Exchange 2013 resource forest deployment, auth error with imap/pop3 clients.

Hello Everyone!
We have an issue with pop/imap clients trying to authenticate.
Users log on with credentials from Account Forest, security audit shows a succesful log on and impersonation from process Microsoft.Exchange.Pop3.exe, but fails to login to mailbox.
The following warning appears in the event log:
Log Name:      Application
Source:        MSExchangePOP3
Date:          22/01/2014 11:41:29
Event ID:      2005
Task Category: (1)
Level:         Warning
Keywords:      Classic
User:          N/A
Computer:      exchangeCAS
Description:
User [email protected] wasn't found in Active Directory.
Protocol logs show the same warning.
Seems that Microsoft.Exchange.Pop3.exe process is unable to determine the linked mailbox of the provided credentials.

Thanks for your answer.
We can access this mailbox with any protocol but pop/imap.
Anyway, I think that I found something. 
In an isolated enviroenment, with an Active directory trace (Performance Monitor tool) those are the LDAP querys with some tests:
Trying to log on with an account in the same forest as the mailbox:
User string: resource.forest\administrator\userA_linkedMB
LDAP Query: ( (mailNickname=userA_linkedMB) ( !(msExchCU=*) )  ....
Success, as expected.
Trying to log on with an account in the account forest:
User string: account.forest\userA\userA_linkedMB
LDAP Query: (  (sAMAccountName=userA) ( !  (msExchCU=*) ) ....
First, in this case the query seems incorrect, I expect it filtering by mailNickname and with the third part of the logon string. Of course it fails because there isnt any user with this SAM in the resource forests.
Same test, with resource.forest\userA, sAMAccountName = userA
User string: account.forest\userA
LDAP Query: (  (sAMAccountName=userA) ( !  (msExchCU=*) ) ....
This query returns 1 matching user, but seems that pop3 process checks if its from account.forest (it isn't of course, because query is sent to resource.forest DC) and fails.
I'm not sure, but seems a bug in the POP3/IMAP login code.

Similar Messages

  • Can't move Exchange 2003 mailbox to Exchange 2010 Resource forest (Linked Mailbox)

