Exchange your Mind

"La connaissance ne vaut que si elle est partagée" / "An effective Knowledge is a shared one"

Exchange 2013 SP1 : Unable to connect with PS and ECP on a fresh Exchange installation [SOLVED]

Posted by Teruin laurent le juillet 21, 2014


Version : Exchange 2013 SP1
PLateform : 2012 Std R2 Us
Language : US


HI we just install a fresh copy of Exchange 2013 SP1 without any issue and warning. But we can’t connect on Exchange with ECP and Powershell

We got this : EBSMEYDEVA06.d1.ad.local


The endpointconfiguration with the http://schemas.microsoft.com/powershell/Microsoft.exchange identifier is not in a valid initial session state on the remote computer

After checking the exchange setup log we found this

Start installing ASP.NET (4.0.30319.33440) without changing existing web applications to use this version of ASP.Net.This option is not supported on this version of the operating system. Administrators should instead install/uninstall ASP.NET 4.5 with IIS8 using the "Turn Windows Features On/Off" dialog, the Server Manager management tool, or the dism.exe command line tool. For more details please see http://go.microsoft.com/fwlink/?LinkID=216771.Finished installing ASP.NET (4.0.30319.33440) without changing existing web applications to use this version of ASP.Net.

The worse is that no warning appears during the installation process. We decided to uninstall Exchange 2013 and follow the http://go.microsoft.com/fwlink/?LinkID=216771

Our Error ?? We just go to technet and copy and paste the following cmd let

linstall-WindowsFeature AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation

Set automatic mode for (Was disabled by the customer Windows 202 R2 Master)

Computer browser
Internet connexion Sharing
Offlinefiles
Routing and remote access
Smartcard
Ssdp discovery
Upnp Device host
WinMgmt,

Adding ASP.net 3.5 As the article http://go.microsoft.com/fwlink/?LinkID=216771 precise. And reboot the server and try to install again exchange 2013 SP1

After one hour … we have edited the Setup log and find again this : not particularly encouraging !!!! waiting for the end of the setup process.

07/21/2014 14:28:13.0482] [2] Active Directory session settings for ‘Start-SetupProcess’ are: View Entire Forest: ‘True’, Configuration Domain Controller: ‘EBSMEY003.d1.xxx.xxx, Preferred Global Catalog: ‘EBSMEYXXX.d1.xxx.XXX, Preferred Domain Controllers: ‘{ EBSMEYXXX.d1.xx.XXX }’
[07/21/2014 14:28:13.0482] [2] User specified parameters: -Name:’C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe’ -Args:’-ir -enable’
[07/21/2014 14:28:13.0482] [2] Beginning processing Start-SetupProcess
[07/21/2014 14:28:13.0498] [2] Starting: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe with arguments: -ir –enable
[07/21/2014 14:28:13.0638] [2] Process standard output: Microsoft (R) ASP.NET RegIIS version 4.0.30319.33440
Administration utility to install and uninstall ASP.NET on the local machine.
Copyright (C) Microsoft Corporation. All rights reserved.
Start installing ASP.NET (4.0.30319.33440) without changing existing web applications to use this version of ASP.Net.
This option is not supported on this version of the operating system. Administrators should instead install/uninstall ASP.NET 4.5 with IIS8 using the "Turn Windows Features On/Off" dialog, the Server Manager management tool, or the dism.exe command line tool. For more details please see http://go.microsoft.com/fwlink/?LinkID=216771.
Finished installing ASP.NET (4.0.30319.33440) without changing existing web applications to use this version of ASP.Net
.
[07/21/2014 14:28:13.0638] [2] Process standard error:
[07/21/2014 14:28:13.0638] [2] Ending processing Start-SetupProcess

After rebooting we try to log on on ECP and after waiting we’ve got this

Server Error in ‘/ecp’ Application.

Request timed out.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Web.HttpException: Request timed out.
Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[HttpException (0x80004005): Request timed out.]

