Solved

Strange Permission issues with cfexchangeconnection

Posted on 2009-04-08
12
1,116 Views
Last Modified: 2013-12-24
I've been trying to connect to MS Exchange 2003 server version 6.5.7638.1 using cfexchangeconnection on ColdFusion Enterprise version 8,0,1,195765 on a Windows 2003 server. I've tried 5 different logins within the company. Three logins have worked fine, and 2 logins won't work at all. On the logins that don't work, I get one of the following messages:


Cannot access Exchange server as a web application at [exchange server name].
Ensure that the Exchange web application is configured in IIS and Web Service Extension for the Exchange server is allowed


Could not log in to the Exchange server.
Verify server name, username, and password.


The code I've used (which worked fine for 3 out of 5 logins) is:


<cfexchangeconnection action="open" connection="myExchangeConnection" server="[servername]" username="[username]" password="[password]"/>

 
The network admin has matched the permissions from the working logins to the non-working ones, and it doesn't help. Though occasionally the message will change from the "cannot access" to "could not log in."

Has anyone else had this problem? Is there anyone with expertise about what happens under the hood with permissions when cfexchangeconnection tries to connect to exchange?

Thanks!
0
Comment
Question by:LilyGE
12 Comments
 
LVL 1

Expert Comment

by:vonRogue
ID: 24099996
The only thing I can think of would be that "Outlook Web Access" hasn't been allowed for the two users you're having trouble with.
0
 

Author Comment

by:LilyGE
ID: 24100300
Thanks for the suggestion, but no - all the logins have Outlook Web Access. We also went through Active Directory and mirrored permissions from a working account to a non-working account. That didn't help either. The network admin then thought that perhaps it had something to do with Sharepoint, (since that was the only visible difference between the working and non-working accounts) so we made the Sharepoint settings match. Didn't help. I'm just hoping that someone out there has had the exact same thing happen and figured out what obscure setting is causing the problem!
0
 
LVL 63

Expert Comment

by:Zvonko
ID: 24100395
0
 

Author Comment

by:LilyGE
ID: 24101043
Very nice long thread, but ultimately not helpful:

The first part of the thread dealt with a bug in Exchange 2007, but we are using Exchange 2003.

A bit farther down, other folks were getting the same error as me, and the solution was to apply a hotfix. I've already applied the cumulative hotfix for CF 8 to fix some CFImage tag problems. So I don't see how that could be it either.
0
 

Author Comment

by:LilyGE
ID: 24111401
Another strange permutation is that for the logins which generate this error:

Cannot access Exchange server as a web application at [exchange server name].Ensure that the Exchange web application is configured in IIS and Web Service Extension for the Exchange server is allowed

If I change their password to an incorrect value, the resulting error message changes to:

Access to the Exchange server denied.Ensure that the user name and password are correct.

So it appears that the login is making it through security, and then throwing the following exception:

coldfusion.tagext.net.exchange.ExchangeExceptions.throwExchangeWebAppNotFoundException(ExchangeExceptions.java:1435)


0
 

Expert Comment

by:hanno62
ID: 24233169
Hi, just curious if you have found a solution for this. I am experiencing the exact same issue right now ?
0
Too many email signature updates to deal with?

Do you feel like you are taking up all of your time constantly visiting users’ desks to make changes to email signatures? Wish you could manage all signatures from one central location, easily design them and deploy them quickly to users? Well, there is an easy way!

 

Author Comment

by:LilyGE
ID: 24251871
I've got an open ticket with Adobe on this. (I actually haven't heard back from them in a week. I need to rattle that tree again.) They said they were flummoxed. If I hear anything, I'll definitely post the solution here.

May I ask if you have any of the following parameters?

Did you upgrade from Exchange 5.5 to 2003 directly?
Are your non-working accounts potentially from the Exchange 5.5 era?


0
 

Accepted Solution

by:
hanno62 earned 500 total points
ID: 24252066
Lily we were on exchange 2007 and Windows 2008.

The solution we found was that we had to add the MailBox attributes, as the domain of the logon was different from the mail box created for me.

I think this will do the job. For the rest the exchange tags are working well for me in CF I must admit.



0
 

Author Comment

by:LilyGE
ID: 24271025
Adobe Support were stumped on our particular problem. We have been unable to get the pivotal emails to be accessible to cfexchangeconnection - some sort of permissions problem. It could be a result of the emails being created in Exchange 5.5 and upgraded to 2003... or not. Who knows.

The solution we are implementing is to create new email objects, and transfer the non-working ones to the new email objects. Fortunately, it is only a few email addresses that we need to be able to access via ColdFusion, so this is not an onerous solution.

A partial solution to some of our non-working emails was to add the mailbox attribute, so I will award the points to hanno62.
0
 

Author Closing Comment

by:LilyGE
ID: 31576479
This solution (adding the mailbox attribute) worked for some of our non-working email accounts. Other accounts nothing worked for, so we are creating new email objects and transferring the old and inaccessible emails to the new objects.
0
 

Author Comment

by:LilyGE
ID: 24306847
Comment on the solution we tried:

So we created new accounts for the email addresses we wanted to be able to access with cfexchangeconnection. The first new email we created worked perfectly, whether calling that object directly, or via the mailbox attribute using the administrator login. The second and third email addresses were created in the same way with the same parameters and settings... and didn't work. Access denied. So we *copied* the one working email address - the first one we created. That finally did the trick - partially. One of the final two email addresses was accessible directly, and using the mailbox attribute, and the other was only accessible using the mailbox attribute. We decided that was good enough.

We still have no idea why some of the accounts we have in exchange are accessible via cfexchangeconnection, and some are not. The account that worked and that we copied to create new accounts should be identical, but we had problems with those as well.
0
 

Author Comment

by:LilyGE
ID: 24592528
Author Note: I've had to abandon the cfexchange tag completely due to more bugs with UID formats and being able to actually delete emails from the server when the emails have particular UID formats. I have been able to successful switch to the <cfpop> tag. It, too, has some problems. It uses "from" and "date" in the query output; since they are reserved words, it is impossible to run a query of queries off the resulting email recordset. That can be resolved by creating a new query in the page, and then copying the email content into the new query with different column names. It also pulls in the dates in a native format, and they have to be reformatted using the  <parsedatetime(myEmails.date,"pop")> function. It also sends the email body to 3 different possible fields, any combination of which can be blank, so you have to test all 3 fields to find the email message body. But it does work after all that is done.
Just FYI for anyone having cfexchange tag problems - hopefully by posting this others won't have to waste days of development time as I have done.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Outlook Free & Paid Tools
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now