    Problem Description:
    Can’t move Exchange 2003 mailbox to Exchange 2010 resource forest
    Error message:
    Failed to reconnect to Active Directory server SRVUMVMDC02.umfolozi.local. Make sure the server is available, and that you have used the correct credentials.
    Source Environment Configuration:
    Active Directory
    FQDN: umfolozi.local
    Domain name (pre-Windows 2000): UMFOLOZI
    Domain Function Level: Windows Server 2003
    Domain Controllers:
    Hostname
    OS
    Operation Master
    SRVUMVMDC01.umfolozi.local
    Windows Server 2008 R2 Standard SP1
    Schema Master, Domain Naming, RID, PDC
    SRVUMVMDC01.umfolozi.local
    Windows Server 2008 R2 Standard SP1
    Infrastructure
    Exchange
    Version: Microsoft Exchange 2003 Standard SP2 Build 7638.2
    Server Information:
    Hostname
    OS
    TUSKUMFMAIL.umfolozi.local
    Windows Server 2003 R2 SP2
    DNS Zones
    Zone Name
    Zone Type
    Domain Controllers
    umfolozi.local
    Active Directory-Integrated (Primary)
    SRVUMVMDC01.umfolozi.local
    SRVUMVMDC01.umfolozi.local
    peermont.com
    Secondary
    SRVPGVMDC01.peermont.com
    SRVPGVMDC02.peermont.com
    Trusts
    Domain Name
    Trust Type
    Transitive
    Validated
    peermont.com
    Forest
    Yes
    Yes
    Target Environment Configuration:
    Active Directory
    FQDN: peermont.com
    Domain name (pre-Windows 2000): PG
    Domain Functional Level: Windows Server 2008 R2
    Domain Controllers:
    Hostname
    OS
    Operation Master
    SRVPGVMDC01.peermont.com
    Windows Server 2008 R2 Std SP1
    SRVPGVMDC02.peermont.com
    Windows Server 2008 R2 Std SP1
    Domain naming, RID, PDC, Infrastructure, Schema Master
    Exchange
    Resource Exchange Forest
    Server Information:
    Hostname
    OS
    Role
    Version
    Client Access Array
    SRVPGVMEXCH01.peermont.com
    Windows Server 2012 Std
    HUB, CAS
    Version 14.3 (Build 123.4)
    exchange.peermont.com
    SRVPGVMEXCH02.peermont.com
    Windows Server 2012 Std
    HUB, CAS
    Version 14.3 (Build 123.4)
    exchange.peermont.com
    Hostname
    OS
    Role
    Version
    Database Availibility Group
    SRVPGVMEXCH03.peermont.com
    Windows Server 2012 Std
    MBX
    Version 14.3 (Build 123.4)
    PeermontDAG
    SRVPGVMEXCH04.peermont.com
    Windows Server 2012 Std
    MBX
    Version 14.3 (Build 123.4)
    PeermontDAG
    DNS Zones
    Zone Name
    Zone Type
    Domain Controllers
    peermont.com
    Active Directory-Integrated (Primary)
    SRVPGVMDC01.peermont.com
    SRVPGVMDC02.peermont.com
    umfolozi.local
    Secondary
    SRVUMVMDC01.umfolozi.local
    SRVUMVMDC01.umfolozi.local
    Trusts       
    Domain Name
    Trust Type
    Transitive
    Validated
    umfolozi.local
    Forest
    Yes
    Yes
    Migration Process
    Task
    Description
    Successful/Error
    1
    SYNC AD Domain account from source forest (umfolozi.local) to target forest (peermont.com) using BinaryTree SMART Directory Sync (ADMT can be used as alternative)
    Successful
    2
    Create mailed enabled user
    Successful
    3
    Run Prepare-MoveRepuest with –OverWriteLocalObject
    Command Example:
    .\Prepare-MoveRequest.ps1 -Identity [email protected] -RemoteForestDomainController SRVUMVMDC01.umfolozi.local
    -RemoteForestCredential $RemoteCredentials -UseLocalObject -LocalForestDomainController SRVPGVMDC01.peermont.com -LocalForestCredential $LocalCredentials -OverWriteLocalObject
    Successful
    4
    Submit mailbox request
    Command Example:
    New-MoveRequest -Identity "0fa7d17e-3637-4708-a51b-f14eaae17968" -BadItemLimit "50" -TargetDeliveryDomain
    "internal.peermont.com" -TargetDatabase "{c5d6ea95-07b3-4a52-9868-e41e808a76fe}" -RemoteCredential (Get-Credential "umfolozi\svcmigration") -RemoteGlobalCatalog "SRVUMVMDC02.umfolozi.local" -RemoteLegacy:$True
    Error
    All the standard migration task works as expected until the mailbox migration move request is submitted. See move request verbose detail below:
    [PS] C:\Windows\system32>New-MoveRequest -Identity "0fa7d17e-3637-4708-a51b-f14eaae17968" -BadItemLimit "50" -TargetDeli
    veryDomain "internal.peermont.com" -TargetDatabase "{c5d6ea95-07b3-4a52-9868-e41e808a76fe}" -RemoteCredential (Get-Crede
    ntial "umfolozi\svcmigration") -RemoteGlobalCatalog "SRVUMVMDC02.umfolozi.local" -RemoteLegacy:$True -Verbose
    VERBOSE: [11:34:27.346 GMT] New-MoveRequest : Active Directory session settings for 'New-MoveRequest' are: View Entire
    Forest: 'False', Default Scope: 'peermont.com', Configuration Domain Controller: 'SRVPGVMDC02.peermont.com', Preferred
    Global Catalog: 'SRVPGVMDC02.peermont.com', Preferred Domain Controllers: '{ SRVPGVMDC02.peermont.com }'
    VERBOSE: [11:34:27.362 GMT] New-MoveRequest : Runspace context: Executing user: peermont.com/Admin/Users/Admin
    Accounts/Information Technology/SoarSoft/Johann Van Schalkwyk, Executing user organization: , Current organization: ,
    RBAC-enabled: Enabled.
    VERBOSE: [11:34:27.362 GMT] New-MoveRequest : Beginning processing &
    VERBOSE: [11:34:27.362 GMT] New-MoveRequest : Instantiating handler with index 0 for cmdlet extension agent "Admin
    Audit Log Agent".
    WARNING: When an item can't be read from the source database or it can't be written to the destination database, it
    will be considered corrupted. By specifying a non-zero BadItemLimit, you are requesting that Exchange not copy such
    items to the destination mailbox. At move completion, these corrupted items won't be available in the destination
    mailbox.
    VERBOSE: [11:34:27.362 GMT] New-MoveRequest : Searching objects "{c5d6ea95-07b3-4a52-9868-e41e808a76fe}" of type
    "MailboxDatabase" under the root "$null".
    VERBOSE: [11:34:27.362 GMT] New-MoveRequest : Previous operation run on domain controller 'SRVPGVMDC02.peermont.com'.
    VERBOSE: [11:34:27.393 GMT] New-MoveRequest : Current ScopeSet is: { Recipient Read Scope: {{, }}, Recipient Write
    Scopes: {{, }}, Configuration Read Scope: {{, }}, Configuration Write Scope(s): {{, }, }, Exclusive Recipient Scope(s):
     {}, Exclusive Configuration Scope(s): {} }
    VERBOSE: [11:34:27.393 GMT] New-MoveRequest : Searching objects "0fa7d17e-3637-4708-a51b-f14eaae17968" of type "ADUser"
     under the root "$null".
    VERBOSE: [11:34:27.471 GMT] New-MoveRequest : Previous operation run on domain controller 'SRVPGVMDC02.peermont.com'.
    VERBOSE: [11:34:27.471 GMT] New-MoveRequest : Processing object "$null".
    VERBOSE: [11:34:27.487 GMT] New-MoveRequest : [DEBUG] No RequestJob messages found.
    VERBOSE: [11:34:27.487 GMT] New-MoveRequest : [DEBUG] MDB c5d6ea95-07b3-4a52-9868-e41e808a76fe found to belong to Site:
     peermont.com/Configuration/Sites/Peermont
    VERBOSE: [11:34:27.487 GMT] New-MoveRequest : [DEBUG] MRSClient: attempting to connect to 'SRVPGVMEXCH02.peermont.com'
    VERBOSE: [11:34:27.627 GMT] New-MoveRequest : [DEBUG] MRSClient: connected to 'SRVPGVMEXCH02.peermont.com', version
    14.3.178.0 caps:07
    VERBOSE: [11:34:27.627 GMT] New-MoveRequest : [DEBUG] Loading source mailbox info
    VERBOSE: [11:34:28.844 GMT] New-MoveRequest : Failed to reconnect to Active Directory server
    SRVUMVMDC02.umfolozi.local. Make sure the server is available, and that you have used the correct credentials. --> A
    local error occurred.
    VERBOSE: [11:34:28.844 GMT] New-MoveRequest : Admin Audit Log: Entered Handler:OnComplete.
    Failed to reconnect to Active Directory server SRVUMVMDC02.umfolozi.local. Make sure the server is available, and that
    you have used the correct credentials.
        + CategoryInfo          : NotSpecified: (0:Int32) [New-MoveRequest], RemoteTransientException
        + FullyQualifiedErrorId : F48FD74B,Microsoft.Exchange.Management.RecipientTasks.NewMoveRequest
        + PSComputerName        : srvpgvmexch02.peermont.com
    VERBOSE: [11:34:28.859 GMT] New-MoveRequest : Ending processing &
    Troubleshooting Performed
    1. When submitting mailbox move request tried the following credential inputs:
    1.1. DOMAIN\Username
    1.2. FQDN\Username
    1.3. userPrincipalName
    2. Confirmed domain trust between source and target domain is in place and validated.
    3. Confirmed name resolution in source and target domain is functioning as expected.
    4. Confirmed network connectivity between source and target domain controllers as well as source and target exchange servers.
    5. Tried to create new Linked Mailbox to account in source forest, can’t select Global Catologue via the wizard;
    Tried to specify the credentials for the account forest and got the following error when tried to select Global Catalog from wizard:

    The error talk about the credential. Did you check the credential
    Did you tried this command?
    New-MoveRequest -Identity "Distinguished name of User in Target Forest" -RemoteLegacy -TargetDatabase "E2K10 Mailbox Database Name" -RemoteGlobalCatalog "FQDN of Source DC" -RemoteCredential $Remote -TargetDeliveryDomain "Target
    domain name"
    http://blogs.technet.com/b/exchange/archive/2010/08/10/3410619.aspx
    Cheers,
    Gulab Prasad
    Technology Consultant
    Blog:
    http://www.exchangeranger.com    Twitter:
      LinkedIn:
       Check out CodeTwo’s tools for Exchange admins
    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

