information gathering and remediation of our current Exchange 2007 environment and associated systems.
  The server itself has been having some issues from the word go, some of which I've resolved but none that are show stoppers but I want to get them resolved before building more servers and setting up the planned 2 x 2 node DAG's
  The main problems are as follows:
  There's usually one service that does not start following an OS restart and it's not always the same service. So far I've seen the following not start: DAG Management, Migration Workflow, Anti-spam Update, Unified Messaging, UM Call Router, Transport
  Service.
  The critical system event log entries are complaining of timeouts when the services are starting up but I can't imagine that the servers boot time is too long...  It's a 2 vCPU/12Gb vRAM VM, Windows 2012 R2
  I receive an error in the Event Log regarding RPC over HTTP Proxy
  to one of the 2007 CAS servers (not our primary one). The first error was because the Windows Component was missing but since installing it, disabling Outlook Anywhere, reenabling it, restarting the server, I now have a new error which is shown further down
  this post
  The Exchange 2013 server install is pretty default, CAS/MBX roles and some basic configuration performed such as new DNS entries, Public SSL certs installed and assigned, URL's updates, SCP updated. I have review and resolved some errors from the event logs
  for over chatty warnings about disk space (the warning is that we have loads of space...)
  This is a brief outline of the environment:
  Exchange 2007 SP3 RU13
  UK - Two physical locations in a stretch LAN (100Mb WAN)
  4 x CCR Cluster Mailbox Servers in two separate CCR Clusters
  Cluster 1 - Windows 2003 R2: One physical, one virtual server - don't ask, legacy install and I know the virtual is not a supported configuration.
  Cluster 2 - Windows 2008 R2: Two virtuals - New cluster built following a 4 day failure of Cluster 1. The aim was to move to supported config and decommission cluster 1.
  Note: Migration of Cluster 1 to Cluster 2 was halted as 2013 was so close it seemed pointless to continue the migration and instead migrate both Clusters to 2013 once in production.
  2 x Virtual Windows 2003 R2 - Hub Transport Servers
  2 x Virtual Windows 2003 R2 - Client Access Servers
  1 x Virtual Windows 2003 R2 - Unified Messaging Server
  1 x Virtual Windows 2003 R2 - Edge Transport Server (DMZ)
  US - One physical location
  1 x Physical Windows 2008 R2 - Mailbox, Client Access, Hub Transport Server
  Exchange 2013 CU5
  UK - Installed into same site along side Exchange 2007 servers
  1 x Virtual Windows 2012 R2 - Mailbox, Client Access Server
  Problem 2 Error Message - Please note, server names and domain name changed:
  Log Name:      Application
  Source:        MSExchange Front End HTTP Proxy
  Date:          18/07/2014 10:00:37
  Event ID:      3005
  Task Category: Core
  Level:         Warning
  Keywords:      Classic
  User:          N/A
  Computer:      EXC2013.domain.local
  Description:
  [RpcHttp] Marking ClientAccess 2010 server EXC2007CAS1.domain.local (https://EXC2007CAS1.domain.local/rpc/rpcproxy.dll) as unhealthy due to exception: System.Net.WebException: The underlying connection was closed: The connection was closed unexpectedly.
     at System.Net.HttpWebRequest.GetResponse()
     at Microsoft.Exchange.HttpProxy.ProtocolPingStrategyBase.Ping(Uri url)
  Event Xml:
  <Event xmlns=http://schemas.microsoft.com/win/2004/08/events/event>
    <System>
      <Provider Name="MSExchange Front End HTTP Proxy" />
      <EventID Qualifiers="32768">3005</EventID>
      <Level>3</Level>
      <Task>1</Task>
      <Keywords>0x80000000000000</Keywords>
      <TimeCreated SystemTime="2014-07-18T09:00:37.000000000Z" />
      <EventRecordID>64832</EventRecordID>
      <Channel>Application</Channel>
      <Computer>EXC2013.domain.local</Computer>
      <Security />
    </System>
    <EventData>
      <Data>RpcHttp</Data>
      <Data>EXC2007CAS1.domain.local</Data>
      <Data>https://EXC2007CAS1.domain.local/rpc/rpcproxy.dll</Data>
      <Data>System.Net.WebException: The underlying connection was closed: The connection was closed unexpectedly.
     at System.Net.HttpWebRequest.GetResponse()
     at Microsoft.Exchange.HttpProxy.ProtocolPingStrategyBase.Ping(Uri url)</Data>
    </EventData>
  </Event>