 

I have searched in the event log and found this

Log Name: ApplicationSource: MSExchange ADAccess
Date: 7/21/2014 7:56:45 PM
Event ID: 4027
Task Category: General
Level: Error
Keywords: Classic
User: N/A
Computer: EBSMEYDEVA06.d1.xx.xxxx
Description: Process w3wp.exe (RemotePS) (PID=8508). WCF request (GetServerFromDomainDN DC=xx,DC=xxx,DC=xxx) to the Microsoft Exchange Active Directory Topology service on server (TopologyClientTcpEndpoint (localhost)) failed. Make sure that the service is running. In addition, make sure that the network ports that are used by Microsoft Exchange Active Directory Topology service are not blocked by a firewall. The WCF call was retried 3 time(s). Error Details

System.TimeoutException: This request operation sent to net.tcp://localhost:890/Microsoft.Exchange.Directory.TopologyService did not receive a reply within the configured timeout (00:02:00). The time allotted to this operation may have been a portion of a longer timeout. This may be because the service is still processing the operation or because the service was unable to send a reply message. Please consider increasing the operation timeout (by casting the channel/proxy to IContextChannel and setting the OperationTimeout property) and ensure that the service is able to connect to the client.

After veryfing .. the Exchange server have access to a DC .. net view is working and DSA.MSC is working well from the Exchange Server

We also checked the site and service configuration and the site is correctly declared with the correct subnet.

State of Exchange Service


JULY 22 2014

We stop the Windows FW but the issue is the same .

We discover that the Msexcange ADservice discover correctly the Domain controllers in the site

Log Name: Application
Source: MSExchange ADAccess
Date: 7/22/2014 3:06:53 PM
Event ID: 2080
Task Category: Topology
Level: Information
Keywords: Classic
User: N/A
Computer: XSBMEYDEVA06.xx.xx.xxx
Description:
Process Microsoft.Exchange.Directory.TopologyService.exe (PID=2188). Exchange Active Directory Provider has discovered the following servers with the following characteristics:
(Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)

In-site:
XSBMEY001.xx.xxxx    CDG 1 7 7 1 0 1 1 7 1
XSBMEYPDC005.xx.xxxx    CDG 1 7 7 1 0 1 1 7 1
XSBMEY002.xx.xxxx    CDG 1 7 7 1 0 1 1 7 1
XSBMEYPDC006.xx.xxxx    CDG 1 7 7 1 0 1 1 7 1
XSBMEYPDC007.d1.xx.xxxx    CDG 1 7 7 1 0 0 1 7 1
XSBMEYPDC008.d1.xx.xxxx    CDG 1 7 7 1 0 0 1 7 1
XSBMEY003.d1.xx.xxxx    CDG 1 7 7 1 0 0 1 7 1
XSBMEYPDC009.d1.xx.xxxx    CDG 1 7 7 1 0 0 1 7 1
XSBMEY004.d1.xx.xxxx    CDG 1 7 7 1 0 0 1 7 1

This is below some explanation.

  • Server name: The first column indicates the name of the domain controller that the rest of the data in the row corresponds to.
  • Roles: The second column shows whether or not the particular server can be used as a configuration domain controller (column value C), a domain controller (column value D), or a global catalog server (column value G) for this particular Exchange server. A letter in this column means that the server can be used for the designated function, and a hyphen (-) means that the server cannot be used for that function. In the example that is described earlier in this article, the Roles column contains the value CDG to show that the service can use the server for all three functions.
  • Reachability: The third column shows whether the server is reachable by a Transmission Control Protocol (TCP) connection. These bit flags are connected by an OR value. 0x1 means the server is reachable as a global catalog server (port 3268), 0x2 means the server is reachable as a domain controller (port 389), and 0x4 means the server is reachable as a configuration domain controller (port 389). In other words, if a server is reachable as a global catalog server and as a domain controller but not as a configuration domain controller, the value is 3. In the example that is described earlier in this article, the value 7 in the third column means that the server is reachable as a global catalog server, as a domain controller, and as a configuration domain controller (0x1 | 0x2 | 0x4 = 0x7).
  • Synchronized: The fourth column shows whether the "isSynchronized" flag on the rootDSE of the domain controller is set to TRUE. These values use the same bit flags connected by an OR value as the flags that are used in the Reachability column.
  • GC capable: The fifth column is a Boolean expression that states whether the domain controller is a global catalog server.
  • PDC: The sixth column is a Boolean expression that states whether the domain controller is a primary domain controller for its domain.
  • SACL right: The seventh column is a Boolean expression that states whether DSAccess has the correct permissions to read the SACL (part of nTSecurityDescriptor) against that directory service.
  • Critical Data: The eighth column is a Boolean expression that states whether DSAccess found this Exchange server in the configuration container of the domain controller listed in Server name column.
  • Netlogon Check: The ninth column (added in Exchange 2000 SP3) states whether DSAccess successfully connected to a domain controller’s Net Logon service. This requires the use of Remote Procedure Call (RPC), and this call may fail for reasons other than a server that is down. For example, firewalls may block this call. So, if there is a 7 in the ninth column, it means that the Net Logon service check was successful for each role (domain controller, configuration domain controller, and global catalog).
    OS Version: The tenth column (added in Exchange 2003) states whether the operating system of the listed domain controller is running at least Microsoft Windows 2000 Service Pack 3 (SP3). Exchange 2003 only uses domain controllers or global catalog servers that are running Windows 2000 SP3 or later. A Boolean expression of 1 means the domain controller satisfied the operating system requirements of Exchange 2003 for use by DSAccess.