  • OU For Lync 2013 Central Forest deployment when using GAL Sync

    Hello,
    We are attempting to set up Lync 2013 in a Central Forest configuration. We have a 2 way forest trust in place. The primary forest being A.com, the secondary forest being B.com. Exchange 2010 is deployed in both forests. Lync 2013 is deployed in forest A.com.
    We currently have FIM 2010 installed, using GAL Sync between both forests. For GAL Sync, we have an OU in Forest A.com active directory called GALSync. There are currently contacts in that OU that correspond with the user accounts in forest b.com. Here's
    my question:
    When configuring FIM MA's for Lync 2013 Central Forest deployment, can I point the LCSCFG.xml file to the SAME GALSync OU we use for  GAL Sync? Will it see the contacts already exist and just update with the necessary attributes needed to provision
    the forest B.com users for Lync? Do I need to create a separate OU for the Lync MA to use? Or, am I going about this in the wrong way?
    Any help you can provide will be greatly appreciated.
    Thank you

    Thanks for the reply Anthony
    Almost right. The only difference is that the remote users will get the autodiscover url and the ews url from their local domain and dns.
    Here is how it is setup:
    Shared public namespace           
    mycompany.com (email address and sip address use this in both domains)
    Central Forest (mycompany.com)
    Lync 2013
    Exchange 2013
    Autodiscover url              
    autosdiscover.mycompany.com/autodiscover/autodiscover.xml             
    192.168.10.10
    EWS Url                               
    https://mail.mycompany.com/EWS/Exchange.asmx                      
    192.168.10.11
    Remote Forest (Fabrikam.com)
    Lync 2010
    Exchange 2010
    Autodiscover url              
    autosdiscover.mycompany/autodiscover/autodiscover.xml       
    192.168.11.23
    EWS Url                               
    https://mail.mycompany.com/EWS/Exchange.asmx                      
    192.168.11.24
    User in Fabrikam login locally with their Fabrikam credentials. They have a Lync enabled contact in mycompany. There is a 2 way trust in place. They login to mycompany Lync fine.
    When they do the autodiscover DNS lookup, they return the same autodiscover and EWS url, but they point to the local Exchange 2010 since their mailbox and user account still resides there and that is the system that the Fabrikam account has access to.
    Autodiscover works fine for Outlook.
    I will take a look at Fiddler

  • Seemingly successful install of Exchange 2013 SP1 turns into many errors in event logs after upgrade to CU7

    I have a new Exchange 2013 server with plans to migrate from my current Exchange 2007 Server. 
    I installed Exchange 2013 SP1 and the only errors I saw in the event log seemed to be long standing known issues that did not indicate an actual problem (based on what I read online). 
    I updated to CU7 and now lots of errors have appeared (although the old ones seem to have been fixed so I have that going for me). 
    Currently the Exchange 2013 server is not in use and clients are still hitting the 2007 server.
    Issue 1)
    After each reboot I get a Kernel-EventTracing 2 error.  I cannot find anything on this on the internet so I have no idea what it is.
    Session "FastDocTracingSession" failed to start with the following error: 0xC0000035
    I did read other accounts of this error with a different name in the quotes but still can’t tell what this is or where it is coming from.
    Issue 2)
    I am still getting 5 MSExchange Common 106 errors even after reregistering all of the perf counters per this page:
    https://support.microsoft.com/kb/2870416?wa=wsignin1.0
    One of the perf counters fails to register using the script from the link above.
    66 C:\Program Files\Microsoft\Exchange Server\V15\Setup\Perf\InfoWorkerMultiMailboxSearchPerformanceCounters.xml
    New-PerfCounters : The performance counter definition file is invalid.
    At C:\Users\administrator.<my domain>\Downloads\script\ReloadPerfCounters.ps1:19 char:4
    +    New-PerfCounters -DefinitionFileName $f
    +    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo         
    : InvalidData: (:) [New-PerfCounters], TaskException
        + FullyQualifiedErrorId : [Server=VALIS,RequestId=71b6bcde-d73e-4c14-9a32-03f06e3b2607,TimeStamp=12/18/2014 10:09:
       12 PM] [FailureCategory=Cmdlet-TaskException] 33EBD286,Microsoft.Exchange.Management.Tasks.NewPerfCounters
    But that one seems unrelated to the ones that still throw errors. 
    Three of the remaining five errors are (the forum is removing my spacing between the error text so it looks like a wall of text - sorry):
    Performance counter updating error. Counter name is Count Matched LowFidelity FingerPrint, but missed HighFidelity FingerPrint, category name is MSExchange Anti-Malware Datacenter Perfcounters. Optional code: 3. Exception: The
    exception thrown is : System.InvalidOperationException: The requested Performance Counter is not a custom counter, it has to be initialized as ReadOnly.
       at System.Diagnostics.PerformanceCounter.InitializeImpl()
       at System.Diagnostics.PerformanceCounter.set_RawValue(Int64 value)
       at Microsoft.Exchange.Diagnostics.ExPerformanceCounter.set_RawValue(Int64 value)
    Last worker process info : System.ArgumentException: Process with an Id of 7384 is not running.
       at System.Diagnostics.Process.GetProcessById(Int32 processId)
       at Microsoft.Exchange.Diagnostics.ExPerformanceCounter.GetLastWorkerProcessInfo()
    Performance counter updating error. Counter name is Number of items, item is matched with finger printing cache, category name is MSExchange Anti-Malware Datacenter Perfcounters. Optional code: 3. Exception: The exception thrown
    is : System.InvalidOperationException: The requested Performance Counter is not a custom counter, it has to be initialized as ReadOnly.
       at System.Diagnostics.PerformanceCounter.InitializeImpl()
       at System.Diagnostics.PerformanceCounter.set_RawValue(Int64 value)
       at Microsoft.Exchange.Diagnostics.ExPerformanceCounter.set_RawValue(Int64 value)
    Last worker process info : System.ArgumentException: Process with an Id of 7384 is not running.
       at System.Diagnostics.Process.GetProcessById(Int32 processId)
       at Microsoft.Exchange.Diagnostics.ExPerformanceCounter.GetLastWorkerProcessInfo()
    Performance counter updating error. Counter name is Number of items in Malware Fingerprint cache, category name is MSExchange Anti-Malware Datacenter Perfcounters. Optional code: 3. Exception: The exception thrown is : System.InvalidOperationException:
    The requested Performance Counter is not a custom counter, it has to be initialized as ReadOnly.
       at System.Diagnostics.PerformanceCounter.InitializeImpl()
       at System.Diagnostics.PerformanceCounter.set_RawValue(Int64 value)
       at Microsoft.Exchange.Diagnostics.ExPerformanceCounter.set_RawValue(Int64 value)
    Last worker process info : System.ArgumentException: Process with an Id of 7384 is not running.
       at System.Diagnostics.Process.GetProcessById(Int32 processId)
       at Microsoft.Exchange.Diagnostics.ExPerformanceCounter.GetLastWorkerProcessInfo()
    Issue 3)
    I appear to have some issues related to the healthmailboxes. 
    I get MSExchangeTransport 1025 errors for multiple healthmailboxes.
    SMTP rejected a (P1) mail from 'HealthMailbox23b10b91745648819139ee691dc97eb6@<my domain>.local' with 'Client Proxy <my server>' connector and the user authenticated as 'HealthMailbox23b10b91745648819139ee691dc97eb6'. The Active Directory
    lookup for the sender address returned validation errors. Microsoft.Exchange.Data.ProviderError
    I reran setup /prepareAD to try and remedy this but I am still getting some.
    Issue 4)
    I am getting an MSExchange RBAC 74 error. 
    (Process w3wp.exe, PID 984) Connection leak detected for key <my domain>.local/Admins/Administrator in Microsoft.Exchange.Configuration.Authorization.WSManBudgetManager class. Leaked Value 1.
    Issue 5)
    I am getting MSExchange Assistants 9042 warnings on both databases.
    Service MSExchangeMailboxAssistants. Probe Time Based Assistant for database Database02 (c83dbd91-7cc4-4412-912e-1b87ca6eb0ab) is exiting a work cycle. No mailboxes were successfully processed. 2 mailboxes were skipped due to errors. 0 mailboxes were
    skipped due to failure to open a store session. 0 mailboxes were retried. There are 0 mailboxes in this database remaining to be processed.
    Some research suggested this may be related to deleted mailboxes however I have never had any actual user mailboxes on this server. 
    If they are healthmailboxes or arbitration mailboxes that might make sense but I am unsure of what to do on this.
    Issue 6)
    At boot I am getting an MSExchange ActiveSync warning 1033
    The setting SupportedIPMTypes in the Web.Config file was missing. 
    Using default value of System.Collections.Generic.List`1[System.String].
    I don't know why but this forum is removing some of my spacing that would make parts of this easier to read.

