Difference between revisions of "Troubleshooting Exchange"
From GWAVA Technologies Training
(Created page with "We do Exchange discovery look-ups in four ways: * LDAP * SCP * EWS * autodiscover Troubleshooting all that can be challenging. ==LDAP Browser== http://www.ldapbrowser.com/do...") |
|||
| Line 33: | Line 33: | ||
<nowiki> | <nowiki> | ||
| − | + | RunspaceId : 33ac48e8-9ff0-461f-b604-6ea6ef8a3bf4 | |
| − | + | CertificateAuthentication : | |
| − | + | InternalNLBBypassUrl : | |
| − | + | GzipLevel : Low | |
| − | + | MRSProxyEnabled : False | |
| − | + | Name : EWS (Default Web Site) | |
| − | + | InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity, OAuth} | |
| − | + | ExternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity, OAuth} | |
| − | + | LiveIdNegotiateAuthentication : | |
| − | + | WSSecurityAuthentication : True | |
| − | + | LiveIdBasicAuthentication : False | |
| − | + | BasicAuthentication : True | |
| − | + | DigestAuthentication : False | |
| − | + | WindowsAuthentication : True | |
| − | + | OAuthAuthentication : True | |
| − | + | AdfsAuthentication : False | |
| − | + | MetabasePath : IIS://EXMS.support.LOCAL/W3SVC/1/ROOT/EWS | |
| − | + | Path : C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\EWS | |
| − | + | ExtendedProtectionTokenChecking : None | |
| − | + | ExtendedProtectionFlags : {} | |
| − | + | ExtendedProtectionSPNList : {} | |
| − | + | AdminDisplayVersion : Version 15.0 (Build 775.38) | |
| − | + | Server : EXMS | |
| − | + | InternalUrl : https://mail.support.com/EWS/Exchange.asmx | |
| − | + | ExternalUrl : https://mail.support.com/ews/exchange.asmx | |
| − | + | AdminDisplayName : | |
| − | + | ExchangeVersion : 0.10 (14.0.100.0) | |
| − | + | DistinguishedName : CN=EWS (Default Web Site),CN=HTTP,CN=Protocols,CN=EXMS,CN=Servers,CN=Exchange Administrative Group | |
| − | + | (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Exchange,CN=Microsoft | |
| − | + | Exchange,CN=Services,CN=Configuration,DC=support,DC=LOCAL | |
| − | + | Identity : EXMS\EWS (Default Web Site) | |
| − | + | Guid : 62be879a-5a5c-495a-8cca-481bfd1c40c2 | |
| − | + | ObjectCategory : support.LOCAL/Configuration/Schema/ms-Exch-Web-Services-Virtual-Directory | |
| − | + | ObjectClass : {top, msExchVirtualDirectory, msExchWebServicesVirtualDirectory} | |
| − | + | WhenChanged : 3/20/2014 1:49:19 PM | |
| − | + | WhenCreated : 2/21/2014 11:22:32 AM | |
| − | + | WhenChangedUTC : 3/20/2014 8:49:19 PM | |
| − | + | WhenCreatedUTC : 2/21/2014 7:22:32 PM | |
| − | + | OrganizationId : | |
| − | + | OriginatingServer : LA-DC1.support.LOCAL | |
| − | + | IsValid : True | |
| − | + | ObjectState : Changed | |
| + | |||
| + | RunspaceId : 33ac48e8-9ff0-461f-b604-6ea6ef8a3bf4 | ||
| + | CertificateAuthentication : | ||
| + | InternalNLBBypassUrl : | ||
| + | GzipLevel : Low | ||
| + | MRSProxyEnabled : False | ||
| + | Name : EWS (Default Web Site) | ||
| + | InternalAuthenticationMethods : {Ntlm, WindowsIntegrated, WSSecurity, OAuth} | ||
| + | ExternalAuthenticationMethods : {Ntlm, WindowsIntegrated, WSSecurity, OAuth} | ||
| + | LiveIdNegotiateAuthentication : | ||
| + | WSSecurityAuthentication : True | ||