IT appears that none of the DC in the Domain where Exchange 2013 is running have the value 1 for SACL right

We just discover that a Legacy Domain controller Gpo was responsible for this situation. After removing this GPO and relaunch the MS Exchange AD Service the issue was solved .


 

Posted in Exchange 2013 Issues | Leave a Comment »

IIS ARR une solution pour Lync 2013 .. Vraiment ?

Posted by Teruin laurent le juillet 8, 2014


Publier l’environnement Lync 2013 avec une solution Microsoft s’avère délicate aujourd’hui et ce en raison de l’abandon de la solution TMG. Depuis, la seule solution officielle mais considérée comme une solution d’attente se trouve être IIS Arr. De multiple déploiements ont été effectués avec cet environnement et qui à chaque fois sont très consommateur de temps. Le manque d’outils ou d’interface permettant d’analyser son dysfonctionnement en sont la cause. IIS Arr n’est pas une solution complète de reverse proxy car elle ne permet pas entre autre, d’effectuer une pré authentification utilisateur et souffre d’un manque flagrant d’outils de diagnostic. Vous me direz il y a les journaux IIS ! Mais franchement en 2014 obliger à éditer des journaux en txt, puis les convertir au format XLS pour espérer y voir quelque chose, c’est cela la solution ? Allez soyons sérieux 5 minutes, l’informatique d’entreprise ce n’est pas du bricolage. IIS Arr n’est pas une solution d’entreprise et baser sa solution de publication autour de cette add-on de Microsoft IIS me parait très hasardeux. IIS Arr devrait être à terme remplacée par la solution Microsoft WAP. Il est donc tout à fait prévisible que ces fonctions de reverse proxy ne s’améliorent pas. En attendant, il vous reste les solutions Kemp,F5, DenyAll qui comblent le vide laissé par l’abandon de Forefront TMG.

Laurent Teruin

Posted in Non classé | Leave a Comment »

LYNC 2013 – Failed to start RTCATS Service – The Application Host could not start the application urn:application:testbot.

Posted by David ANDRE le juin 18, 2014


Bonjour,

Un petit retour sur le blog après une grosse charge de travail (Rendez-vous le 9 Juillet chez vos libraires :] ). Je vous partage aujourd’hui un peu de troubleshooting Lync Server 2013.

Contexte :

  • Lync Server 2013 Enterprise Edition (dernier CU Janvier)
  • Hardware Load Balancing F5
  • Back-end SQL Mirror + Witness

Après un changement de domaine SIP Primaire, le service RTCATS ne voulait plus démarrer. Pour rappel, ce service est en charges des Tests Audio (Audio Test Service), la petite voix que l’on appelle pour vérifier la qualité de l’équipement audio utilisé.