    Hi Eric
    Yes I have uninstalled and reinstalled Exchange 2013 CU7 for the 3<sup>rd</sup> time. 
    I realize you said one issue per forum thread but since I already started this thread with many issues I will at least post what I have discovered on them in case someone finds their way here from a web search.
    I have an existing Exchange 2007 server in the environment so I am unable to create email address policies that are defined by “recipient container”. 
    If I try and do so I get “You can't specify the recipient container because legacy servers are detected.”
     So I cannot create a normal email address policy and restrict it to an OU without resorting to some fancy filtering. 
    Instead what I have done is use PS to modify extensionAttribute1 (otherwise known as Custom Attribute 1 to exchange) for all of my users. 
    I then applied an address policy to them and gave it the highest priority. 
    Then I set a default email address policy for the entire organization. 
    After reinstalling Exchange all of my system mailboxes were created with the internal domain name. 
    So issue number 3 above has not come up. 
    For issue number one above I have created a new thread:
    https://social.technet.microsoft.com/Forums/office/en-US/7eb12b89-ae9b-46b2-bd34-e50cd52a4c15/microsoftwindowskerneleventtracing-error-2-happens-twice-at-boot-ex2013cu7?forum=exchangesvrdeploy
    For issue number four I have posted to this existing thread where there is so far no resolution:
    https://social.technet.microsoft.com/Forums/exchange/en-US/2343730c-7303-4067-ae1a-b106cffc3583/exchange-error-id-74-connection-leak-detected-for-key?forum=exchangesvradmin
    Issue number Five I have managed to recreate and get rid of in more than one way. 
    If I create a new database in ECP and set the database and log paths where I want, then this error will appear. 
    If I create the database in the default location and then use EMS to move it and set the log path, then the error will not appear. 
    The error will also appear (along with other errors) if I delete the health mailboxes and let them get recreated by restarting the server or the Health Manager service. 
    If I then go and set the retention period for deleted mailboxes to 0 days and wait a little while, these will all go away. 
    So my off hand guess is that these are caused by orphaned system mailboxes.
    For issue number six I have posted to this existing thread where there is so far no resolution:
    https://social.technet.microsoft.com/Forums/exchange/en-US/dff62411-fad8-4d0c-9bdb-037374644845/event-1033-msexchangeactivesync-warning?forum=exchangesvrmobility
    So for the remainder of this thread we can try and tackle issue number two which is the perf counters. 
    The exact same 5 perf counter were coming up and this had been true each time I have uninstalled and reinstalled Exchange 2013CU7. 
    Actually to be more accurate a LOT of perf counter errors come up after the initial install, but reloading the perf counters using the script I posted above reduces it to the same five. 
    Using all of your suggestions so far has not removed these 5 remaining errors either.  Since there is no discernible impact other than these errors at boot I am not seriously bothered by them but as will all event log errors, I would prefer
    to make them go away if possible.

  • Deployment Manager Error with Oracle Weblogic Server 10.3.1

    I have installed Identity Manager 9.1.0.2 (patch upgraded from 9.1.0.1) on OEL 5.3 64bit and Weblogic 10.3.1
    Database:Oracle 11gR2 (remote machine).
    **I am aware that IM 9.1.0.2 is not certified on Weblogic 10.3.1 (it is only certified on 10.3),
    The installation was successful and OIManager is up and running. Able to create Users, Resources etc. as well.
    As part of configuring OIM Connectors tried to Import .xml file using Import option from Deployment Management section as below and the following error was displayed.
    "Either your session timed out or you are trying to access a page without logging in".
    Did all workarounds like enabling java, changing browsers, restarting machine etc as per the below discussion but in vain.
    Deployment Manager Error with Oracle Weblogic Server
    Can any one suggest any workaround or solution for this problem.
    Or atleast can any one confirm there is no Identity manager available on this date which is compatible with 10.3.1? and cannot be continued further.
    Thanks in Advance
    Sudheer
    Edited by: SudheerPrabhala on Oct 20, 2009 1:26 AM

    You are facing this issue because you're using a non certified combination.
    Other folks who tried to use OIM in 10.3.1 ended up in the same problem you're facing.

