Sunday, March 12, 2017

Error 0x800f0922 attempting to reprovision DHCP Server

We needed to re-provision a DHCP server running Windows Server 2012 R2 which was recently demoted and the role removed.  When attempting to re-add the role the following error was experienced:

The request to add or remove features on the specified server failed.  Installation of one or more roles, role services, or features failed.  Error: 0x800f0922


After much misleading information on the Internet, to resolve this error we simply needed to remove the "dhcp" folder from C:\Windows\System32\

For fast effective IT Support in Perth, contact Avantgarde Technologies.

Wednesday, February 22, 2017

Pop and Crackling in Ableton 9.7.1 with Serum

 I was having many issues with crackling on Ableton 9.7.1 running the Serum VST even though my CPU usage was only 20-30%.  After extensive research I disabled the Intel SpeedStep and TurboMode technology which automatically increases the clock speed of the processor under heavy load.  Ableton was not able to detect the clock speed change of the processor and as the processor clock speed changed based on load, it interfered with my audio playback.

To fix this you need to enter your computers BIOS outside of Windows.

Here is a snapshot of my workstation where I disabled SpeedStep and TurboMode Tech.

 

Thursday, February 16, 2017

Kerberos Error Connecting to Exchange 2010

Using an old user account at a customer site, I had the following error when attempting to connect to Exchange Management Console (EMC).

The following error occurred while attempting to connect to the specified Exchange server 'server.domain.local:

The attempt to connect to http://server.domain.local/powershell using 'Kerberos' authentication failed: Connecting to the remote server failed with the following error message : WinRM cannot process the request. The following error occurred while using Kerberos  authentication: The network path was not found.


To resolve this issue, delete the NodeStructureSettings registry key from

HKEY_CURRENT_USER\Software\Microsoft\ExchangeServer\v14\AdminTools


For specialised IT Support in Perth, contact us.

Wednesday, February 8, 2017

Disabling Modern App Bloatware on Windows 10 Image

Windows 10 comes with much unwanted bloatware in the form of "ModernApps".  These apps include:
  • Netflix
  • Pandora
  • Skype Preview
  • Paid WiFi & Mobile
  • Xbox
  • Get Office
  • Microsoft Solitaire Collection
  • Groove Music
  • Adobe Photoshop Express
  • 3D Builder
Many more unwanted apps... some regions even get Mimecraft!

What is very annoying is Microsoft believes these applications are required "by default" even in Windows 10 Enterprise Edition which is targeted at corporations.

If a user removes these applications, they automatically reinstall by default making it more frustrating.

So - you want to build your corporate image but and remove all Windows 10 Bloatware and modern applications which Microsoft deem necessary for all users?  Here what we needed to do on our Windows 10 Enterprise anniversary update 1607.

First of all don't join your Windows 10 image to the domain.  If you join the Windows 10 Enterprise 1607 image to an Active Directory domain (even if you isolate the computer so it does not receive policy), sysprep fails with the following.

Sysprep was not able to validate your Windows installation.

 
In the setupact.log on the server the following error is generated from domain joining.  I believe this is a bug and I will be raising it with MS.
 
2017-02-07 16:45:40, Error     SYSPRP Failed to remove apps for the current user: 0x80073cf2.
2017-02-07 16:45:40, Error     SYSPRP Exit code of RemoveAllApps thread was 0x3cf2.
2017-02-07 16:45:40, Error[0x0f0082] SYSPRP ActionPlatform::LaunchModule: Failure occurred while executing 'SysprepGeneralizeValidate' from C:\Windows\System32\AppxSysprep.dll; dwRet = 0x3cf2
2017-02-07 16:45:40, Error     SYSPRP SysprepSession::Validate: Error in validating actions from C:\Windows\System32\Sysprep\ActionFiles\Generalize.xml; dwRet = 0x3cf2
2017-02-07 16:45:40, Error     SYSPRP RunPlatformActions:Failed while validating SysprepSession actions; dwRet = 0x3cf2
2017-02-07 16:45:40, Error[0x0f0070] SYSPRP RunExternalDlls:An error occurred while running registry sysprep DLLs, halting sysprep execution. dwRet = 0x3cf2
2017-02-07 16:45:40, Error[0x0f00d8] SYSPRP WinMain:Hit failure while pre-validate sysprep generalize internal providers; hr = 0x80073cf2
2017-02-07 16:46:54, Info [0x0f0052] SYSPRP Shutting down SysPrep log
2017-02-07 16:46:54, Info [0x0f004d] SYSPRP The time is now 2017-02-07 16:46:54
Make all changes to the image in "WORKGROUP" mode to ensure it never touches the Active Directory domain so sysprep will run.
 
Stop Bloatware from Re-downloading from MS Cloud
 
Next we want to stop Windows 10 from automatically "redownloading" bloatware apps after we remove them.
 
Method 1
 
Add 32-bit DWORD value named DisableWindowsConsumerFeatures
 
to:
 
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CloudContent 
 
Note: You will want to create the CloudContent Key.
 
Method 2
 
Method 2 involves deploying the regkey via you AD Domain/local policy.  During image creation as your machine is workgroup, it wont be able to get this policy from the domain.
 
Computer Configuration –> Administrative Templates –> Windows Components –> Cloud Content
 
“Turn off Microsoft consumer experiences”
 
Note: I recommend deploying Method 1 on the image itself immediately after being built as the image will start downloading bloatware as your configuring your base SOE.
 
Remove the Default Bloatware
 
Next you will want to remove all default Windows 10 Bloatware "Modern Apps".  To remove this from your image from an elevated PowerShell command prompt run:
 
Get-ProvisionedAppxPackage -Online | Remove-ProvisionedAppxPackage -Online
 
If you want to review the list of bloatware before running the above command, run this:
 
Get-AppXProvisionedPackage -Online | Select PackageName
After you remove the bloatware, make sure you run the following command from the user account you want to sysprep from, or sysprep will fail once again as per https://support.microsoft.com/kb/2769827
 
Get-AppxPackage | Remove-AppxPackage

Classic Shell
 
In this image I installed the classic shell App to give all users the standard Windows 7 start menu and remove the modern app interface all together.  This was downloaded from:
 
 
We only installed Classic Start Menu, not Classic Explorer, Classic IE or any of the other options from this download.
 
Default Profile
 
Items such as Edge cannot be removed from Windows 10 just like IE cannot be removed from Windows 7. We created a new Default Profile and removed the Edge icon from the task bar, configured the taskbar classic shell and setup default wallpaper etc.
 
Other Important Policies We Applied

Other important policies we deployed to the Active Directory Domain Group Policy for Windows 10 machines include:
 
Disabling the Windows Store:
 
Computer Configuration, Administrative Templates,  Windows Components, and then click Store.
In the Setting pane, click Turn off Store application
 
Disable OneDrive
 
Computer Configuration > Administrative Templates > Windows Components > OneDrive
 
Prevent the usage of OneDrive for file storage
 
Disable Cortana
 
Computer Configuration > Administrative Templates > Windows Components > Search
 
"Allow Cortana" --> Set to disabled.
 