LS Application Server – Event ID 32003


 

Après quelques recherches je suis tombé sur un topic du blog Technet traitant des mêmes symptômes. Pour mieux comprendre, ce service s’appuie sur un objet Active Directory de type CONTACT (RTCApplication…) que l’on retrouve en tapant la commande suivant :

Get-CSAudioTestServiceApplication


Même si sur cet écran, le domaine est flouté, vous devriez retrouver l’ancien domaine SIP primaire. On remarque donc que le changement de domaine SIP Primaire n’a pas été propagé sur la SIPAddress du service AudioTest. Penser aussi à bien identifier le CN du contact applicatif (dans mon cas f222e31b….)

Pour y remédier, Ouvrir la partition de Configuration dans ADSI EDIT puis naviguer dans Services/RTCService/Application Contacts puis identifier le CN précédemment relevé.


Modifier l’attribut msRTCSIP-PrimaryUserAddress et proxyAddresses en remplaçant l’ancien domaine SIP par le nouveau. Appliquer et fermer.

Il devrait maintenant être possible de démarrer le service RTCATS sans problèmes.

 

Have Fun J

David ANDRE

Posted in 2- LYNC-2013, 5-Lync-2010 | Leave a Comment »

Exchange 2013 SP1: Double ECP & OWA Web Site issue

Posted by Teruin laurent le juin 6, 2014


HI All today

Today i cope with this following issue. When I activate a second web Ecp on Exchange 2013 SP1 server US all users cannot have access to ECP. When they try to logon no message is displayed .I will try to reproduce the issue.

Situation

Binging on the Default Site on server Srvexc02


The current configuration for the default ECP virtual directory is this one


Binding on the Exchange Basic Site


In this situation all users can access to OWA and ECP on the Default website with FBA

Now I will try to add an ECP virtual Directory on the second Website (ExchangeBasic) and set this virtual directory with Basic authentication.

For this I will use these cmdlets:

New-ecpVirtualDirectory -WebSiteName "ExchangeBasic"
set-ecpvirtualdirectory -identity "SRVEXC02\ecp (ExchangeBasic)" -ExternalAuthenticationMethods basic -BasicAuthentication $true -WindowsAuthentication $false -DigestAuthentication $false -FormsAuthentication $false


After that nobody can’t have access to ECP. IT is fully reproducible

The Ecpvirtual on the ExchangeBasic website is configured by default like this


IF you try to enable a second OWA web Site on Exchange 2013 as the ECP you will have this behavior

All user will not be able to log on to outlook Web app with an error message invalid password or user name


 

If you have this behavior with OWA or ECP. Remove all OWA and Ecp Site in the second Website perform a IISreset remove OWA and ECP on the default web site and recreate it. You will retrieve a correct behavior. I have done that so many time ;-)

Laurent Teruin

 

 


 

Posted in Exchange 2013 Issues | Leave a Comment »

Exchange 2013: Remove ECP virtual Site.(Solved)

Posted by Teruin laurent le juin 5, 2014


I have to remove the Ecp Web Site and recreate it … And i ve got this !! that’s serious????!!!!!!!!! Exchange 2013 so fresh product !!!!


After delete it


Trying to recreate the ECP


Where he find this ??????? !!!! I delete it !!!!! Rebooting the server and try again same issue !!!!

I found that the ecp is still in IIS. Delete it and try to recreate it

And it works

New-ecpVirtualDirectory -WebSiteName "Default Web Site"
set-ecpvirtualdirectory -identity "SRVEXC02\ecp (Default Web Site)" -ExternalAuthenticationMethods basic -BasicAuthentication $false -WindowsAuthentication $false -DigestAuthentication $false -FormsAuthentication $true

 

 

 

 

 

Posted in Exchange 2013 Issues | Leave a Comment »

Exchange 2013 SP1 and Office Web App: White page still pending [Nightmare]

Posted by Teruin laurent le juin 2, 2014


HI all

Today i just configured Office Web with Exchange 2013 SP1 and strictly followed the technet : http://technet.microsoft.com/en-us/library/jj150495(v=exchg.150).aspx

For information my Office Web App works fine with Lync 2013 on the same infrastructure


But when I try to display a content …. White Windows… .pfouuuuuu L((((


And the worse is:: if you can’t see the preview you can’t download it !!!


