We are having a few issues after migrating Exchange from 2010 to 2013.

1. Main issue is that we cannot add secondary mailboxes to an account or additional profiles.
2. Running through testing we see that the ExRCA.com
      An error message was returned from the Autodiscover service
      XML response:
      <?xml version="1.0"?>
      <Autodiscover xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
      <Error Time="17:24:48.2529679" Id="2716901415">
      <Message>The email address can't be found.</Message>
svc records and autodiscover dns records are all there and check out along with the wildcard cert

3. When trying to download OAB if gives an error.
      The error is 0x80200049 the operation failed

We have rebuilt the oab and autodiscover virtual directory following proper directions
we have recreated the oab and assigned it and it appears to be there we can access the web url for it same with the autodiscover url.

Any help would be appreciated. James
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

auctionpayAuthor Commented:
additional info:

when sending from a secondary profile that was already existed the message immediately errors out with the response.

This message could not be sent. Try sending the message again later, or contact your network administrator.  Error is [0x80070005-00000000-00000000].
Simon Butler (Sembee)ConsultantCommented:
Internally Autodiscover and SRV records are not used if the clients are members of the domain.
The clients query the domain for Autodiscover information. If that isn't set correctly then the client will fail to connect.

My instinct is that you haven't set the URLs correctly.


Furthermore, as you are using a wildcard certificate, you should probably look at setting these two values as well:

Get-OutlookProvider "EXCH" | Set-OutlookProvider -CertPrincipalName "msstd:*.example.com"
Get-OutlookProvider "EXPR" | Set-OutlookProvider -CertPrincipalName "msstd:*.example.com"

auctionpayAuthor Commented:
that was done previously
Get-OutlookProvider give this
Name                          Server                        CertPrincipalName             TTL
----                          ------                        -----------------             ---
EXCH                                                        msstd:*.ourdomain.com     1
EXPR                                                        msstd:*.ourdomain.com     1
WEB                                                         msstd:*.ourdomain.com     1

I have gone through all the steps mentioned in the site. We have one 2010 CAS server that has not been removed yet so I had run the scrips for the individual cas server.
I am still having issues.
The outlook auto test always worked and still does
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

auctionpayAuthor Commented:
Okay uninstalled last 2010 cas server just to eliminate it still no luck.
auctionpayAuthor Commented:
issue number 2 is resolved

Main issue is still unresolved
Simon Butler (Sembee)ConsultantCommented:
If you are getting the same errors as you originally posted, then Autodiscover isn't working.
Autodiscover is mandatory with Exchange 2013 deployments.

When you run an Autodiscover test in Outlook, does it return the correct URLs?
Do you have more than the Exchange web sites on the CAS role holder? Bindings correct?

auctionpayAuthor Commented:
Yes when I run auto discover it runs correctly for all test that I know.
I found a way to get outlook to add the mailbox to a second profile if I let it do the autodiscover/autoconfig for the logged in user then change the name on the account and resolve the name again. You can't send as that person until I go and perform Get-Mailbox "other mailbox" | Add-ADPermission -User "user" -ExtendedRights "Send As" even though the account has send as according to ECA and they could before the migration.
auctionpayAuthor Commented:
Where I stand now. It looks like the main cause of my issues is 2 fold. Exchange 2013 changes how "Send as" works. Now instead of "Send as" it is "Send on behalf of" you have to go back in and add the "Send as" to get rid of issue 3. Issue 1 looks to be related to issue 3 in the fact that when adding a secondary mail box it looks at the OAB on your machine and cannot. If it does its autodiscover and the name is changed it has already resolved the CAS and received its GUID and can just check permissions then on full control. If you do not have "Send as" permissions at this point you will not be able to send from this profile.
Simon Butler (Sembee)ConsultantCommented:
"Exchange 2013 changes how "Send as" works. Now instead of "Send as" it is "Send on behalf of" you have to go back in and add the "Send as" to get rid of issue 3"

Nothing has changed.
Send As and Send on Behalf of have always been different. The permissions are different and are handled differently. It hasn't changed since SP2 for Exchange 2003, when Full Mailbox Access and the Send As permission were seperated.

If a user has Full Mailbox Access, then Autodiscover should add the account automatically in Outlook without any additional work being required - although only if permission is granted to a user, not to a group.

auctionpayAuthor Commented:
In Exchange the permission setting have changed
manage send asIt is not send on behalf of,
Yes that capability has been around to set send on behalf of. However that is not the way it was before migration. Just something that had to be tracked down and changed.
Autodiscover and OAB for secondary profiles are needed. If you do not have a current copy of the OAB on your system you will be prompted to connect with your primary account before you can add a secondary. That way the OAB can be downloaded and it can identify what permissions you have for what mailbox. You can connect to the server all day long and not add a different profile until you have a good copy of OAB on your system or you spoof your credentials. The way I did before I got OAB and the GC working together.
I was able to identify the root cause of out OAB issue and it had to do with Domain Controller issues and thus OAB was not generating correctly or linking to peoples profiles.
My issues are now resolved.
auctionpayAuthor Commented:
My problems have all been resolved. OAB was working for most people as of yesterday the last thing was that it was showing up/downloadable by half of the users. Found that default BITS limit in GPO was blocking it. Everytime that I or someone else was trying to download would fail because Maximum number BITS jobs for each user was reached increasing this aloud amount and doing a gpupdate allowed the OAB to download and everything is looking good.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
auctionpayAuthor Commented:
There was no real comment provided by anyone else. I was just updating my post as I was working through the issue I could go through and write out all the steps for each issue but I think I have provided enough that people can work through the issues I was having.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.