Default Apps
 
Configure Windows 10 to use Windows Media Player and Internet Explorer as default apps (or alternative) and export the default App config with:
 
dism /online /export-defaultappassociations:\\localhost\c$\AppAssoc.xml
 
Deploy the xml file with Group Policy from a file share:
 
Administrative Templates\Windows Components\File Explorer\Set a default associations configuration file
 
Tip for Creating the Image
 
We wanted to create a driver independent image as we are deploying with SCCM and we need to layer the drivers based on the various client hardware.  As a result, we do not want any drivers incorporated in the image.
 
I built the image on VMWare using E1000 NIC (as its natively supported by Windows 10) and did not install VMware Tools during the build process to keep the image clean.
 
I also had numerous issues with sysprep failing due to numerous changes (many which I did not document here).  As a result, I recommend snapshotting your progress numerous times throughout the SOE build and attempting to run sysprep numerous times during your build process to ensure when you get to the end it will not fail!

Hope this information is helpful to anyone wanting to upgrade to Windows 10 as part of a corporate SOE.

Disable RC4 on Windows Servers

The 13 year old RC4 cipher exploit is enabled by default on Server 2012 R2.  If you have a IIS server using a digital certificate facing the Internet, it's recommended to disable RC4 cipher.

There are numerous security concerns documented on the Internet about this vulnerability including:

https://threatpost.com/attack-exploits-weakness-rc4-cipher-decrypt-user-sessions-031413/77628/

http://www.securityweek.com/new-attack-rc4-based-ssltls-leverages-13-year-old-vulnerability

To disable this vulnerability, add the following to the registry on your Server 2012 R2 operating system:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128/128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56/128]
"Enabled"=dword:00000000

To disable this vulnerability, add the following to the registry on your Server 2012 R2 operating system:


This was put in place on a customers RDS  Gateway and Web Access server after conducting a penetration test and finding this vulnerability enabled by default.

Thursday, January 26, 2017

Displaying full values of Attributes in PowerShell

In Windows PowerShell often when you are running queries, PowerShell will only show a limited value for objects which contain large attributes.  The attribute output is cutoff with a "..." at the end of the attribute.


To configure PowerShell to display the full output of a cmdlet, enter the following into the shell window:

$FormatEnumerationLimit=-1

The shell will now push the full output onto the screen for long attributes.


Hope this post was helpful.

For IT Support in Perth, Contact Avantgarde Technologies. 

Thursday, January 19, 2017

MSExchange ActiveSync Event ID 1016

Customer with a single Exchange 2010 completely down.  The following error was spammed throughout the event log:

Log Name:      Application
Source:        MSExchange ActiveSync
Date:          18/01/2017 7:31:46 PM
Event ID:      1016
Task Category: Server
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      EXCHANGE2010
Description:
Exchange ActiveSync has encountered repeated failures when it tries to access data on Mailbox server [EXCHANGE2010.domain.local]. It will temporarily stop making requests to the Mailbox server for [60] seconds to reduce load on that server. This delay may occur if the Mailbox server is overloaded. If this event is logged frequently, review the Application log on this server and the Mailbox server noted above for other events that could indicate the root cause of performance problems.
Additional information:
"serverFQDN=EXCHANGE2010.domain.local
Error 0:

ErrorTimeStamp:
18/01/2017 7:31:45 PM
Exception:
--- Exception start ---
Exception type: Microsoft.Exchange.Data.Storage.ConnectionFailedTransientException
Exception message: Cannot open mailbox /o=EXCHANGE/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=User.
Exception level: 0
Exception stack trace:    at Microsoft.Exchange.Data.Storage.MailboxSession.ForceOpen(MapiStore linkedStore)
   at Microsoft.Exchange.Data.Storage.MailboxSession.Initialize(MapiStore linkedStore, LogonType logonType, ExchangePrincipal owner, DelegateLogonUser delegateUser, Object identity, OpenMailboxSessionFlags flags, GenericIdentity auxiliaryIdentity)
   at Microsoft.Exchange.Data.Storage.MailboxSession.<>c__DisplayClass12.b__10(MailboxSession mailboxSession)
   at Microsoft.Exchange.Data.Storage.MailboxSession.InternalCreateMailboxSession(LogonType logonType, ExchangePrincipal owner, CultureInfo cultureInfo, String clientInfoString, IAccountingObject budget, Action`1 initializeMailboxSession, InitializeMailboxSessionFailure initializeMailboxSessionFailure)
   at Microsoft.Exchange.Data.Storage.MailboxSession.CreateMailboxSession(LogonType logonType, ExchangePrincipal owner, DelegateLogonUser delegateUser, Object identity, OpenMailboxSessionFlags flags, CultureInfo cultureInfo, String clientInfoString, PropertyDefinition[] mailboxProperties, IList`1 foldersToInit, GenericIdentity auxiliaryIdentity, IAccountingObject budget)
   at Microsoft.Exchange.Data.Storage.MailboxSession.ConfigurableOpen(ExchangePrincipal mailbox, MailboxAccessInfo accessInfo, CultureInfo cultureInfo, String clientInfoString, LogonType logonType, PropertyDefinition[] mailboxProperties, InitializationFlags initFlags, IList`1 foldersToInit, IAccountingObject budget)
   at Microsoft.Exchange.Data.Storage.MailboxSession.Open(ExchangePrincipal mailboxOwner, WindowsPrincipal authenticatedUser, CultureInfo cultureInfo, String clientInfoString, Boolean wantCachedConnection)
   at Microsoft.Exchange.Data.Storage.MailboxSession.Open(ExchangePrincipal mailboxOwner, WindowsPrincipal authenticatedUser, CultureInfo cultureInfo, String clientInfoString)
   at Microsoft.Exchange.AirSync.Command.OpenMailboxSession(AirSyncUser user, Boolean shouldUseBudget)
   at Microsoft.Exchange.AirSync.Command.WorkerThread()
Inner exception follows...
Exception type: Microsoft.Mapi.MapiExceptionNetworkError
Exception message: MapiExceptionNetworkError: Unable to make connection to the server. (hr=0x80040115, ec=-2147221227)
Diagnostic context:
    ......
    Lid: 13720   dwParam: 0x6D9      Msg: EEInfo: Flags: 0
    Lid: 11672   dwParam: 0x6D9      Msg: EEInfo: NumberOfParameters: 4
    Lid: 8856    dwParam: 0x6D9      Msg: EEInfo: prm[0]: Unicode string: ncacn_ip_tcp
    Lid: 8856    dwParam: 0x6D9      Msg: EEInfo: prm[1]: Unicode string: EXCHANGE2010.domain.local
    Lid: 12952   dwParam: 0x6D9      Msg: EEInfo: prm[2]: Long val: -545057711
    Lid: 12952   dwParam: 0x6D9      Msg: EEInfo: prm[3]: Long val: 382312662
    Lid: 45169   StoreEc: 0x824    
    Lid: 44273 
    Lid: 59431   EMSMDB.EcDoConnectEx called [length=140]
    Lid: 34855   EMSMDB.EcDoConnectEx returned [ec=0x824][length=56][latency=0]
    Lid: 59505   StoreEc: 0x824    
    Lid: 25964   StoreEc: 0x824    
    Lid: 36081 
    Lid: 52465   StoreEc: 0x80040115
    Lid: 60065 
    Lid: 33777   StoreEc: 0x80040115
    Lid: 59805 
    Lid: 52209   StoreEc: 0x80040115
    Lid: 56583 
    Lid: 52487   StoreEc: 0x80040115
    Lid: 19778 
    Lid: 27970   StoreEc: 0x80040115
    Lid: 17730 
    Lid: 25922   StoreEc: 0x80040115
Exception level: 1
Exception stack trace:    at Microsoft.Mapi.MapiExceptionHelper.ThrowIfError(String message, Int32 hresult, SafeExInterfaceHandle iUnknown, Exception innerException)
   at Microsoft.Mapi.ExRpcConnection.Create(ConnectionCache connectionCache, ExRpcConnectionCreateFlag createFlags, ConnectFlag connectFlags, String serverDn, String userDn, String user, String domain, String password, String httpProxyServerName, Int32 ulConMod, Int32 lcidString, Int32 lcidSort, Int32 cpid, Int32 cReconnectIntervalInMins, Int32 cbRpcBufferSize, Int32 cbAuxBufferSize, Client xropClient, Byte[] clientSessionInfo, TimeSpan connectionTimeout)
   at Microsoft.Mapi.MapiStore.OpenMapiStore(String serverDn, String userDn, String mailboxDn, Guid guidMailbox, Guid guidMdb, String userName, String domainName, String password, String httpProxyServerName, ConnectFlag connectFlags, OpenStoreFlag storeFlags, CultureInfo cultureInfo, Boolean wantRedirect, String& correctServerDN, ClientIdentityInfo clientIdentity, String applicationId, Client xropClient, Boolean wantWebServices, Byte[] clientSessionInfo, TimeSpan connectionTimeout)
   at Microsoft.Mapi.MapiStore.OpenMailbox(String serverDn, String userDn, Guid guidMailbox, Guid guidMdb, String userName, String domainName, String password, ConnectFlag connectFlags, OpenStoreFlag storeFlags, CultureInfo cultureInfo, WindowsIdentity windowsIdentity, String applicationId)
   at Microsoft.Exchange.Data.Storage.MailboxSession.ForceOpen(MapiStore linkedStore)
--- Exception end ---
Error 1:

ErrorTimeStamp:
18/01/2017 7:31:45 PM
Exception:
--- Exception start ---
Exception type: Microsoft.Exchange.Data.Storage.ConnectionFailedTransientException
Exception message: Cannot open mailbox /o=exchange/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=sfso.
Exception level: 0
Exception stack trace:    at Microsoft.Exchange.Data.Storage.MailboxSession.ForceOpen(MapiStore linkedStore)
   at Microsoft.Exchange.Data.Storage.MailboxSession.Initialize(MapiStore linkedStore, LogonType logonType, ExchangePrincipal owner, DelegateLogonUser delegateUser, Object identity, OpenMailboxSessionFlags flags, GenericIdentity auxiliaryIdentity)
   at Microsoft.Exchange.Data.Storage.MailboxSession.<>c__DisplayClass12.b__10(MailboxSession mailboxSession)
   at Microsoft.Exchange.Data.Storage.MailboxSession.InternalCreateMailboxSession(LogonType logonType, ExchangePrincipal owner, CultureInfo cultureInfo, String clientInfoString, IAccountingObject budget, Action`1 initializeMailboxSession, InitializeMailboxSessionFailure initializeMailboxSessionFailure)
   at Microsoft.Exchange.Data.Storage.MailboxSession.CreateMailboxSession(LogonType logonType, ExchangePrincipal owner, DelegateLogonUser delegateUser, Object identity, OpenMailboxSessionFlags flags, CultureInfo cultureInfo, String clientInfoString, PropertyDefinition[] mailboxProperties, IList`1 foldersToInit, GenericIdentity auxiliaryIdentity, IAccountingObject budget)
   at Microsoft.Exchange.Data.Storage.MailboxSession.ConfigurableOpen(ExchangePrincipal mailbox, MailboxAccessInfo accessInfo, CultureInfo cultureInfo, String clientInfoString, LogonType logonType, PropertyDefinition[] mailboxProperties, InitializationFlags initFlags, IList`1 foldersToInit, IAccountingObject budget)
   at Microsoft.Exchange.Data.Storage.MailboxSession.Open(ExchangePrincipal mailboxOwner, WindowsPrincipal authenticatedUser, CultureInfo cultureInfo, String clientInfoString, Boolean wantCachedConnection)
   at Microsoft.Exchange.Data.Storage.MailboxSession.Open(ExchangePrincipal mailboxOwner, WindowsPrincipal authenticatedUser, CultureInfo cultureInfo, String clientInfoString)
   at Microsoft.Exchange.AirSync.Command.OpenMailboxSession(AirSyncUser user, Boolean shouldUseBudget)
   at Microsoft.Exchange.AirSync.Command.WorkerThread()
Inner exception follows...
Exception type: Microsoft.Mapi.MapiExceptionNetworkError
Exception message: MapiExceptionNetworkError: Unable to make connection to the server. (hr=0x80040115, ec=-2147221227)
Diagnostic context:
    ......
    Lid: 13720   dwParam: 0x6D9      Msg: EEInfo: Flags: 0
    Lid: 11672   dwParam: 0x6D9      Msg: EEInfo: NumberOfParameters: 4
    Lid: 8856    dwParam: 0x6D9      Msg: EEInfo: prm[0]: Unicode string: ncacn_ip_tcp
    Lid: 8856    dwParam: 0x6D9      Msg: EEInfo: prm[1]: Unicode string: EXCHANGE2010.domain.local
    Lid: 12952   dwParam: 0x6D9      Msg: EEInfo: prm[2]: Long val: -545057711
    Lid: 12952   dwParam: 0x6D9      Msg: EEInfo: prm[3]: Long val: 382312662
    Lid: 45169   StoreEc: 0x824    
    Lid: 44273 
    Lid: 59431   EMSMDB.EcDoConnectEx called [length=133]
    Lid: 34855   EMSMDB.EcDoConnectEx returned [ec=0x824][length=56][latency=0]
    Lid: 59505   StoreEc: 0x824    
    Lid: 25964   StoreEc: 0x824    
    Lid: 36081 
    Lid: 52465   StoreEc: 0x80040115
    Lid: 60065 
    Lid: 33777   StoreEc: 0x80040115
    Lid: 59805 
    Lid: 52209   StoreEc: 0x80040115
    Lid: 56583 
    Lid: 52487   StoreEc: 0x80040115
    Lid: 19778 
    Lid: 27970   StoreEc: 0x80040115
    Lid: 17730 
    Lid: 25922   StoreEc: 0x80040115
Exception level: 1
Exception stack trace:    at Microsoft.Mapi.MapiExceptionHelper.ThrowIfError(String message, Int32 hresult, SafeExInterfaceHandle iUnknown, Exception innerException)
   at Microsoft.Mapi.ExRpcConnection.Create(ConnectionCache connectionCache, ExRpcConnectionCreateFlag createFlags, ConnectFlag connectFlags, String serverDn, String userDn, String user, String domain, String password, String httpProxyServerName, Int32 ulConMod, Int32 lcidString, Int32 lcidSort, Int32 cpid, Int32 cReconnectIntervalInMins, Int32 cbRpcBufferSize, Int32 cbAuxBufferSize, Client xropClient, Byte[] clientSessionInfo, TimeSpan connectionTimeout)
   at Microsoft.Mapi.MapiStore.OpenMapiStore(String serverDn, String userDn, String mailboxDn, Guid guidMailbox, Guid guidMdb, String userName, String domainName, String password, String httpProxyServerName, ConnectFlag connectFlags, OpenStoreFlag storeFlags, CultureInfo cultureInfo, Boolean wantRedirect, String& correctServerDN, ClientIdentityInfo clientIdentity, String applicationId, Client xropClient, Boolean wantWebServices, Byte[] clientSessionInfo, TimeSpan connectionTimeout)
   at Microsoft.Mapi.MapiStore.OpenMailbox(String serverDn, String userDn, Guid guidMailbox, Guid guidMdb, String userName, String domainName, String password, ConnectFlag connectFlags, OpenStoreFlag storeFlags, CultureInfo cultureInfo, WindowsIdentity windowsIdentity, String applicationId)
   at Microsoft.Exchange.Data.Storage.MailboxSession.ForceOpen(MapiStore linkedStore)
--- Exception end ---
Error 2:

ErrorTimeStamp:
18/01/2017 7:31:45 PM
Exception:
--- Exception start ---
Exception type: Microsoft.Exchange.Data.Storage.ConnectionFailedTransientException
Exception message: Cannot open mailbox /o=exchange/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=sfso.
Exception level: 0
Exception stack trace:    at Microsoft.Exchange.Data.Storage.MailboxSession.ForceOpen(MapiStore linkedStore)
   at Microsoft.Exchange.Data.Storage.MailboxSession.Initialize(MapiStore linkedStore, LogonType logonType, ExchangePrincipal owner, DelegateLogonUser delegateUser, Object identity, OpenMailboxSessionFlags flags, GenericIdentity auxiliaryIdentity)
   at Microsoft.Exchange.Data.Storage.MailboxSession.<>c__DisplayClass12.b__10(MailboxSession mailboxSession)
   at Microsoft.Exchange.Data.Storage.MailboxSession.InternalCreateMailboxSession(LogonType logonType, ExchangePrincipal owner, CultureInfo cultureInfo, String clientInfoString, IAccountingObject budget, Action`1 initializeMailboxSession, InitializeMailboxSessionFailure initializeMailboxSessionFailure)
   at Microsoft.Exchange.Data.Storage.MailboxSession.CreateMailboxSession(LogonType logonType, ExchangePrincipal owner, DelegateLogonUser delegateUser, Object identity, OpenMailboxSessionFlags flags, CultureInfo cultureInfo, String clientInfoString, PropertyDefinition[] mailboxProperties, IList`1 foldersToInit, GenericIdentity auxiliaryIdentity, IAccountingObject budget)
   at Microsoft.Exchange.Data.Storage.MailboxSession.ConfigurableOpen(ExchangePrincipal mailbox, MailboxAccessInfo accessInfo, CultureInfo cultureInfo, String clientInfoString, LogonType logonType, PropertyDefinition[] mailboxProperties, InitializationFlags initFlags, IList`1 foldersToInit, IAccountingObject budget)
   at Microsoft.Exchange.Data.Storage.MailboxSession.Open(ExchangePrincipal mailboxOwner, WindowsPrincipal authenticatedUser, CultureInfo cultureInfo, String clientInfoString, Boolean wantCachedConnection)
   at Microsoft.Exchange.Data.Storage.MailboxSession.Open(ExchangePrincipal mailboxOwner, WindowsPrincipal authenticatedUser, CultureInfo cultureInfo, String clientInfoString)
   at Microsoft.Exchange.AirSync.Command.OpenMailboxSession(AirSyncUser user, Boolean shouldUseBudget)
   at Microsoft.Exchange.AirSync.Command.WorkerThread()
Inner exception follows...
Exception type: Microsoft.Mapi.MapiExceptionNetworkError
Exception message: MapiExceptionNetworkError: Unable to make connection to the server. (hr=0x80040115, ec=-2147221227)
Diagnostic context:
    ......
    Lid: 13720   dwParam: 0x6D9      Msg: EEInfo: Flags: 0
    Lid: 11672   dwParam: 0x6D9      Msg: EEInfo: NumberOfParameters: 4
    Lid: 8856    dwParam: 0x6D9      Msg: EEInfo: prm[0]: Unicode string: ncacn_ip_tcp
    Lid: 8856    dwParam: 0x6D9      Msg: EEInfo: prm[1]: Unicode string: EXCHANGE2010.domain.local
    Lid: 12952   dwParam: 0x6D9      Msg: EEInfo: prm[2]: Long val: -545057711f
    Lid: 12952   dwParam: 0x6D9      Msg: EEInfo: prm[3]: Long val: 382312662
    Lid: 45169   StoreEc: 0x824    
    Lid: 44273 
    Lid: 59431   EMSMDB.EcDoConnectEx called [length=133]
    Lid: 34855   EMSMDB.EcDoConnectEx returned [ec=0x824][length=56][latency=0]
    Lid: 59505   StoreEc: 0x824    
    Lid: 25964   StoreEc: 0x824    
    Lid: 36081 
    Lid: 52465   StoreEc: 0x80040115
    Lid: 60065 
    Lid: 33777   StoreEc: 0x80040115
    Lid: 59805 
    Lid: 52209   StoreEc: 0x80040115
    Lid: 56583 
    Lid: 52487   StoreEc: 0x80040115
    Lid: 19778 
    Lid: 27970   StoreEc: 0x80040115
    Lid: 17730 
    Lid: 25922   StoreEc: 0x80040115
Exception level: 1
Exception stack trace:    at Microsoft.Mapi.MapiExceptionHelper.ThrowIfError(String message, Int32 hresult, SafeExInterfaceHandle iUnknown, Exception innerException)
   at Microsoft.Mapi.ExRpcConnection.Create(ConnectionCache connectionCache, ExRpcConnectionCreateFlag createFlags, ConnectFlag connectFlags, String serverDn, String userDn, String user, String domain, String password, String httpProxyServerName, Int32 ulConMod, Int32 lcidString, Int32 lcidSort, Int32 cpid, Int32 cReconnectIntervalInMins, Int32 cbRpcBufferSize, Int32 cbAuxBufferSize, Client xropClient, Byte[] clientSessionInfo, TimeSpan connectionTimeout)
   at Microsoft.Mapi.MapiStore.OpenMapiStore(String serverDn, String userDn, String mailboxDn, Guid guidMailbox, Guid guidMdb, String userName, String domainName, String password, String httpProxyServerName, ConnectFlag connectFlags, OpenStoreFlag storeFlags, CultureInfo cultureInfo, Boolean wantRedirect, String& correctServerDN, ClientIdentityInfo clientIdentity, String applicationId, Client xropClient, Boolean wantWebServices, Byte[] clientSessionInfo, TimeSpan connectionTimeout)
   at Microsoft.Mapi.MapiStore.OpenMailbox(String serverDn, String userDn, Guid guidMailbox, Guid guidMdb, String userName, String domainName, String password, ConnectFlag connectFlags, OpenStoreFlag storeFlags, CultureInfo cultureInfo, WindowsIdentity windowsIdentity, String applicationId)
   at Microsoft.Exchange.Data.Storage.MailboxSession.ForceOpen(MapiStore linkedStore)
--- Exception end ---
errorCount=3, backingOff=True".