Who is the silly guy who decided this behavior???? !!!!!!! : That’s nonsense!!!

Perform these cmdlets..

  • Set-OwaVirtualDirectory "SRVEX1\owa (Default Web Site)" -WacViewingOnPrivateComputersEnabled $true
  • Set-OwaVirtualDirectory "SRVEX2\owa (Default Web Site)" -WacViewingOnPrivateComputersEnabled $true
  • Set-OwaVirtualDirectory "SRVEX1\owa (Default Web Site)" -WacViewingOnPublicComputersEnabled $true
  • Set-OwaVirtualDirectory "SRVEX2\owa (Default Web Site)" -WacViewingOnPublicComputersEnabled $true
  • set-OwaMailboxPolicy -identity default -ForceWebReadyDocumentViewingFirstOnPublicComputers $false
  • set-OwaMailboxPolicy -identity default -ForceWebReadyDocumentViewingFirstOnPrivateComputers $false
  • set-OwaMailboxPolicy -identity default -ForceWacViewingFirstOnPublicComputers $False
  • set-OwaMailboxPolicy -identity default -ForceWacViewingFirstOnPrivateComputers $False

Better Behavior. The content of the attachment could not be displayed but you can download it now!

After turning on the Logverbosity on OfficeWebApp I ve got this!!!!


Found this : http://support.microsoft.com/kb/931198/en-us

Try to rename the .net Framework 2.0 directory


 

Reboot the server. Same issue

Try to remove .NET 2.0 from the server and reboot ..: Same Issue
Downloading the CU4 April 2014 : http://hotfixv4.microsoft.com/Microsoft%20Office%20Web%20Apps%20Server%202013/sp1/wacserver2013kb2863899fullfilex64glb/15.0.4605.1001/free/474524_intl_x64_zip.exe
Humm after the update and a reboot the Webfarm no longer exist… grrr…


Recreating the webfarm: New-OfficeWebAppsFarm -InternalUrl "https://officewebapp01..xxx.xxx" -ExternalUrl "https://officewebapp01.xxx.xxxx" -EditingEnabled:$true -certificatName office


Restarting Exchange servers and verify the 142 events on both servers! I love the sentence … "Wac Should be enabled…."


No way the Attachment in and browser is still white..!!!!

Try to uninstall OfficeWeb app and reinstall …

  • Remove Office Web application from installed programs
  • Installing : version : 15.0.4420.1017 and reboot the Owapp server
  • Installing wacserver2013-kb2863899-fullfile-x64-glb.exe


    and reboot

  • Recreating the farm: New-OfficeWebAppsFarm -InternalUrl "https://officewebapp01..xxx.xxx" -ExternalUrl "https://officewebapp01.xxx.xxxx" -EditingEnabled:$true -certificatName office
  • Trying again …. Same issue. When trying to open the attachement OWA PP Start and white page.

June 5 2014 : Still searching on this Issue ….

I just saw some error message in the application log on the officeWebapp server


And in the Office Web App log I saw this


I ‘ve just performed a Get-officeWebappsMachine and the health Status is Unhealthy.


I’ve changed the Certificat name to add the Server FQDN restart the Office Web app service

And verify that


Restart the officeWebapp and the situation is better


But I’ve got still this


I decided to install this NET-WCF-HTTP-Activation45 and and Reboot

After a reboot lots of event are now present in the event viewer. And


 

And I’ve got this


Trying to remove the component NET-WCF-HTTP-Activation45 and restart the server

I retrieve a better situation but ….

I’ve still have this


Deciding to remove again and again this wonderful and so finished product !!! Office Web App and restart the computer

I reinstall all components by these cmdlet :

Add-WindowsFeature NET-Framework-45-Core,NET-Framework-45-ASPNET,`Web-Mgmt-Console,Web-Common-Http,Web-Default-Doc,Web-Static-Content,Web-Filtering,Web-Windows-Auth,Web-Net-Ext45,Web-Asp-Net45,Web-ISAPI-Ext,`Web-ISAPI-Filter,Web-Includes,InkAndHandwritingServices, NET-WCF-HTTP-Activation45
Add-WindowsFeature Web-Stat-Compression,Web-Dyn-Compression

Install officewebapp and tu CU April 2014 / recreate the farm and I’ve got this result


Whaoo is Office Web app a free product?????