  • Exchange 2013 CU5 - Outlook Web Access - Error 9646 with HTTP - No error with HTTPS

    Hello everyone
    i have a strange issue which i actually do not have an idea about what is going wrong.
    - Exchange 2013 CU5
    - SSL Offloading enabled - Virtual directories configured accordingly
    When a user logs in to OWA via HTTP - after a while he sees the inbox but does not see any mail details.
    He only sees "Error: Your request can't be completed right now. Please try again later."
    After a while i also get an eventlog "9646" with too many open OWA sessions for that user.
    Regardless which limit i set in the registry for this - the error does come back - even with 512 sessions allowed.
    Working with HTTPS instead of HTTP then EVERYTHING works fine ... ?
    Any idea on this?
    Actually i am totally lost ...
    Best regards
    Jörg
    Ihr zertifizierter VMware Partner Enterprise Solution Provider, IBM Advanced Partner, Datacore Partner, Microsoft Silver Partner / Solution Provider und Microsoft Small Business Partner. HEGO Informationstechnologie GmbH Telegrafenstrasse 8 D 42929 Wermelskirchen
    Geschäftsführer: Jörg Hermanns, Ralf Gogolin Amtsgericht Köln HRB 36509 Fon: +49 (0) 21 96 / 8 82 97 - 0 Fax: +49 (0) 21 96 / 8 82 97 - 23 Web: www.hego-it.com

    Hi,
    Please confirm if the following features are added in your server manager:
    •.NET framework 4.5 -> WCF Services -> HTTP Activation
    •Windows process activation service -> Process model
    •Windows process activation service -> Configuration APIs
    If not, please add these features. Then ran IISReset \noforce from a Command Prompt window to restart IIS service. Also recycle Application Pools in IIS manager.
    For more information about the IIS Prerequisites for Exchange 2013, please check the windows feature listed in the following article:
    http://technet.microsoft.com/en-us/library/bb691354(v=exchg.150).aspx
    Regards,
    Winnie Liang
    TechNet Community Support

  • Exchange 2013 sp1 smtp NTLM auth for child domain users

    i have exchange organization with exchange 2007 sp 3 & exchange 2013 sp1.
    there are  all users in Exchange 2013 server (mail flow is through Exchange 2013 server)
    i have single forest, 2 site (site1, site2), root domain root.local and 1 child domain ch.root.local
    DC  for child domain is located in site2 (dc.ch.root.local)
    multirole exchange 2013 server is installed in root domain.
    i am traing to configure smtp receive connector with NTLM auth and have one problem.
    when user in child domain try send email through this receive connector i see in log
    <,AUTH NTLM,
    >,334 <authentication response>,
    *,SMTPSubmit SMTPAcceptAnyRecipient BypassAntiSpam AcceptRoutingHeaders,Set Session Permissions
    *,CH\user1,authenticated
    *,,Setting up client proxy session failed with error: 535 5.7.3 Unable to proxy authenticated session because either the backend does not support it or failed to resolve the user
    *,,"Setting up client proxy session failed with error: 451 4.4.0 Primary target IP address responded with: ""535 5.7.3 Unable to proxy authenticated session because either
    the backend does not support it or failed to resolve the user."" Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts. The last endpoint attempted was 192.168.1.15:465"
    but authentication is succesfull for users from root domain.
    why do it can be?
    Thanks.

    thanks for link
    at smtp receive logs (Hub transport role) i've found the  next:
    Client Proxy EXMAIL2013,08D134DAF6CE1C51,49,192.168.1.15:465,
    *,NT AUTHORITY\SYSTEM,authenticated
    >,235 <authentication response>,
    <,XPROXY SID=08D130D354F520D1 IP=192.168.1.21 PORT=57085 DOMAIN=[192.168.1.21] CAPABILITIES=0 SECID=Uy0xxx...
    *,,Error while looking up SamAccountName chuser: The user name or password is incorrect.\r\n
    *,None,Set Session Permissions
    >,250 XProxy accepted but user identity could not be obtained,

  • Exchange 2013 2 Node Multi role Servers with DAG issues connecting OWA users

    Hi
    I am on a job at the moment whereby I have 2 exchange 2013 multi role servers. Both are CAS and Mailbox servers. I have 2 databases, 1 called MBXDB01 and the other MBXDB02. MBXDBX01 is on Server 1 and 02 on Server 2.
    I have created a DAG and included both databases. Active copy of MBXDB01 is on Server 1 and MBXDB02 on Server 2
    I have configured the external and internal URLS of all virtual directories on both servers to be the same publically accessible FQDN. I have assigned the trusted cert to IIS and all other services on both servers. I have modified internal split brain DNS
    to point the FQDN used to both Server 1 and Server 2 IP addresses with a TTL of 30 seconds. And also for autodiscover.
    All test exchange connectivity comes back green and good from external and from outlook Test-Autoconfiguration autodiscover information is displayed correctly.
    The problem I am having is that when a user access the FQDN from a web browser i.e owa.domain.com/owa they get the login screen. This could be from either server 1 or 2 depending on DNS round robin. In this example lets say the user is accessing OWA on SERVER
    1 and their mailbox lives on SERVER 2.
    In this scenario when they login they get a page :( OOps Something Went Wrong and the exception is this
    A problem occurred while you were trying to use your mailbox.
    X-OWA-Error: Microsoft.Exchange.Data.Storage.UserHasNoMailboxException
    X-OWA-Version: 15.0.847.32
    X-FEServer: SERVER1
    X-BEServer: SERVER2
    The URL provides a little more info
    /auth/errorfe.aspx?httpCode=500&msg=861904327&owaError=Microsoft.Exchange.Data.Storage.UserHasNoMailboxException&owaVer=15.0.847.32&be=SERVER2&ts=130398071193518373
    However, if the user accesses OWA via the private FQDN of SERVER 2 i.e https://SERVER2/owa they are able to access their mailbox.
    It is driving me nuts.
    Has anyone got any suggestions? I am tearing my hair out here
    Thanks
    One very frustrated field engineer :)

    Hi,
    To narrow down the cause, I recommend the following troubleshooting:
    1. Please double check the DNS entries about the host name used in the OWA URL.
    2. Add A record that the host name used in the OWA URL points to server 2 IP address  in a user local host file. Then try to login OWA again.
    3. Check your event log and find if there is any error about OWA.
    If you have any question, please feel free to let me know.
    Thanks,
    Angela Shi
    TechNet Community Support

  • Exchange 2010 Resource Forest - Autodiscover

    Environment:
    Account Forest (No Exchange server installed)
    Resource Forest (Exchange 2010 SP3)
    I understand that a SCP record can be created in the account forest using the following command:  Export-AutoDiscoverConfig -DomainController <FQDN> -TargetForestDomainController <String> -TargetForestCredential $a -MultipleExchangeDeployments
    $true
    Questions:
    1.  Do I need to prep the schema in the Account Forest to create the relevant Exchange configuration before running Export-AutoDiscoverConfig?
    2.  Is the switch MultipleExchangeDeployments $true needed?  Technet states that it's only needed if both forests contain Exchange but also states it's needed for
    multiple accepted email domains? (which we do have) 
    http://technet.microsoft.com/en-us/library/aa998832(v=exchg.141).aspx3. 
    3. Can this change be backed out.  i.e. can the SCP record be removed by using ADSI edit.
    Thanks in advance

