Difference between revisions of "Troubleshooting Exchange"
| Line 20: | Line 20: | ||
A more dangerous tool since it can change entries. | A more dangerous tool since it can change entries. | ||
Log in as the Impersonation user to the Impersonation Mailbox | Log in as the Impersonation user to the Impersonation Mailbox | ||
| − | Use the Autodiscover Viewer Tool to attempt to access other mailboxes on the system and | + | Use the Autodiscover Viewer Tool to attempt to access other mailboxes on the system and look in the EWSEditor Log tool to see what steps it is going through to reach the user. |
==MS Remote Connectivity Tester== | ==MS Remote Connectivity Tester== | ||
Revision as of 21:32, 28 October 2014
We do Exchange discovery look-ups in four ways:
- LDAP
- SCP
- EWS
- autodiscover
Troubleshooting all that can be challenging.
Contents |
LDAP Browser
http://www.ldapbrowser.com/download.htm
This is just a browser so is safe to use, it can't change anything. The thing is to log in using the credentials you gave Retain, if you can do that it will work for an archive job. But in real life it will be more difficult than that. Log in as the Administrator user to find the actual credentials and path of the ApplicationImpersonation account. Then go back and figure out how to log in to AD with them and see all of the tree. Then make sure Retain is set with those properties and use the EWSEditor Log Viewer Tool to find how it works or fails.
EWSEditor
http://ewseditor.codeplex.com/ A more dangerous tool since it can change entries. Log in as the Impersonation user to the Impersonation Mailbox Use the Autodiscover Viewer Tool to attempt to access other mailboxes on the system and look in the EWSEditor Log tool to see what steps it is going through to reach the user.
MS Remote Connectivity Tester
https://testconnectivity.microsoft.com/ An online tool that can be helpful to narrow down issues.
Exchange Management Shell
In the Exchange Management Shell, not the regular powershell, on the Exchange server run the following command:
Get-WebServicesVirtualDirectory | fl >C:\ews.txt
The results should look something like this:
RunspaceId : 33ac48e8-9ff0-461f-b604-6ea6ef8a3bf4
CertificateAuthentication :
InternalNLBBypassUrl :
GzipLevel : Low
MRSProxyEnabled : False
Name : EWS (Default Web Site)
InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity, OAuth}
ExternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity, OAuth}
LiveIdNegotiateAuthentication :
WSSecurityAuthentication : True
LiveIdBasicAuthentication : False
BasicAuthentication : True
DigestAuthentication : False
WindowsAuthentication : True
OAuthAuthentication : True
AdfsAuthentication : False
MetabasePath : IIS://EXMS.support.LOCAL/W3SVC/1/ROOT/EWS
Path : C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\EWS
ExtendedProtectionTokenChecking : None
ExtendedProtectionFlags : {}
ExtendedProtectionSPNList : {}
AdminDisplayVersion : Version 15.0 (Build 775.38)
Server : EXMS
InternalUrl : https://mail.support.com/EWS/Exchange.asmx
ExternalUrl : https://mail.support.com/ews/exchange.asmx
AdminDisplayName :
ExchangeVersion : 0.10 (14.0.100.0)
DistinguishedName : CN=EWS (Default Web Site),CN=HTTP,CN=Protocols,CN=EXMS,CN=Servers,CN=Exchange Administrative Group
(FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Exchange,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=support,DC=LOCAL
Identity : EXMS\EWS (Default Web Site)
Guid : 62be879a-5a5c-495a-8cca-481bfd1c40c2
ObjectCategory : support.LOCAL/Configuration/Schema/ms-Exch-Web-Services-Virtual-Directory
ObjectClass : {top, msExchVirtualDirectory, msExchWebServicesVirtualDirectory}
WhenChanged : 3/20/2014 1:49:19 PM
WhenCreated : 2/21/2014 11:22:32 AM
WhenChangedUTC : 3/20/2014 8:49:19 PM
WhenCreatedUTC : 2/21/2014 7:22:32 PM
OrganizationId :
OriginatingServer : LA-DC1.support.LOCAL
IsValid : True
ObjectState : Changed
RunspaceId : 33ac48e8-9ff0-461f-b604-6ea6ef8a3bf4
CertificateAuthentication :
InternalNLBBypassUrl :
GzipLevel : Low
MRSProxyEnabled : False
Name : EWS (Default Web Site)
InternalAuthenticationMethods : {Ntlm, WindowsIntegrated, WSSecurity, OAuth}
ExternalAuthenticationMethods : {Ntlm, WindowsIntegrated, WSSecurity, OAuth}
LiveIdNegotiateAuthentication :
WSSecurityAuthentication : True
LiveIdBasicAuthentication : False
BasicAuthentication : False
DigestAuthentication : False
WindowsAuthentication : True
OAuthAuthentication : True
AdfsAuthentication : False
MetabasePath : IIS://EXMS2.support.LOCAL/W3SVC/1/ROOT/EWS
Path : C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\EWS
ExtendedProtectionTokenChecking : None
ExtendedProtectionFlags : {}
ExtendedProtectionSPNList : {}
AdminDisplayVersion : Version 15.0 (Build 775.38)
Server : EXMS2
InternalUrl : https://mail.support.com/EWS/Exchange.asmx
ExternalUrl : https://mail.support.com/EWS/Exchange.asmx
AdminDisplayName :
ExchangeVersion : 0.10 (14.0.100.0)
DistinguishedName : CN=EWS (Default Web Site),CN=HTTP,CN=Protocols,CN=EXMS2,CN=Servers,CN=Exchange Administrative Group
(FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Exchange,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=support,DC=LOCAL
Identity : EXMS2\EWS (Default Web Site)
Guid : 35cf96b1-29b4-442e-81c2-93298a8526af
ObjectCategory : support.LOCAL/Configuration/Schema/ms-Exch-Web-Services-Virtual-Directory
ObjectClass : {top, msExchVirtualDirectory, msExchWebServicesVirtualDirectory}
WhenChanged : 3/20/2014 1:49:37 PM
WhenCreated : 3/13/2014 10:30:45 AM
WhenChangedUTC : 3/20/2014 8:49:37 PM
WhenCreatedUTC : 3/13/2014 5:30:45 PM
OrganizationId :
OriginatingServer : LA-DC1.support.LOCAL
IsValid : True
ObjectState : Changed
This is a quick report of the systems settings. The important thing to check is that BasicAuthentication is set to True.