| + | LiveIdBasicAuthentication : False | ||
| + | BasicAuthentication : False | ||
| + | DigestAuthentication : False | ||
| + | WindowsAuthentication : True | ||
| + | OAuthAuthentication : True | ||
| + | AdfsAuthentication : False | ||
| + | MetabasePath : IIS://EXMS2.support.LOCAL/W3SVC/1/ROOT/EWS | ||
| + | Path : C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\EWS | ||
| + | ExtendedProtectionTokenChecking : None | ||
| + | ExtendedProtectionFlags : {} | ||
| + | ExtendedProtectionSPNList : {} | ||
| + | AdminDisplayVersion : Version 15.0 (Build 775.38) | ||
| + | Server : EXMS2 | ||
| + | InternalUrl : https://mail.support.com/EWS/Exchange.asmx | ||
| + | ExternalUrl : https://mail.support.com/EWS/Exchange.asmx | ||
| + | AdminDisplayName : | ||
| + | ExchangeVersion : 0.10 (14.0.100.0) | ||
| + | DistinguishedName : CN=EWS (Default Web Site),CN=HTTP,CN=Protocols,CN=EXMS2,CN=Servers,CN=Exchange Administrative Group | ||
| + | (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Exchange,CN=Microsoft | ||
| + | Exchange,CN=Services,CN=Configuration,DC=support,DC=LOCAL | ||
| + | Identity : EXMS2\EWS (Default Web Site) | ||
| + | Guid : 35cf96b1-29b4-442e-81c2-93298a8526af | ||
| + | ObjectCategory : support.LOCAL/Configuration/Schema/ms-Exch-Web-Services-Virtual-Directory | ||
| + | ObjectClass : {top, msExchVirtualDirectory, msExchWebServicesVirtualDirectory} | ||
| + | WhenChanged : 3/20/2014 1:49:37 PM | ||
| + | WhenCreated : 3/13/2014 10:30:45 AM | ||
| + | WhenChangedUTC : 3/20/2014 8:49:37 PM | ||
| + | WhenCreatedUTC : 3/13/2014 5:30:45 PM | ||
| + | OrganizationId : | ||
| + | OriginatingServer : LA-DC1.support.LOCAL | ||
| + | IsValid : True | ||
| + | ObjectState : Changed | ||
</nowiki> | </nowiki> | ||
This is a quick report of the systems settings. The important thing to check is that BasicAuthentication is set to True. | This is a quick report of the systems settings. The important thing to check is that BasicAuthentication is set to True. | ||
Revision as of 21:25, 28 October 2014
We do Exchange discovery look-ups in four ways:
- LDAP
- SCP
- EWS
- autodiscover
Troubleshooting all that can be challenging.
Contents |
LDAP Browser
http://www.ldapbrowser.com/download.htm
This is just a browser so is safe to use, it can't change anything. The thing is to log in using the credentials you gave Retain, if you can do that it will work for an archive job. But in real life it will be more difficult than that. Log in as the Administrator user to find the actual credentials and path of the ApplicationImpersonation account. Then go back and figure out how to log in to AD with them and see all of the tree. Then make sure Retain is set with those properties and use the EWSEditor Log Viewer Tool to find how it works or fails.
EWSEditor
http://ewseditor.codeplex.com/ A more dangerous tool since it can change entries. Log in as the Impersonation user to the Impersonation Mailbox Use the Autodiscover Viewer Tool to attempt to access other mailboxes on the system and
MS Remote Connectivity Tester
https://testconnectivity.microsoft.com/ An online tool that can be helpful to narrow down issues.