  Hi Off2work,
  I've gone through the article and the Get-OutlookAnywhere commandlet looks fine (especially when compared with our working CAS).
  Having looked through IIS I have spotted two additional misconfigurations with a missing setting to require SSL on the RPC folder and also the .NET version was not set.
  I've now set those to Require SSL and .NET 2.0.5072 however this has made no difference following restarted of both 2007 CAS and 2013 servers.
  I could potentially reinstall the CAS server or additionally decommission it as we have two of them and the other is not causing any errors with the 2013 server. This broken CAS server doesn't even have DNS records (except it's own hostname) or firewall
  rules pointing to it, nor does it have any active client connections if I check with a quick netstat -a
  As for UM, it's next on my list following some client/server connectivity testing so I have not yet assigned the SSL to the services or setup the dial plans, etc.
  The services do start most of the time, but others then don't so it's not a consistent issue with just this service. On my current boot, the DAG Management service failed to start, but again I don't have a DAG implemented yet.
  I will see if UM drops out of that list once I've configured it shortly
  Thanks for taking the time to respond (and that goes to DareDevil too)

• Migrate to Windows 2012 R2 and Exchange 2013 SP1 using database portability

  Hi, I'm planning to migrate from Exchange 2013 SP1 running on Windows 2012 to Exchange 2013 SP1 on Windows 2012 R2.
  Is it possible to use database portability to move the databases from the exchange installation on win 2012 to the new installation on Win 2012 R2? This would save a great deal of time not doing the mailbox moves.
  I've searched similar cases but couldn't find any, all speak about disaster recovery and database portability but I've found no articles that uses the migration scenario.
  Would it be possible to do and if so, what would the steps be? Do I need to delete the database from the source server, move the database files to the new server and mount them and relocate the mailboxes? Or should I dismount the database on the source server,
  move them to the new server and mount them and relocate the mailboxes?
  Frank.

  Hi,
  According to your description, I recommend you consider using DAG to achieve your requirement.
  The following steps for your reference:
  1.Prepare a new server which installed windows 2012 R2 for Exchange 2013 mailbox server.
  2.After you deploy Exchange 2013 Mailbox servers, you can create a DAG, add Mailbox servers to the DAG, and then replicate mailbox databases between the DAG members.
  3.After replication, you can mount all the databases on the new server.
  Hope this helps!
  Thanks.
  Niko Cheng
  TechNet Community Support
  This no way a resolution. This won't work at all as Both OS will be different and you can't form the Cluster.
  Please Unmark it!
  Cheers,
  Gulab Prasad
  Technology Consultant
  Blog:
  http://www.exchangeranger.com    Twitter:
    LinkedIn:
     Check out CodeTwo’s tools for Exchange admins
  Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

• Exchange 2013 wil NOT send email, same problem as every other exchange 2013 user, typical everything.

  I have a brand new dell server 2 netwrok cards. One WAN one LAN connected, each with its respective DNS server added to the card. In OWA the sent email shows in drafts, in outlook it shows in sent items, the user NEVER gets it, internally or externally.
  i get all mail from the internet, exactly as expected no problem, all tests show this is working everything checks out fine, server runs great, full blown domain controller with exchange 2013 added. ONLY problem after the 9th install, is still the same, exchange
  will NOT send email, everything else works perfectly event log looks great. I do see the DNS error where a DNS server on that network card is not responding crap, which is not true, internet works, al pages everything, NO firewall Bare connect while i get
  it to work. I HAVE been over the forums for the last week, tried all done all. i am an MSCE, was an MCSE instructor for 10+ years, Exchange Administrator, Exchange instructor for years, so yea, i am not some newb who has no clue, this DOES NOT WORK. it
  came at the CU1 level right out of the box, so i did not install and break it myself Microsoft is now selling this broken. Where do i go what do i do here. Like i said, every other aspect is in perfect order, Just email not sent, not showing in exchange tracking
  logs, and that DNS error on the event log, and YES i made the send connector, and the 3 setting it asks, not like that could be wrong, i mean seriously you put in very little info, any wrong entry would be obvious to even a child. SO walk me through what is
  going worng, as soon as this server sends an email, i am done building this domain, Please Help here.