Let see what happen in the event viewer now



So beautiful !!! For a fresh installation !

And after 5 minutes……


And the result in OfficeWebapp is ….


Hopefully the farm is healthy!

Let’s recycling the OwappPool application on the exchange server … No 140 events!
Let’s verify if when I reboot the OfficeWebapp the officeWebApppsMachine is healthy. Surprise!!!!!!!!


But after 6 minutes the farm is healthy again.. coooollllll.


One Exchange server have the 142 event in the application log the second one no. I tried to use OfficeWebApp from the exchange server who have the 142 event. You know what???? The display content of the attachment is still a white page…!. Common!!! I’m starting to understand why you can freely download Officewebapp!

 

 

 

 

 

 

 

 

 

 

 

Posted in Exchange 2013 Issues | Leave a Comment »

Exchange 2013 and Windows XP SP3 Outlook 2010 enable to connect the first time!!

Posted by Teruin laurent le mai 30, 2014


Today i have to cope with an Authentication Issue when Outlook 2010 running on Windows XP and try to connect to Outlook Anywhere

Outlook 2010 running on Windows 2008 works fine but not on XP. Outlook for the first time and no way to connect

Below is the production environment

Windows XP professionnel version 5.1 2600 service Pack 3 Nu 2600 X86
Outlook 2010 version 14.7015.1000 32 Bit
Exchange 2013 SP1 Us Version
[PS] C:\Windows\system32>Get-OutlookProvider
Name Server CertPrincipalName TTL
—- —— —————– —
EXCH msstd:*.company.com 1
EXPR msstd:*.company.com 1
WEB 1

[PS] C:\Windows\system32>Get-OutlookAnywhere

RunspaceId : 72996687-448d-44fb-bef2-de48ccd0fa32
ServerName : SRVEXC01
SSLOffloading : True
ExternalHostname : oa.company.com
InternalHostname : oa.company.com
ExternalClientAuthenticationMethod : Negotiate
InternalClientAuthenticationMethod : Negotiate
IISAuthenticationMethods : {Basic, Ntlm, Negotiate}
XropUrl :
ExternalClientsRequireSsl : True
InternalClientsRequireSsl : True
MetabasePath : IIS://SRVEXC01.mrsaero.loc/W3SVC/1/ROOT/Rpc
Path : C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\rpc
ExtendedProtectionTokenChecking : None
ExtendedProtectionFlags : {}
ExtendedProtectionSPNList : {}
AdminDisplayVersion : Version 15.0 (Build 847.32)
Server : SRVEXC01
AdminDisplayName :
ExchangeVersion : 0.20 (15.0.0.0)
Name : Rpc (Default Web Site)
DistinguishedName : CN=Rpc (Default Web Site),CN=HTTP,CN=Protocols,CN=SRVEXC01,CN=Servers,CN=Exchang Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=mrsaero,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=mrsaero,DC=loc
Identity : SRVEXC01\Rpc (Default Web Site)
Guid : 47bf7118-1c00-4add-82a0-172958d49f9d
ObjectCategory : mrsaero.loc/Configuration/Schema/ms-Exch-Rpc-Http-Virtual-Directory
ObjectClass : {top, msExchVirtualDirectory, msExchRpcHttpVirtualDirectory}

 

On the worktation XP

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\.    Lmcompatibilitylevel = 3

I decided to change to ntlm

set-outlookanywhere -identity "SRVEXC01\Rpc (Default Web Site)" -InternalClientAuthenticationMethod ntlm -ExternalClientAuthenticationMethod ntlm
set-outlookanywhere -identity "SRVEXC02\Rpc (Default Web Site)" -InternalClientAuthenticationMethod ntlm -ExternalClientAuthenticationMethod ntlm

and restart the rpc client access service … Same Issue

 

I decided to modify the outlook providers by using
Set-outlookProvider –identity WEB – CertPrincipalName msstd:*.company.com

Reboot the server… same Issue..