    Hi,
    Here are my answers you can refer to:
    1. It depends.
    If Exchange deployment has two or more trusted forests, you must update Active Directory so that Outlook users in one forest can access the CAS servers in the remote (or target) forest to use the Autodiscover service. To do this, we must extend the schema in
    the user forest by running Exchange 2010 Setup with the /PrepareAD or /PrepareSchema switch, and then run the Export-AutodiscoverConfig cmdlet in the resource forest that contains the Client Access servers that provide the Autodiscover service against the
    target forests.
    If you do not want to extend the schema in the user forest, you can update DNS in the user forest with a host record that points to the internal IP address of the Client Access server in the resource forest where Autodiscover is hosted.
    For more information, you can refer to the following article:
    http://www.testlabs.se/blog/2010/11/06/configuring-the-autodiscover-service-for-multiple-forests/
    Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make
    sure that you completely understand the risk before retrieving any suggestions from the above link.
    2. It doesn’t need in your environment.
    When the parameter MultipleExchangeDeployments is set to TRUE you will tell the forests that you have multiple Exchange forests. The parameter will also export the accepted domains which are defined in the Exchange environment.
    3. SCP record can be removed by using ADSI edit:
    On your account domain, open adsiedit.msc, locate the SCP records in 
    CN=Autodiscover,CN=Protocols,CN=<CAS_SERVER>,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=<ORG>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=domain,DC=com
    For more information, you can refer to the following thread:
    http://social.technet.microsoft.com/Forums/exchange/en-US/a06686ec-f1dc-4738-b4c5-76c41088e145/configuring-autodiscover-in-resource-forest?forum=exchangesvrdeploylegacy
    If you have any question, please feel free to let me know.
    Thanks,
    Angela Shi
    TechNet Community Support

  • Exchange 2013 EMS throwing Access Denied error and Toolbox giving MMC error

    Hi,
    I am getting a very strange problem with an Exchange 2013 server deployed at a customer's site. After some hours of usage, EMS or Toolbox will not open and will throw below errors. However, if I restart the server, everything works fine for some hours before
    the error start coming again. This does not affect mail flow or ECP but, I wonder if something is going wrong in the background and may cause a severe failure in future.
    I tried hard but could not find the source of the problem.
    EMS error:
    VERBOSE: Connecting to CARISSA.skc.mru.
    New-PSSession : [carissa.skc.mru] Connecting to remote server carissa.skc.mru failed with the following error message
    : Access is denied. For more information, see the about_Remote_Troubleshooting Help topic.
    At line:1 char:1
    + New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Microsoft.Excha ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
       gTransportException
        + FullyQualifiedErrorId : AccessDenied,PSSessionOpenFailed
    VERBOSE: Connecting to CARISSA.skc.mru.
    New-PSSession : [carissa.skc.mru] Connecting to remote server carissa.skc.mru failed with the following error message
    : Access is denied. For more information, see the about_Remote_Troubleshooting Help topic.
    At line:1 char:1
    + New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Microsoft.Excha ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
       gTransportException
        + FullyQualifiedErrorId : AccessDenied,PSSessionOpenFailed
    VERBOSE: Connecting to CARISSA.skc.mru.
    New-PSSession : [carissa.skc.mru] Connecting to remote server carissa.skc.mru failed with the following error message
    : Access is denied. For more information, see the about_Remote_Troubleshooting Help topic.
    At line:1 char:1
    + New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Microsoft.Excha ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
       gTransportException
        + FullyQualifiedErrorId : AccessDenied,PSSessionOpenFailed
    VERBOSE: Connecting to CARISSA.skc.mru.
    New-PSSession : [carissa.skc.mru] Connecting to remote server carissa.skc.mru failed with the following error message
    : Access is denied. For more information, see the about_Remote_Troubleshooting Help topic.
    At line:1 char:1
    + New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Microsoft.Excha ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
       gTransportException
        + FullyQualifiedErrorId : AccessDenied,PSSessionOpenFailed
    VERBOSE: Connecting to CARISSA.skc.mru.
    New-PSSession : [carissa.skc.mru] Connecting to remote server carissa.skc.mru failed with the following error message
    : Access is denied. For more information, see the about_Remote_Troubleshooting Help topic.
    At line:1 char:1
    + New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Microsoft.Excha ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
       gTransportException
        + FullyQualifiedErrorId : AccessDenied,PSSessionOpenFailed
    Failed to connect to an Exchange server in the current site.
    Enter the server FQDN where you want to connect.:
    Hope someone has a solution to this.
    Pramod

    Hi 
    It can be possibly a WIN RM Issue. Run
    winrm quickconfig and see whether u are able to connect
    If you are unable to connect then Try reinstalling the WinRM
    Import-Module ServerManager
    Remove-WindowsFeatureWinRM-IIS-Ext
    Add-WindowsFeatureWinRM-IIS-Ext
    Also check if you have a certificate assigned to the Default Web Site - HTTPS Binding/Port 443, and Exchange
    Back End web site - HTTPS binding/Port 444
    Remember to mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you Check out my latest blog posts on http://exchangequery.com Thanks Sathish
    (MVP)

  • Exchange 2013 - Some messages net being delivered with shared SMTP Address Space

    Hi
    I am having a problem with some internal messages intermittently not being delivered. When I go to the Exchange ECP -->Mail Flow -->Delivery Reports I can see the following error with the message:
    Submitted
    2013-03-07 11:36 AM EXCHANGE
    The message was submitted to exchange.******.local.
    Pending
    2013-03-07 11:36 AM exchange.******.local
    Message was received by exchange.******.local from Exchange.******.local.
    Failed
    2013-03-07 11:36 AM exchange.********.local
    The domain name in the email address is incorrect. Check the address.
    554 5.4.4 SMTPSEND.DNS.NonExistentDomain; nonexistent domain
    However, usually just waiting a few minutes and then sending to the same recipient, the message will be delivered:
    Submitted
    2013-03-07 11:41 AM EXCHANGE
    The message was submitted to exchange.******.local.
    Pending
    2013-03-07 11:41 AM exchange.******.local
    Message was received by exchange.******.local from Exchange.******.local.
    2013-03-07 11:41 AM exchange.******.local
    The message has been transferred from exchange.******.local to Exchange.******.local.
    Delivered
    2013-03-07 11:41 AM exchange.******.local
    The message was successfully delivered.
    I have setup an Accepted Domain as Internal Relay, with a Send Connector to deliver any mails if the user is not found in Exchange server.