I know there are a few causes of this error however in my instance it was due to Microsoft Exchange Replication Service not started.  The service had been misconfigured to run as a service account with invalid credentials.

Setting it back to local system resolved the issue and getting the customer back online.

The Active Sync service queries "Active Manager" which is part of the Exchange Replication Service to determine where the users active mailbox copy in a DAG resides - and still follows this model even if your not using DAG's in your environment.  Hence if Active Manager is not available, no one can locate their Active Mailbox.

Tuesday, January 17, 2017

Out of Office Messages Interval on Exchange Server

I had a customer raise an interesting request.  They wanted to know if it was possible to change the amount of Out of Office messages which are sent to external and internal recipients after a user activates OOF.

After checking this matter with fellow MVP's in Exchange Server, this is what was determined.

Exchange Server does not put a delay in place between Out of Office messages.  When OOF is enabled on a mailbox, it creates a list stored on the mailbox containing all recipients which have received the OOF message.

Exchange only sends One (1) OOF message to internal and external recipients.

This list maintained on each mailbox is reset when OOF is disabled on the mailbox and re-enabled.

There is no easy way using native tools provided with Exchange to modify this functionality.  It would be possible however to clear the OOF lists on mailboxes on a schedule through creating an external script.

Hope this information has been useful.

Wednesday, December 14, 2016

Manual Outlook Configuration with Outlook 2016

With the release of Microsoft Outlook 2016, it is now no longer possible to manually add an Exchange account.  Exchange accounts can only be added to Outlook 2016 using Autodiscover.  If Autodiscover records aren't published, your administrator will need to publish them so Outlook can find the account.

In Outlook 2010 and 2013, users were able to manually add Exchange accounts to the Outlook client by selecting "Manual Setup".


Outlook 2016 manual setup now only supports Exchange Active Sync (EAS), a protocol which Outlook does not support with Microsoft Exchange as per https://support.microsoft.com/en-au/kb/2859522

Outlook only supports "RPC", "RPC over HTTPS" and "MAPI over HTTPS" connections to Exchange server.

The Microsoft "Outlook.com" cloud service however does support EAS connections hence why the option is available in Outlook 2016.

If you try and complete a manual configuration for Outlook 2016, you will receive the following error.

"Log onto Exchange ActiveSync mail server (EAS): The server cannot be found"


Make sure you add the Autodiscover record to your public DNS or alternatively modify the hosts file with an Autodiscover record so the Outlook client can resolve the correct Exchange communication settings.

It is disappointing that you cannot select what method you wish to connect in Outlook 2016 when attempting to perform a manual setup.

Friday, December 9, 2016

How to Patch Windows Server 2003 with Error 0x80072EFF

I have a customer who has 3 forests all running Exchange 2003 on Windows Server 2003... yes in the year 2016 (almost 2017).  Before moving to Exchange 2010 --> 2016 we are required to consolidate with some cross-forest migrations.

I need to test some things in my lab before performing this migration in production so I built some 2003 servers... been ages!

After running the installation I had issues patching the servers and I found no information online around Error Number: 0x80072EFF - surprising as it seems like such a common error (is there really no one out there installing Server 2003 now?)

When clicking start and selecting Windows Update, this is the error I received.


After playing around for a good 15 minutes googling this error, I decided to upgrade Internet Explorer to version 8 (the highest supported on 2003 server).  This is downloaded from the following website for 32bit.

https://www.microsoft.com/en-au/download/details.aspx?id=20335

Note you will not be able to browse this website on Internet Explorer 6 so you will have to download the upgrade file from another computer then copy it onto the 2003 server.

After upgrading Internet Explorer to 8, I was able to follow the bouncing ball and install all the latest patches up until 2003 server went end of life.



Hopefully this has been helpful for anyone out there still needing to install Server 2003 (for non production use hopefully).

IT Support in Perth by Avantgarde Technologies, Contact us now.

Monday, October 31, 2016

Exchange Server Lost Trust to the Domain

A customer of mine running Exchange 2010 SP3 after a UPS had issues with Exchange loosing trust to the Active Directory domain.  This renders Microsoft Exchange unusable as all important Exchange configuration is stored within Active Directory.

Computer accounts like user accounts also have passwords.  These change every 30 days by default by Active Directory and member servers and workstations are automatically updated with the new password.  In the event the workstation or member server is not updated with the latest computer password; the trust fails and the machine displays the error “The trust relationship between the workstation and the primary domain failed” as shown in the screenshot below:


As a general fix for this issue, the PC is simply needs to be rejoined to the domain which works for most member servers and workstations.

Exchange however stores all its config in Active Directory and cannot be removed from a domain.

In the event you experience your Exchange Server loosing trust to Active Directory, you can re-establish trust using the following command on the Exchange Server after logging in with the local administrator account:

netdom resetpwd /server:AnyDomainController.yourdomain.local /userD:domain\administrator /PassworD:"youradminpassword"

Hope this post has been helpful.

