Solved

We are having a few issues after migrating Exchange from 2010 to 2013.

Posted on 2014-10-15
12
404 Views
Last Modified: 2014-10-22
1. Main issue is that we cannot add secondary mailboxes to an account or additional profiles.
2. Running through testing we see that the ExRCA.com
      An error message was returned from the Autodiscover service
      XML response:
      <?xml version="1.0"?>
      <Autodiscover xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
      <Response>
      <Error Time="17:24:48.2529679" Id="2716901415">
      <ErrorCode>500</ErrorCode>
      <Message>The email address can't be found.</Message>
svc records and autodiscover dns records are all there and check out along with the wildcard cert

3. When trying to download OAB if gives an error.
      The error is 0x80200049 the operation failed

We have rebuilt the oab and autodiscover virtual directory following proper directions
we have recreated the oab and assigned it and it appears to be there we can access the web url for it same with the autodiscover url.

Any help would be appreciated. James
0
Comment
Question by:auctionpay
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 3
12 Comments
 
LVL 1

Author Comment

by:auctionpay
ID: 40382643
additional info:

when sending from a secondary profile that was already existed the message immediately errors out with the response.

This message could not be sent. Try sending the message again later, or contact your network administrator.  Error is [0x80070005-00000000-00000000].
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40383116
Internally Autodiscover and SRV records are not used if the clients are members of the domain.
The clients query the domain for Autodiscover information. If that isn't set correctly then the client will fail to connect.

My instinct is that you haven't set the URLs correctly.

http://semb.ee/hostnames2013

Furthermore, as you are using a wildcard certificate, you should probably look at setting these two values as well:

Get-OutlookProvider "EXCH" | Set-OutlookProvider -CertPrincipalName "msstd:*.example.com"
Get-OutlookProvider "EXPR" | Set-OutlookProvider -CertPrincipalName "msstd:*.example.com"

Simon.
0
 
LVL 1

Author Comment

by:auctionpay
ID: 40383319
that was done previously
Get-OutlookProvider give this
Name                          Server                        CertPrincipalName             TTL
----                          ------                        -----------------             ---
EXCH                                                        msstd:*.ourdomain.com     1
EXPR                                                        msstd:*.ourdomain.com     1
WEB                                                         msstd:*.ourdomain.com     1

I have gone through all the steps mentioned in the site. We have one 2010 CAS server that has not been removed yet so I had run the scrips for the individual cas server.
I am still having issues.
The outlook auto test always worked and still does
0
Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

 
LVL 1

Author Comment

by:auctionpay
ID: 40383371
Okay uninstalled last 2010 cas server just to eliminate it still no luck.
0
 
LVL 1

Author Comment

by:auctionpay
ID: 40383541
issue number 2 is resolved

Main issue is still unresolved
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40383869
If you are getting the same errors as you originally posted, then Autodiscover isn't working.
Autodiscover is mandatory with Exchange 2013 deployments.

When you run an Autodiscover test in Outlook, does it return the correct URLs?
Do you have more than the Exchange web sites on the CAS role holder? Bindings correct?

Simon.
0
 
LVL 1

Author Comment

by:auctionpay
ID: 40384460
Yes when I run auto discover it runs correctly for all test that I know.
I found a way to get outlook to add the mailbox to a second profile if I let it do the autodiscover/autoconfig for the logged in user then change the name on the account and resolve the name again. You can't send as that person until I go and perform Get-Mailbox "other mailbox" | Add-ADPermission -User "user" -ExtendedRights "Send As" even though the account has send as according to ECA and they could before the migration.
0
 
LVL 1

Assisted Solution

by:auctionpay
auctionpay earned 0 total points
ID: 40384794
Where I stand now. It looks like the main cause of my issues is 2 fold. Exchange 2013 changes how "Send as" works. Now instead of "Send as" it is "Send on behalf of" you have to go back in and add the "Send as" to get rid of issue 3. Issue 1 looks to be related to issue 3 in the fact that when adding a secondary mail box it looks at the OAB on your machine and cannot. If it does its autodiscover and the name is changed it has already resolved the CAS and received its GUID and can just check permissions then on full control. If you do not have "Send as" permissions at this point you will not be able to send from this profile.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40385554
"Exchange 2013 changes how "Send as" works. Now instead of "Send as" it is "Send on behalf of" you have to go back in and add the "Send as" to get rid of issue 3"

Nothing has changed.
Send As and Send on Behalf of have always been different. The permissions are different and are handled differently. It hasn't changed since SP2 for Exchange 2003, when Full Mailbox Access and the Send As permission were seperated.

If a user has Full Mailbox Access, then Autodiscover should add the account automatically in Outlook without any additional work being required - although only if permission is granted to a user, not to a group.

Simon.
0
 
LVL 1

Assisted Solution

by:auctionpay
auctionpay earned 0 total points
ID: 40387570
Simon,
In Exchange the permission setting have changed
manage send asIt is not send on behalf of,
Yes that capability has been around to set send on behalf of. However that is not the way it was before migration. Just something that had to be tracked down and changed.
Autodiscover and OAB for secondary profiles are needed. If you do not have a current copy of the OAB on your system you will be prompted to connect with your primary account before you can add a secondary. That way the OAB can be downloaded and it can identify what permissions you have for what mailbox. You can connect to the server all day long and not add a different profile until you have a good copy of OAB on your system or you spoof your credentials. The way I did before I got OAB and the GC working together.
I was able to identify the root cause of out OAB issue and it had to do with Domain Controller issues and thus OAB was not generating correctly or linking to peoples profiles.
My issues are now resolved.
James
0
 
LVL 1

Accepted Solution

by:
auctionpay earned 0 total points
ID: 40387971
My problems have all been resolved. OAB was working for most people as of yesterday the last thing was that it was showing up/downloadable by half of the users. Found that default BITS limit in GPO was blocking it. Everytime that I or someone else was trying to download would fail because Maximum number BITS jobs for each user was reached increasing this aloud amount and doing a gpupdate allowed the OAB to download and everything is looking good.

James
0
 
LVL 1

Author Closing Comment

by:auctionpay
ID: 40396484
There was no real comment provided by anyone else. I was just updating my post as I was working through the issue I could go through and write out all the steps for each issue but I think I have provided enough that people can work through the issues I was having.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Changing a few Outlook Options can help keep you organized!
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question