   Performing Outbound SMTP Test
    The outbound SMTP test was successful.
   Additional Details
  Elapsed Time: 18739 ms. 
   Test Steps
   Attempting reverse DNS lookup for IP address xxx.xxx.xxx.148.
    The Microsoft Connectivity Analyzer successfully resolved IP address xxx.xxx.xxx.148 via reverse DNS lookup.
   Additional Details
  The Microsoft Connectivity Analyzer resolved IP address xxx.xxx.xxx.148 to host wsip-xxx.xxx.xxx.148.ri.ri.cox.net. 
  Elapsed Time: 187 ms. 
   Performing Real-Time Black Hole List (RBL) Test
    Your IP address wasn't found on any of the block lists selected.
   Additional Details
  Elapsed Time: 18453 ms. 
   Test Steps
   Checking Block List "SpamHaus Block List (SBL)"
    The address isn't on the block list.
   Additional Details
  IP address xxx.xxx.xxx.148 wasn't found on RBL.
  Elapsed Time: 1050 ms. 
   Checking Block List "SpamHaus Exploits Block List (XBL)"
    The address isn't on the block list.
   Additional Details
  IP address xxx.xxx.xxx.148 wasn't found on RBL.
  Elapsed Time: 27 ms. 
   Checking Block List "SpamHaus Policy Block List (PBL)"
    The address isn't on the block list.
   Additional Details
  IP address xxx.xxx.xxx.148 wasn't found on RBL.
  Elapsed Time: 60 ms. 
   Checking Block List "SpamCop Block List"
    The address isn't on the block list.
   Additional Details
  IP address xxx.xxx.xxx.148 wasn't found on RBL.
  Elapsed Time: 90 ms. 
   Checking Block List "NJABL.ORG Block List"
    The address isn't on the block list.
   Additional Details
  IP address xxx.xxx.xxx.148 wasn't found on RBL.
  Elapsed Time: 8161 ms. 
   Checking Block List "SORBS Block List"
    The address isn't on the block list.
   Additional Details
  IP address xxx.xxx.xxx.148 wasn't found on RBL.
  Elapsed Time: 119 ms. 
   Checking Block List "MSRBL Combined Block List"
    The address isn't on the block list.
   Additional Details
  IP address xxx.xxx.xxx.148 wasn't found on RBL.
  Elapsed Time: 61 ms. 
   Checking Block List "UCEPROTECT Level 1 Block List"
    The address isn't on the block list.
   Additional Details
  IP address xxx.xxx.xxx.148 wasn't found on RBL.
  Elapsed Time: 63 ms. 
   Checking Block List "AHBL Block List"
    The address isn't on the block list.
   Additional Details
  IP address xxx.xxx.xxx.148wasn't found on RBL.
  Elapsed Time: 8818 ms. 
   Performing Sender ID validation.
    Sender ID validation was performed successfully.
   Additional Details
  Elapsed Time: 97 ms. 
   Test Steps
   Attempting to find the SPF record using a DNS TEXT record query.
    The Microsoft Connectivity Analyzer wasn't able to find the SPF record.
   Additional Details
  No records were found.
  Elapsed Time: 97 ms. 

• Exchange 2013 EAC will not run with Exchange 2010 CAS\HT servers shut down.

  Hi Folks,
  A little background - We have just migrated all our user mailboxes and public folders to Office 365 using a hybrid configuration. Now that the migration is essentially finished, I'd like to decommission our on-prem Exchange infrastructure and remove the
  hybrid config. We are using dirsync with password sync to replicate our AD to the cloud.
  I've read that even if you remove your hybrid configuration, it's a good idea to keep one on-prem Exchange server around so you can edit Exchange attribs (such as email addresses) in a supported manner, rather than using ASDI edit, etc.
  To this end, I installed a single Exchange 2013 CA\MBX server. After installation, the EAC worked fine, and I was able to view our on-prem users, groups, etc. Last week, I shut down our two Exchange 2010 CAS\HT servers as a test to see if anything broke
  prior to decommissioning them (these were the hybrid servers as well). After doing so, the Exchange 2013 EAC no longer works for some reason, and behaves in a very bizarre fashion. About once every 20 times or so, it will actually start and run. The other
  times, it just has you enter your creds, then generates an HTTP 500 internal server error after entering them. It seems to make no difference if you attempt to access it by the fqdn, hostname, or localhost right on the box itself. Same behavior on Chrome or
  IE.
  Today as a test, I started up one of the 2010 CAS servers and lo and behold, the 2013 EAC ran without difficulty again. Any idea why this might be so? Thanks for any help,
  Ian

  Hi,
  From your description, I recommend you use the following URL to check if you can access EAC. I see it works for several people about this issue.
  https://<Exchange 2013 CAS FQDN>/ecp?ExchClientVer=15
  Hope it helps.
  Best regards,
  Amy Wang
  TechNet Community Support