Need IT Support with Microsoft Exchange in Perth?  Contact Avantgarde Technologies.

Direct Access Server not displaying Connection Statistics

A customer of mine had an issue with a Direct Access Server not displaying connection statistics.  My clients are connecting to the server without issues using IPHTTPS but we have no visibility to who is connected and for how long.

All connections and total bytes display 0 in both PowerShell and "Remote Access Management Console".

 
 
Also on the Remote Client Status page, no active clients are displayed.


This issue occurs when Windows Firewall is disabled on a Direct Access server.

Re-enable Windows Firewall and reboot the server.  After rebooting the server, wait 24 hours and you will notice statistics will start generating again.



Hope this post has been helpful.

Need IT Support or IT Services in Perth?  Contact Avantgarde Technologies.

Thursday, October 13, 2016

EventID 1006 MSExchangeFastSearch

A customer had an issue with Microsoft Exchange 2013 search not working.  Users received an error "Your search didn't return any results" in Outlook Web App.

 
This following error was generated in the Application Logs on the server.
 
Log Name:      Application
Source:        MSExchangeFastSearch
Date:          14/10/2016 1:10:14 PM
Event ID:      1006
Task Category: General
Level:         Warning
Keywords:      Classic
User:          N/A
Computer:      Exchange.domain.local
Description:
The FastFeeder component received a connection exception from FAST. Error details: System.ServiceModel.EndpointNotFoundException: Could not connect to net.tcp://localhost:3847/. The connection attempt lasted for a time span of 00:00:02.0469288. TCP error code 10061: No connection could be made because the target machine actively refused it 127.0.0.1:3847.  ---> System.Net.Sockets.SocketException: No connection could be made because the target machine actively refused it 127.0.0.1:3847
   at System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)
   at System.ServiceModel.Channels.SocketConnectionInitiator.ConnectAsyncResult.OnConnect(IAsyncResult result)
   --- End of inner exception stack trace ---
Server stack trace:
   at System.Runtime.AsyncResult.End[TAsyncResult](IAsyncResult result)
   at System.ServiceModel.Channels.CommunicationObject.EndOpen(IAsyncResult result)
Exception rethrown at [0]:
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at System.ServiceModel.ICommunicationObject.EndOpen(IAsyncResult result)
   at Microsoft.Exchange.Search.OperatorSchema.PagingImsFlowExecutor.CreateProxy()
   at Microsoft.Exchange.Search.OperatorSchema.PagingImsFlowExecutor.AcquireProxy()
   at Microsoft.Exchange.Search.OperatorSchema.PagingImsFlowExecutor.ExecuteServiceCall(IProcessingEngineChannel& serviceProxy, Action`1 call, Int32 retryCount)
   at Microsoft.Exchange.Search.OperatorSchema.PagingImsFlowExecutor.ExecuteAndReadPage(QueryParameters parameters, String outputName)
   at Microsoft.Exchange.Search.OperatorSchema.PagingImsFlowExecutor.GetHitCount(QueryParameters parameters)
   at Microsoft.Exchange.Search.Fast.ExchangeQueryExecutor.<>c__DisplayClass20.b__1f()
   at Microsoft.Exchange.Search.Fast.ExchangeQueryExecutor.RunUnderExceptionHandler[T](Func`1 call, IDiagnosticsSession session, String flowName)

 
This issue occurs when the "Microsoft Exchange Search Host Controller" service is in a stopped state.  My customer installed the latest Cumulative Update for Exchange 2013 and after the installation finished, the Search Host Controller was not set back to an Automatic.

Issues with Local Mailbox Moves on Exchange 2010 SP3

A customer running an Exchange 2010 SP3 UR15 multi-role server had issues moving mailboxes between databases.

 The error experienced was as follows:

Get-Mailbox "mailboxname" | New-MoveRequest -TargetDatabase "Mailbox Database Canada" -BadItemLimit 10

There are no available servers running the Microsoft Exchange Mailbox Replication service.
    + CategoryInfo          : NotSpecified: (0:Int32) [New-MoveRequest], NoMRSAvailableTransientException
    + FullyQualifiedErrorId : C7FE28BB,Microsoft.Exchange.Management.RecipientTasks.NewMoveRequest



Running Test-MRSHealth cmdlet to test the Mailbox Replication Service (responsible for processing mailbox moves) returns the following error on the environment.

RunspaceId : 4c95273c-3876-4369-86e3-1d9c90bc999e
Check      : ServiceCheck
Passed     : True
Message    : The Mailbox Replication Service is running.
Identity   : EXCHANGESERVER
IsValid    : True

 
RunspaceId : 4c95273c-3876-4369-86e3-1d9c90bc999e
Check      : RPCPingCheck
Passed     : False
Message    : The RPC endpoint for the Microsoft Exchange Mailbox Replication service couldn't respond: The call to 'net.tcp://exchangeserver/Microsoft.Exchange
             .MailboxReplicationService' failed. Error details: Access is denied.. --> Access is denied..
Identity   : EXCHANGESERVER
IsValid    : True


RunspaceId : 4c95273c-3876-4369-86e3-1d9c90bc999e
Check      : QueueScanCheck
Passed     : True
Message    : The Microsoft Exchange Mailbox Replication service is scanning mailbox database queues for jobs. Last scan age: 00:03:35.0822558.
Identity   : EXCHANGESERVER
IsValid    : True



Despite the error indicating Access is denied, all permissions were set correctly on the Mailbox Import Export role which was validated with:

Get-ManagementRoleAssignment -Role "Mailbox Import Export"

After further investigation, the following error was present:

 Log Name:      Application
Source:        MSExchangeIS Mailbox Store
Date:          13/10/2016 12:50:33 PM
Event ID:      7043
Task Category: IS/AD Interactions
Level:         Warning
Keywords:      Classic
User:          N/A
Computer:      Exchange.domain.local
Description:
The mailbox GUID of an external system mailbox ('Mailbox - SystemMailbox{1c3fa654-fe01-4041-a3a6-0444ca10f96c}') does not match the information in the Active Directory for the mailbox. The existing GUID ('8c0c971d-c5d7-495b-aff7-53356904789a: /o=Exchange/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=SystemMailbox{1c3fa654-fe01-4041-a3a6-0444ca10f96c}') has been replaced with the expected GUID ('ed55827e-7cdd-466e-9421-a0dbce5f6486: /o=Exchange/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=SystemMailbox{1c3fa654-fe01-4041-a3a6-0444ca10f96c}').

 

 The GUID of the SystemMailbox no longer matched the GUID of the Active Directory mailbox at the customer site.

To restore this, we ran "Setup /PrepareAD" from the Exchange 2010 SP3 setup media.  This restored the Exchange SystemMailbox association with Active Directory.

After running Setup /PrepareAD on the environment, we were able to move mailboxs again.