    Hi All
    I had this issue as well.
    Here is the solution i used to fix this once for all:
    My Environment:
    AD server with private and public NICs
    Exchange Server with Private and Public NICs
    Used a dummy domain (Not owned by me) (ex: corp.com) on Private Network.
    Created accepted domains for the domains that i own on exchange server.
    Issue Cause:
    When an external user (Gmail, hotmail.. etc) sends an email to my accepted domain, as the MX record is pointed to my exchange server on the public IP, the mail flows till my exchange server. Now the transport service on the CAS, hand's over the email to
    Transport Service on the Mail box server. There it goes to the categorizer. Here the DNS look up happens and the next SMTP send service will either hand over the mail to the Mail box or send a Non delivery report stating that a mail box, domain name is not
    found with in itself. 
    The issue here is caused by our private DNS where it fails to resolve the internal dummy domain that i used because the resources on the DNS server was completely utilized my memory ballooning in VMware. Ignore the ballooning thing if you do not understand.
    Resolution:
    I created an entry in the C:\Windows\System32\Drivers\etc\hosts file of the exchange server as below:
    mail01.corp.com 192.168.80.132 .i.e., <host name of the exchange server>.<domain prefix>.<domain suffix> <Private IP address of the exchange server>
    I change the secondary DNS on the Private NIC of the exchange server to itself .i.e., 192.168.80.132 and forced it look within itself when the primary DNS does not respond at times.
    Now my exchange server is absolutely stable. It worked for me ! 
    Hope this post helps you fix the issue or at least help you think a bit ahead.
    To understand more about your scenario, i would suggest you look up the logs at C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs (if you have not changed the default drectory while instalation) and Frontend Connectivity logs and Mailbox
    connectivity logs. I am sure those logs will help you understand whats going wrong behind the scenes.

  • Creation of a second Exchange 2013 server on a different site (with the roles of MBX and CAS) fails on prepare active directory and prepare schema.

    Hello everyone
    I have a network infrastructure  consisting of 3 sites, site A, site B, and site C. i have 2 domain controllers on every site, and the AD roles are on the primary domain controller on site A. On site A I have an Exchange 2013sp1 CU6.
    I want to create a second Exchange on Site B, with the roles of mailbox (the exchange on Site A will be first DAG member and the Exchange on Site B will be the second member of the DAG) and CAS.
    First question: Is my  thought correct about installaing on the same server mailbox and CAS server?
    Second question: how many DAG witnesses I need for the DAG? One per site, or one in general (for example located on site A)
    Third question: When I am trying to perform “Setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms”  I receive the error
    “ Setup encountered a problem while validating the state of Active Directory:
     The Active Directory schema version (15303) is higher than Setup's version (15292). Therefore, PrepareSchema can't be executed.  See the Exchange setup log for more information on this error. For more information, visit:
    http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.AdInitErrorRule.aspx “
    I tried  to run the PrepareSchema from  the ISO of Exchange 2013 SP1 and form the extracted content of Exchange 2013SP1 CU6 archive, but still receive the same error. Any ideas?
    Thanks in advance.

    Thank you for your answer,
    I have tried to run "Setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms”  from
    Exchange 2013 CU6 media, but I still receive  the error:
    The Active Directory schema version (15303) is higher than Setup's version (15292). Therefore, PrepareSchema
    can't be executed.  See the Exchange setup log for more information on this error. For more information, visit:http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.AdInitErrorRule.aspx “
    any ideas?

  • Exchange 2013 CU5 fresh install suffering issues with services not starting and coexistence with 2007

    Hi everyone,
    Hope you can help me out on a couple of issues I've been experiencing during the initial stages of a project to upgrade an on premise Exchange 2007 to 2013.
    On Monday last week I installed the first Exchange 2013 server into the network after a few weeks of careful planning, information gathering and remediation of our current Exchange 2007 environment and associated systems.
    The server itself has been having some issues from the word go, some of which I've resolved but none that are show stoppers but I want to get them resolved before building more servers and setting up the planned 2 x 2 node DAG's
    The main problems are as follows:
    There's usually one service that does not start following an OS restart and it's not always the same service. So far I've seen the following not start: DAG Management, Migration Workflow, Anti-spam Update, Unified Messaging, UM Call Router, Transport
    Service.
    The critical system event log entries are complaining of timeouts when the services are starting up but I can't imagine that the servers boot time is too long...  It's a 2 vCPU/12Gb vRAM VM, Windows 2012 R2
    I receive an error in the Event Log regarding RPC over HTTP Proxy
    to one of the 2007 CAS servers (not our primary one). The first error was because the Windows Component was missing but since installing it, disabling Outlook Anywhere, reenabling it, restarting the server, I now have a new error which is shown further down
    this post
    The Exchange 2013 server install is pretty default, CAS/MBX roles and some basic configuration performed such as new DNS entries, Public SSL certs installed and assigned, URL's updates, SCP updated. I have review and resolved some errors from the event logs
    for over chatty warnings about disk space (the warning is that we have loads of space...)
    This is a brief outline of the environment:
    Exchange 2007 SP3 RU13
    UK - Two physical locations in a stretch LAN (100Mb WAN)
    4 x CCR Cluster Mailbox Servers in two separate CCR Clusters
    Cluster 1 - Windows 2003 R2: One physical, one virtual server - don't ask, legacy install and I know the virtual is not a supported configuration.
    Cluster 2 - Windows 2008 R2: Two virtuals - New cluster built following a 4 day failure of Cluster 1. The aim was to move to supported config and decommission cluster 1.
    Note: Migration of Cluster 1 to Cluster 2 was halted as 2013 was so close it seemed pointless to continue the migration and instead migrate both Clusters to 2013 once in production.
    2 x Virtual Windows 2003 R2 - Hub Transport Servers
    2 x Virtual Windows 2003 R2 - Client Access Servers
    1 x Virtual Windows 2003 R2 - Unified Messaging Server
    1 x Virtual Windows 2003 R2 - Edge Transport Server (DMZ)
    US - One physical location
    1 x Physical Windows 2008 R2 - Mailbox, Client Access, Hub Transport Server
    Exchange 2013 CU5
    UK - Installed into same site along side Exchange 2007 servers
    1 x Virtual Windows 2012 R2 - Mailbox, Client Access Server
    Problem 2 Error Message - Please note, server names and domain name changed:
    Log Name:      Application
    Source:        MSExchange Front End HTTP Proxy
    Date:          18/07/2014 10:00:37
    Event ID:      3005
    Task Category: Core
    Level:         Warning
    Keywords:      Classic
    User:          N/A
    Computer:      EXC2013.domain.local
    Description:
    [RpcHttp] Marking ClientAccess 2010 server EXC2007CAS1.domain.local (https://EXC2007CAS1.domain.local/rpc/rpcproxy.dll) as unhealthy due to exception: System.Net.WebException: The underlying connection was closed: The connection was closed unexpectedly.
       at System.Net.HttpWebRequest.GetResponse()
       at Microsoft.Exchange.HttpProxy.ProtocolPingStrategyBase.Ping(Uri url)
    Event Xml:
    <Event xmlns=http://schemas.microsoft.com/win/2004/08/events/event>
      <System>
        <Provider Name="MSExchange Front End HTTP Proxy" />
        <EventID Qualifiers="32768">3005</EventID>
        <Level>3</Level>
        <Task>1</Task>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2014-07-18T09:00:37.000000000Z" />
        <EventRecordID>64832</EventRecordID>
        <Channel>Application</Channel>
        <Computer>EXC2013.domain.local</Computer>
        <Security />
      </System>
      <EventData>
        <Data>RpcHttp</Data>
        <Data>EXC2007CAS1.domain.local</Data>
        <Data>https://EXC2007CAS1.domain.local/rpc/rpcproxy.dll</Data>
        <Data>System.Net.WebException: The underlying connection was closed: The connection was closed unexpectedly.
       at System.Net.HttpWebRequest.GetResponse()
       at Microsoft.Exchange.HttpProxy.ProtocolPingStrategyBase.Ping(Uri url)</Data>
      </EventData>
    </Event>