Exchange Management Shell
In the Exchange Management Shell, not the regular powershell, on the Exchange server run the following command:
Get-WebServicesVirtualDirectory | fl >C:\ews.txt
The results should look something like this:
RunspaceId : 33ac48e8-9ff0-461f-b604-6ea6ef8a3bf4
CertificateAuthentication :
InternalNLBBypassUrl :
GzipLevel : Low
MRSProxyEnabled : False
Name : EWS (Default Web Site)
InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity, OAuth}
ExternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity, OAuth}
LiveIdNegotiateAuthentication :
WSSecurityAuthentication : True
LiveIdBasicAuthentication : False
BasicAuthentication : True
DigestAuthentication : False
WindowsAuthentication : True
OAuthAuthentication : True
AdfsAuthentication : False
MetabasePath : IIS://EXMS.support.LOCAL/W3SVC/1/ROOT/EWS
Path : C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\EWS
ExtendedProtectionTokenChecking : None
ExtendedProtectionFlags : {}
ExtendedProtectionSPNList : {}
AdminDisplayVersion : Version 15.0 (Build 775.38)
Server : EXMS
InternalUrl : https://mail.support.com/EWS/Exchange.asmx
ExternalUrl : https://mail.support.com/ews/exchange.asmx
AdminDisplayName :
ExchangeVersion : 0.10 (14.0.100.0)
DistinguishedName : CN=EWS (Default Web Site),CN=HTTP,CN=Protocols,CN=EXMS,CN=Servers,CN=Exchange Administrative Group
(FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Exchange,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=support,DC=LOCAL
Identity : EXMS\EWS (Default Web Site)
Guid : 62be879a-5a5c-495a-8cca-481bfd1c40c2
ObjectCategory : support.LOCAL/Configuration/Schema/ms-Exch-Web-Services-Virtual-Directory
ObjectClass : {top, msExchVirtualDirectory, msExchWebServicesVirtualDirectory}
WhenChanged : 3/20/2014 1:49:19 PM
WhenCreated : 2/21/2014 11:22:32 AM
WhenChangedUTC : 3/20/2014 8:49:19 PM
WhenCreatedUTC : 2/21/2014 7:22:32 PM
OrganizationId :
OriginatingServer : LA-DC1.support.LOCAL
IsValid : True
ObjectState : Changed
RunspaceId : 33ac48e8-9ff0-461f-b604-6ea6ef8a3bf4
CertificateAuthentication :
InternalNLBBypassUrl :
GzipLevel : Low
MRSProxyEnabled : False
Name : EWS (Default Web Site)
InternalAuthenticationMethods : {Ntlm, WindowsIntegrated, WSSecurity, OAuth}
ExternalAuthenticationMethods : {Ntlm, WindowsIntegrated, WSSecurity, OAuth}
LiveIdNegotiateAuthentication :
WSSecurityAuthentication : True
LiveIdBasicAuthentication : False
BasicAuthentication : False
DigestAuthentication : False
WindowsAuthentication : True
OAuthAuthentication : True
AdfsAuthentication : False
MetabasePath : IIS://EXMS2.support.LOCAL/W3SVC/1/ROOT/EWS
Path : C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\EWS
ExtendedProtectionTokenChecking : None
ExtendedProtectionFlags : {}
ExtendedProtectionSPNList : {}
AdminDisplayVersion : Version 15.0 (Build 775.38)
Server : EXMS2
InternalUrl : https://mail.support.com/EWS/Exchange.asmx
ExternalUrl : https://mail.support.com/EWS/Exchange.asmx
AdminDisplayName :
ExchangeVersion : 0.10 (14.0.100.0)
DistinguishedName : CN=EWS (Default Web Site),CN=HTTP,CN=Protocols,CN=EXMS2,CN=Servers,CN=Exchange Administrative Group
(FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Exchange,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=support,DC=LOCAL
Identity : EXMS2\EWS (Default Web Site)
Guid : 35cf96b1-29b4-442e-81c2-93298a8526af
ObjectCategory : support.LOCAL/Configuration/Schema/ms-Exch-Web-Services-Virtual-Directory
ObjectClass : {top, msExchVirtualDirectory, msExchWebServicesVirtualDirectory}
WhenChanged : 3/20/2014 1:49:37 PM
WhenCreated : 3/13/2014 10:30:45 AM
WhenChangedUTC : 3/20/2014 8:49:37 PM
WhenCreatedUTC : 3/13/2014 5:30:45 PM
OrganizationId :
OriginatingServer : LA-DC1.support.LOCAL
IsValid : True
ObjectState : Changed
This is a quick report of the systems settings. The important thing to check is that BasicAuthentication is set to True.