Monday, September 26, 2016

Cisco UCS Blades KVM Not Working

I needed to access a Cisco UCS Blade enclosure at one of my customers after a major ESX failure.  When attempting to access the KVM over the Java applicate for the Cisco UCSB-B200-M3 blade servers, I received the following error:

The viewer has terminated.
Reason: The network connection has been dropped.

 
After troubleshooting the issue for a while, I decided to downgrade my version of Java to an older build.  I tried the following build of Java in a Virtual Machine:
 
Java SE Runtime Environment 7u79
 
Success!
 
 There is an issue with the latest Java build and the Cisco UCS KVM application.
 

Sunday, September 18, 2016

0x80190194 OAB Error when Migrating to Exchange 2016

When migrating from Exchange 2013 to Exchange 2016, I encountered an error 0x80190194 when downloading the Offline Address Book on workstations.

0x80190194 The Operation Failed

 
0x80190194 is a very common error when downloading the OAB and there are many server side problems which can generate this error.

Exchange 2013 by default had the servers responsible for the Offline Address Book hard coded as a Virtual Directory as shown below.


In Exchange 2016, by default we no longer want to hard code the Virtual Directories and instead enable GlobalWebDistribution which allows the Autodiscover service to automatically select the best Virtual Directory for the distribution request.

To set this up, we want to ensure the VirtualDirectories attribute for each Offline Address Book is set to $null.  We also want to ensure GlobalWebDistribution is enabled so that Autodiscover can take care of it.

This is done with the following command.

Get-OfflineAddressBook | Where {$_.ExchangeVersion.ExchangeBuild.Major -Eq 15} | Set-OfflineAddressBook -GlobalWebDistributionEnabled $True -VirtualDirectories $Null

Following this, perform an iisreset.

The Offline Address Book now downloads correctly again on Exchange 2016.

Need IT Support in Perth?  Contact Avantgarde Technologies now.

Thursday, September 15, 2016

Bug Creating Frontend Transport Receive Connectors in Exchange 2016 CU2

There is a bug creating Frontend Transport Connectors from Exchange Administrative Center in Exchange 2016 CU2.

Currently it is not possible to select Hub Transport or Frontend Transport when creating a new connector as the option is greyed out.


In Exchange 2013, it is possible as shown below:


Microsoft are aware of this bug and will be fixing it in Exchange 2016 CU3.

Until this bug is fixed, you need to create Frontend Transport receive connectors from shell as follows:

New-ReceiveConnector -Name "Application Receive Connector" -Bindings ("0.0.0.0:25") -RemoteIPRanges ("10.1.10.10") -MaxMessageSize 50MB –TransportRole FrontendTransport -Usage Custom –Server Bentley-EXCH


Monday, September 12, 2016

Deploying Exchange 2016 into an Exchange 2013 Organisation with MAPI over HTTPS Enabled

This issue may be encountered when migrating to Exchange 2016 from Exchange 2013 when MAPI over HTTPS is enabled.  The default Exchange 2013 MAPI over HTTPS authentication settings set IIS and Internal Authentication methods as Negotiate and External as null.  This is shown below:


The Default Exchange 2016 MAPI over HTTPS authentication settings are configured as "Ntlm, OAuth and Negotiate"


Proxying MAPI over HTTPS connections between Exchange 2016 and Exchange 2013 requires NTLM be enabled.  The default Exchange 2013 MAPI over HTTPS authentication settings will cause Outlook connectivity issues when both Exchange 2016 and Exchange 2013 are in the same Active Directory site.

The error which is generated by the Exchange Remote Connectivity Analyzer in this configuration is as follows:
 
https://testconnectivity.microsoft.com/Images/Error.png
 
 
Testing the MAPI Mail Store endpoint on the Exchange server.
 
An error occurred while testing the Mail Store.
 
https://testconnectivity.microsoft.com/Images/Minus.gif
Additional Details
 
Elapsed Time: 1243 ms.
 
https://testconnectivity.microsoft.com/Images/Minus.gif
Test Steps
 
https://testconnectivity.microsoft.com/Images/Error.png
Attempting to log on to the Mailbox.
 
An error occurred while logging on to the Mailbox.
 
https://testconnectivity.microsoft.com/Images/Minus.gif
Additional Details
 
A protocol layer error occured. MapiHttpServiceCode: 1722
FailureLID: 56412
FailureInfo:

###### REQUEST [2016-08-28T13:10:48.4483314Z] ######

POST /mapi/emsmdb/?mailboxId=a9888e6b-81d6-4495-b4b0-bcda772e782f@avantgardetechnologies.com.au HTTP/1.1
Content-Type: application/octet-stream
User-Agent: MapiHttpClient
X-RequestId: 0d3ddde1-1147-4cbe-a50b-ee75d2d1319d:2
X-ClientInfo: dfba427f-ffa7-4003-981f-a676bced12eb:1
X-ClientApplication: MapiHttpClient/15.0.4420.1017
X-RequestType: Execute
Authorization: Negotiate [truncated]
Host: mail.avantgardetechnologies.com.au
Cookie: ClientId=PAVTTKRDEJLCYBAF9MA; MapiContext=MAPIAAAAAOms6aTto+TJjNSX3/zO/s/51OTc8cP72+rY4tPh2+ragKOSpJSilaWUoZWn7QEAAAAAAAA=; MapiSequence=0-WbZNDg==; X-BackEndCookie=a9888e6b-81d6-4495-b4b0-bcda772e782f=u56Lnp2ejJqBy5nGz8vMz8/SysyaxtLLysqd0p3Jz5vSyMzKzpqbzJ2ancicgYHNz87J0s/G0s3Iq87Mxc7Pxc7G
Content-Length: 172

--- REQUEST BODY [+0.128] ---
..[BODY SIZE: 172]

--- REQUEST SENT [+0.128] ---

###### RESPONSE [+0.416] ######

HTTP/1.1 200 OK
Transfer-Encoding: chunked
request-id: 7f93a99a-4a53-4866-a978-8de3671a1dd7
X-CalculatedBETarget: leeming-exch.at.local
X-ServerApplication: Exchange/15.00.1210.002
X-RequestId: 0d3ddde1-1147-4cbe-a50b-ee75d2d1319d:2
X-ClientInfo: dfba427f-ffa7-4003-981f-a676bced12eb:1
X-RequestType: Execute
X-PendingPeriod: 30000
X-ExpirationInfo: 900000
X-ResponseCode: 0
X-DiagInfo: LEEMING-EXCH
X-BEServer: LEEMING-EXCH
Cache-Control: private
Content-Type: application/octet-stream
Set-Cookie: MapiSequence=1-S1NbMA==; path=/mapi/emsmdb; secure; HttpOnly,MapiContext=MAPIAAAAAOms6aTto+TJjNSX3/zO/s/51OTc8cP72+rY4tPh2+ragKOSpJSilaWUoZWn7QEAAAAAAAA=; path=/mapi/emsmdb; secure; HttpOnly,X-BackEndCookie=a9888e6b-81d6-4495-b4b0-bcda772e782f=u56Lnp2ejJqBy5nGz8vMz8/SysyaxtLLysqd0p3Jz5vSyMzKzpqbzJ2ancicgYHNz87J0s/G0s3Iq87Mxc7Pxc7G; expires=Tue, 27-Sep-2016 13:10:19 GMT; path=/mapi; secure; HttpOnly
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Persistent-Auth: true
X-Powered-By: ASP.NET
X-FEServer: LEEMING-EXCH
Date: Sun, 28 Aug 2016 13:10:19 GMT