    Hi Off2work,
    I've gone through the article and the Get-OutlookAnywhere commandlet looks fine (especially when compared with our working CAS).
    Having looked through IIS I have spotted two additional misconfigurations with a missing setting to require SSL on the RPC folder and also the .NET version was not set.
    I've now set those to Require SSL and .NET 2.0.5072 however this has made no difference following restarted of both 2007 CAS and 2013 servers.
    I could potentially reinstall the CAS server or additionally decommission it as we have two of them and the other is not causing any errors with the 2013 server. This broken CAS server doesn't even have DNS records (except it's own hostname) or firewall
    rules pointing to it, nor does it have any active client connections if I check with a quick netstat -a
    As for UM, it's next on my list following some client/server connectivity testing so I have not yet assigned the SSL to the services or setup the dial plans, etc.
    The services do start most of the time, but others then don't so it's not a consistent issue with just this service. On my current boot, the DAG Management service failed to start, but again I don't have a DAG implemented yet.
    I will see if UM drops out of that list once I've configured it shortly
    Thanks for taking the time to respond (and that goes to DareDevil too)

  • Update from Exchange 2013 Cu2 to SP1 - Outlook 2010 with SP2 clients disconnected

    Hi,
    we recently upgraded a standalone Exchange 2013 Server to SP1. Owa works fine, but all internal Outlook 2010 Clients (with SP2) get disconnected. Creating a new Profile, and testing the internal autodiscovery leeds to an Error 12030 (Connection reset) during
    the discovery process.
    I already checked the Service Point, the discovery URLs, even recreated the autodiscover virtual Directory in iis. But nothing changed.
    The self signed certificate, that was used before the update is further used, and well known to all Clients. As I tested, OWA is working well everywhere.
    Anyone some new ideas?
    Best regards
    Bernhard

    Hi,
    How did you recreate outlook profile? Manually or Automatic?
    If automatic failed, please try to recreate manually and check the result.
    If manual failed, please refer to the following methods to troubleshoot the issue:
    1>Try to open the following link and check the result:
     https://CASName/autodiscover/autodiscover.xml
    2>Try to use RCA to test outlook autodiscover and check the result.
    https://testconnectivity.microsoft.com/
    Thansk.
    Niko Cheng
    TechNet Community Support

  • Exchange 2013: This mailbox database is associated with one or more active mailboximport / Cannot uninstall exchange

    We have a corrupted installation of Exchange 2013 due to installating CU6
    New Exchange server is already installed and mailboxes are migrated over, I am now in the process to uninstall the old exchange 2013 so we can decomission it but I get this error when I try to run uninstall
    "This mailbox database is associated with one or more active mailbox import,To get a list of all Mailboximport request associated with this database, run Get MailboxImportRequest | ?{ $_.RequestQueue -eq "<Database ID>"}....
    But when i run this command I get an error of" The Get-MailboxImportRequest is not recognized as a cmdlet...
    Any advise is appreciated
    Thanks.

    Hi ,
    From the error message i came to know few things i have mentioned mentioned below .
    If you want to remove the problematic exchange server , you need to remove the existing mailbox import requests.
    For that you should need to have the required permission for the user account from which you are trying to execute the command
    Just check your user account is having the Mailbox Import Export role permissions .
    If you have the required permissions then go ahead and execute the commands
    Get-MailboxImportRequest | ft -au ( this is to see how many no of the mailbox import request are available
    Remove-MailboxImportRequest
    ( this command is to remove the entire mailbox import move request)
    Once you have done with that , then you start proceeding uninstalling the exchange server .
    Regards
    S.Nithyanandham
    Thanks S.Nithyanandham

Maybe you are looking for

  • Exporting data from text file to a table using utl_file

    Dear all, I have a text file as below and i have a table having 12 columns. Now i need to insert this text file into the table story_books. CREATE TABLE story_books book_id NUMBER, Category VARCHAR2(100 BYTE), Book_type VARCHAR2(100 BYTE), Name VARCH

  • DME file-f110-change of bank account

    we are making payment to a vendor thru payment method E i.e EFT and DME file gets created and is sent to bank.At the time of F110 if i change the bank account number for the same method will still dme file be created or any changes are req for this.

  • Planned support for JAX-WS web services?

    Are there any plans for JDeveloper to support JAX-WS web services in the near future (https://jax-ws.dev.java.net/) I know that I can just import the libraries and develop code from scratch, but it would be nice if I could actually run the code in OC

  • When installing Premiere Elements I get an error with Shared Technologies

    When installing Premiere Elements onto a Windows XP Service Pak 3, I get an error with Shared Technologies.

  • Error in 10gapps discoverer viewer

    If i try to open a workbook in 10g version 10.1.2.0.2 discoverer viewer, i am not able get workbook and get error of java as java.lang.NullPointerException at oracle.dss.thin.beans.CaboUtils.isIE_5_5_Plus(CaboUtils.java:95) at oracle.dss.thin.laf.bro