We have a hosted exchange 2010 solution with and we are in the process of upgrading to 2013. We have cloned and created a live LAB environment to test the deployment and this is where we are now...
We have the following:
2 x AD controllers. 1x 2008 and 1x 2012
1x exch2010 server with Citrix provisioning installed (MBX & CAS roles)
1x exch2010 mailbox server
2x Exch2013 CAS servers
2x Exch2013 MBX server
1xProvisioning (Citrix Server)
We made sure that everything works before installing 2013 into the environment so i can confirm that the 2010 provisioning worked perfectly before installing the Exchange 2013 into the environment.
I then started with preparing the domain, schema and domain controllers and then continued to install the first exchange2013 server.
After going through some errors, and working through some documented KB articles, the exchange server are all successfully installed.
I then created a new user called hexadmin. I can log in to OWA and ECP on 2013 successfully and i can log into administrator on 2010 successfully using the OWA redirect from 2013>2010.
Mail flow also works between two accounts.
We then introduced exchange 2013 to our Citrix panel by updating the panel to the latest version, added the servers to the panel, added the services to the servers and also installed the Citrix software needed on one of the CAS servers.
The Panel is happy with everything and we are able to successfully provision a new Customer, new Exchange service and also new user mailboxes.
I checked for the following:
- the new client is listed under AD
- the new user is listed under the correct OU and the structure is the same as a working user
- the Exchange 2013 ECP panel detects the users and confirms that the user has a mailbox.
- the mailbox is located on one of the Exchange 2013 Mailbox servers.
So, everything looks good so far... but when I try to log into OWA on EXCH2013 i get the following message:
"The user name or password you entered isn't correct. Try entering it again."
I can confirm that I have double checked and triple checked the username and password. I have done multiple resets on the account using the Citrix Panel with which provisions successfully.
I have tried with multiple customers and multiple users with in these customers.
When I look in Event viewer I can see the attempted login with error:
An account failed to log on.
Security ID: SYSTEM
Account Name: HEX2013-EXCAS09$
Account Domain: Domain
Logon ID: 0x3E7
Logon Type: 8
Account For Which Logon Failed:
Security ID: NULL SID
Account Name: peter@Domain.local
Account Domain: HEX2013-EXCAS09
Failure Reason: Unknown user name or bad password.
Sub Status: 0xC0000064
Caller Process ID: 0xb58
Caller Process Name: C:\Windows\System32\inetsrv\w3wp.exe
Workstation Name: HEX2013-EXCAS09
Source Network Address: 192.168.200.37
Source Port: 20765
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon request fails. It is generated on the computer where access was attempted.
The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).
The Process Information fields indicate which account and process on the system requested the logon.
The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
If i give the mailbox Full permissions to the HEXADMIN, then I am able to open the mailbox, but no matter what i try, I can't log onto any mailbox when provisioned with Citrix.
I am hoping that someone has gone through this already can maybe assist with this?
I have scoured the citrix forum with nothing coming back with any decent info.
Please let me know if you want to know anything else.