Trying to change the authentication method on autodiscover….

Set-autodiscovervirtualdirectory -identity "SRVEXC01\Autodiscover (Default Web Site)" -DigestAuthentication $true
Set-autodiscovervirtualdirectory -identity "SRVEXC02\Autodiscover (Default Web Site)" -DigestAuthentication $true

But it is not that

I download a tool fiddler2 to see what URL is accessed byt the Outlook client when autoconfiguration for the first time is made. And I discover that the Autodiscover was based on local client access FQDN. To have a real test I delete each time the profil user on the XP machine and loggin again.

So I decided to modify the configuration with this cmdlet

get-clientaccessserver | set-clientaccessServer -AutoDiscoverServiceInternalUri https://autodiscover.company.com/Autodiscover/Autodiscover.xml

so now buy using Fiddler acting as as proxy I can see that outlook use the autodiscover FQDN wich is a Load Balanced VIP. But…. Same issue . The worse is when Fiddler is open it works when I close fiddler outlook have an authentication issue


 


A this time no authentication is possible !

 

 

 

 


 

Posted in Exchange 2013 Issues | Leave a Comment »

Exchange 2013 ASP.NET : Event ID: 1309 An unhandled exception has occurred

Posted by Teruin laurent le mai 28, 2014


Hi Today suddenly all user cannot connect anymore to OWA . The issue is that the account is correct and the password too.

When I try to open a session I’ve got this in the event log

 

Posted in Non classé | Leave a Comment »

Exchange 2013 The Microsoft Exchange Transport Service Entered the stopped State Event 12025 106 2937 7010 1309

Posted by Teruin laurent le mai 27, 2014


HI all

Today I have to cope with the behavior after a simple reboot on two Mailbox servers. After searching on the net event etc. I decide to open a case.

 

 

Log Name: Application
Source: MSExchangeTransport
Date: 5/27/2014 5:14:24 PM
Event ID: 12025
Task Category: TransportService
Level: Warning
Keywords: Classic
User: N/A
Computer: SrvExc02.mrsaero.loc
Description: Transport service is disconnecting performance counters with process lifetime from their old process.

Event Xml:<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"&gt;
<System>
<Provider Name="MSExchangeTransport" />
<EventID Qualifiers="32772">12025</EventID>
<Level>3</Level>
<Task>12</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2014-05-27T15:14:24.000000000Z" />
<EventRecordID>1378075</EventRecordID>
<Channel>Application</Channel>
<Computer>SrvExc02.mrsaero.loc</Computer>
<Security />
</System>
<EventData>
</EventData>
</Event>

Posted in Non classé | Leave a Comment »

Exchange 2013: ASP.NET 4.0.30319.0 MapiExceptionIllegalCrossServerConnection [SOLVED]

Posted by Teruin laurent le mai 19, 2014


HI all

After fixing the ASPnet Error to give the possibility to my customer to use ECP and OWA (see old post). The Asp.net continue to fault as you can see.
We don’t have any explanation and no more time to spend to fix what I consider as a bug.

Regards
Laurent Teruin

Log Name: Application
Source: ASP.NET 4.0.30319.0
Date: 4/30/2014 8:39:05 AM
Event ID: 1309
Task Category: Web Event
Level: Warning
Exception information:
Exception type: MapiExceptionIllegalCrossServerConnection
Exception message: MapiExceptionIllegalCrossServerConnection: Monitoring mailbox [] with application ID [Client=OWA] is not allowed to make cross-server calls from [SRVEXC01.xxxx.loc] to [SRVEXC02.xxx.loc] at Microsoft.Mapi.CrossServerDiagnostics.BlockCrossServerCall(ExRpcConnectionInfo connectionInfo, String mailboxDescription)

[ MAY 19 ] Deleting the Health User in AD! Restart the Microsoft Exchange Health Manager Service and the mailbox are recreated and no more event!

 

 

Posted in EXCHANGE 2013, Exchange 2013 Issues | Leave a Comment »

 
Suivre

Recevez les nouvelles publications par mail.

Rejoignez 223 autres abonnés