?
Solved

We are having a few issues after migrating Exchange from 2010 to 2013.

Posted on 2014-10-15
12
Medium Priority
?
424 Views
Last Modified: 2014-10-22
1. Main issue is that we cannot add secondary mailboxes to an account or additional profiles.
2. Running through testing we see that the ExRCA.com
      An error message was returned from the Autodiscover service
      XML response:
      <?xml version="1.0"?>
      <Autodiscover xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
      <Response>
      <Error Time="17:24:48.2529679" Id="2716901415">
      <ErrorCode>500</ErrorCode>
      <Message>The email address can't be found.</Message>
svc records and autodiscover dns records are all there and check out along with the wildcard cert

3. When trying to download OAB if gives an error.
      The error is 0x80200049 the operation failed

We have rebuilt the oab and autodiscover virtual directory following proper directions
we have recreated the oab and assigned it and it appears to be there we can access the web url for it same with the autodiscover url.

Any help would be appreciated. James
0
Comment
Question by:auctionpay
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 3
12 Comments
 
LVL 1

Author Comment

by:auctionpay
ID: 40382643
additional info:

when sending from a secondary profile that was already existed the message immediately errors out with the response.

This message could not be sent. Try sending the message again later, or contact your network administrator.  Error is [0x80070005-00000000-00000000].
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40383116
Internally Autodiscover and SRV records are not used if the clients are members of the domain.
The clients query the domain for Autodiscover information. If that isn't set correctly then the client will fail to connect.

My instinct is that you haven't set the URLs correctly.

http://semb.ee/hostnames2013

Furthermore, as you are using a wildcard certificate, you should probably look at setting these two values as well:

Get-OutlookProvider "EXCH" | Set-OutlookProvider -CertPrincipalName "msstd:*.example.com"
Get-OutlookProvider "EXPR" | Set-OutlookProvider -CertPrincipalName "msstd:*.example.com"

Simon.
0
 
LVL 1

Author Comment

by:auctionpay
ID: 40383319
that was done previously
Get-OutlookProvider give this
Name                          Server                        CertPrincipalName             TTL
----                          ------                        -----------------             ---
EXCH                                                        msstd:*.ourdomain.com     1
EXPR                                                        msstd:*.ourdomain.com     1
WEB                                                         msstd:*.ourdomain.com     1

I have gone through all the steps mentioned in the site. We have one 2010 CAS server that has not been removed yet so I had run the scrips for the individual cas server.
I am still having issues.
The outlook auto test always worked and still does
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 1

Author Comment

by:auctionpay
ID: 40383371
Okay uninstalled last 2010 cas server just to eliminate it still no luck.
0
 
LVL 1

Author Comment

by:auctionpay
ID: 40383541
issue number 2 is resolved

Main issue is still unresolved
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40383869
If you are getting the same errors as you originally posted, then Autodiscover isn't working.
Autodiscover is mandatory with Exchange 2013 deployments.

When you run an Autodiscover test in Outlook, does it return the correct URLs?
Do you have more than the Exchange web sites on the CAS role holder? Bindings correct?

Simon.
0
 
LVL 1

Author Comment

by:auctionpay
ID: 40384460
Yes when I run auto discover it runs correctly for all test that I know.
I found a way to get outlook to add the mailbox to a second profile if I let it do the autodiscover/autoconfig for the logged in user then change the name on the account and resolve the name again. You can't send as that person until I go and perform Get-Mailbox "other mailbox" | Add-ADPermission -User "user" -ExtendedRights "Send As" even though the account has send as according to ECA and they could before the migration.
0
 
LVL 1

Assisted Solution

by:auctionpay
auctionpay earned 0 total points
ID: 40384794
Where I stand now. It looks like the main cause of my issues is 2 fold. Exchange 2013 changes how "Send as" works. Now instead of "Send as" it is "Send on behalf of" you have to go back in and add the "Send as" to get rid of issue 3. Issue 1 looks to be related to issue 3 in the fact that when adding a secondary mail box it looks at the OAB on your machine and cannot. If it does its autodiscover and the name is changed it has already resolved the CAS and received its GUID and can just check permissions then on full control. If you do not have "Send as" permissions at this point you will not be able to send from this profile.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40385554
"Exchange 2013 changes how "Send as" works. Now instead of "Send as" it is "Send on behalf of" you have to go back in and add the "Send as" to get rid of issue 3"

Nothing has changed.
Send As and Send on Behalf of have always been different. The permissions are different and are handled differently. It hasn't changed since SP2 for Exchange 2003, when Full Mailbox Access and the Send As permission were seperated.

If a user has Full Mailbox Access, then Autodiscover should add the account automatically in Outlook without any additional work being required - although only if permission is granted to a user, not to a group.

Simon.
0
 
LVL 1

Assisted Solution

by:auctionpay
auctionpay earned 0 total points
ID: 40387570
Simon,
In Exchange the permission setting have changed
manage send asIt is not send on behalf of,
Yes that capability has been around to set send on behalf of. However that is not the way it was before migration. Just something that had to be tracked down and changed.
Autodiscover and OAB for secondary profiles are needed. If you do not have a current copy of the OAB on your system you will be prompted to connect with your primary account before you can add a secondary. That way the OAB can be downloaded and it can identify what permissions you have for what mailbox. You can connect to the server all day long and not add a different profile until you have a good copy of OAB on your system or you spoof your credentials. The way I did before I got OAB and the GC working together.
I was able to identify the root cause of out OAB issue and it had to do with Domain Controller issues and thus OAB was not generating correctly or linking to peoples profiles.
My issues are now resolved.
James
0
 
LVL 1

Accepted Solution

by:
auctionpay earned 0 total points
ID: 40387971
My problems have all been resolved. OAB was working for most people as of yesterday the last thing was that it was showing up/downloadable by half of the users. Found that default BITS limit in GPO was blocking it. Everytime that I or someone else was trying to download would fail because Maximum number BITS jobs for each user was reached increasing this aloud amount and doing a gpupdate allowed the OAB to download and everything is looking good.

James
0
 
LVL 1

Author Closing Comment

by:auctionpay
ID: 40396484
There was no real comment provided by anyone else. I was just updating my post as I was working through the issue I could go through and write out all the steps for each issue but I think I have provided enough that people can work through the issues I was having.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses
Course of the Month15 days, 17 hours left to enroll

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question