--- RESPONSE BODY [+0.416] ---
..[BODY SIZE: 4195]
PROCESSING [@2016-08-28T13:10:48.8643314Z]
DONE [+00:00:00]
X-StartTime: Sun, 28 Aug 2016 13:10:19 GMT
X-ElapsedTime: 16

..[DATA SIZE: 4112]

--- RESPONSE DONE [+0.418] ---

###### REMOTE-EXCEPTION-INFO ######

Microsoft.Exchange.Rpc.RpcException: Connection must be re-established ---> Microsoft.Exchange.RpcClientAccess.ServerUnavailableException: Connection must be re-established ---> Microsoft.Exchange.RpcClientAccess.SessionDeadException: The primary owner logon has failed. Dropping a connection. ---> Microsoft.Exchange.Data.Storage.TooManyObjectsOpenedException: Cannot open mailbox /o=AT/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=Clint Boessenaa7. ---> Microsoft.Mapi.MapiExceptionSessionLimit: MapiExceptionSessionLimit: Unable to open message store. (hr=0x80040112, ec=1246) Diagnostic context: Lid: 55847 EMSMDBPOOL.EcPoolSessionDoRpc called [length=502] Lid: 43559 EMSMDBPOOL.EcPoolSessionDoRpc returned [ec=0x0][length=256][latency=0] Lid: 52176 ClientVersion: 15.0.1210.3 Lid: 50032 ServerVersion: 15.0.1210.6003 Lid: 23226 --- ROP Parse Start --- Lid: 27962 ROP: ropLogon [254] Lid: 17082 ROP Error: 0x4DE Lid: 26937 Lid: 21921 StoreEc: 0x4DE Lid: 27962 ROP: ropExtendedError [250] Lid: 1494 ---- Remote Context Beg ---- Lid: 47536 Lid: 57936 dwParam: 0x20 Msg: MoMT Lid: 33360 dwParam: 0x21 Lid: 57384 StoreEc: 0x4DE Lid: 56872 dwParam: 0xFE Lid: 42712 StoreEc: 0x4DE Lid: 10786 dwParam: 0x0 Msg: 15.00.1210.000:Leeming-EXCH Lid: 1750 ---- Remote Context End ---- Lid: 26849 Lid: 21817 ROP Failure: 0x4DE Lid: 26297 Lid: 16585 StoreEc: 0x4DE Lid: 32441 Lid: 1706 StoreEc: 0x4DE Lid: 24761 Lid: 20665 StoreEc: 0x4DE Lid: 25785 Lid: 29881 StoreEc: 0x4DE
at Microsoft.Mapi.MapiExceptionHelper.InternalThrowIfErrorOrWarning(String message, Int32 hresult, Boolean allowWarnings, Int32 ec, DiagnosticContext diagCtx, Exception innerException)
at Microsoft.Mapi.ExRpcConnection.OpenMsgStore(OpenStoreFlag storeFlags, String mailboxDn, Guid mailboxGuid, Guid mdbGuid, String& correctServerDn, ClientIdentityInfo clientIdentityAs, String userDnAs, Boolean unifiedLogon, String applicationId, Byte[] tenantHint, CultureInfo cultureInfo)
at Microsoft.Mapi.MapiStore.OpenMapiStore(String serverDn, String userDn, String mailboxDn, Guid guidMailbox, Guid guidMdb, String userName, String domainName, String password, String httpProxyServerName, ConnectFlag connectFlags, OpenStoreFlag storeFlags, CultureInfo cultureInfo, Boolean wantRedirect, String& correctServerDN, ClientIdentityInfo clientIdentity, Boolean unifiedLogon, String applicationId, Client xropClient, Boolean wantWebServices, Byte[] clientSessionInfo, TimeSpan connectionTimeout, TimeSpan callTimeout, Byte[] tenantHint)
at Microsoft.Mapi.MapiStore.OpenMailbox(String serverDn, String userDn, Guid guidMailbox, Guid guidMdb, String userName, String domainName, String password, ConnectFlag connectFlags, OpenStoreFlag storeFlags, CultureInfo cultureInfo, ClientIdentityInfo clientIdentity, String applicationId, Byte[] tenantPartitionHint, Boolean unifiedLogon)
at Microsoft.Exchange.Data.Storage.MailboxSession.ForceOpen(MapiStore linkedStore, Boolean unifiedSession)
--- End of inner exception stack trace ---
at Microsoft.Exchange.Data.Storage.MailboxSession.ForceOpen(MapiStore linkedStore, Boolean unifiedSession)
at Microsoft.Exchange.Data.Storage.MailboxSession.Initialize(MapiStore linkedStore, LogonType logonType, IExchangePrincipal owner, DelegateLogonUser delegateUser, Object identity, OpenMailboxSessionFlags flags, GenericIdentity auxiliaryIdentity, Boolean unifiedSession)
at Microsoft.Exchange.Data.Storage.MailboxSession.<>c__DisplayClass1c.b__1a(MailboxSession mailboxSession)
at Microsoft.Exchange.Data.Storage.MailboxSession.InternalCreateMailboxSession(LogonType logonType, IExchangePrincipal owner, DelegateLogonUser delegatedUser, CultureInfo cultureInfo, String clientInfoString, IBudget budget, Action`1 initializeMailboxSession, InitializeMailboxSessionFailure initializeMailboxSessio
HTTP Response Headers:
Transfer-Encoding: chunked
request-id: 7f93a99a-4a53-4866-a978-8de3671a1dd7
X-CalculatedBETarget: leeming-exch.at.local
X-ServerApplication: Exchange/15.00.1210.002
X-RequestId: 0d3ddde1-1147-4cbe-a50b-ee75d2d1319d:2
X-ClientInfo: dfba427f-ffa7-4003-981f-a676bced12eb:1
X-RequestType: Execute
X-PendingPeriod: 30000
X-ExpirationInfo: 900000
X-ResponseCode: 0
X-DiagInfo: LEEMING-EXCH
X-BEServer: LEEMING-EXCH
Cache-Control: private
Content-Type: application/octet-stream
Set-Cookie: MapiSequence=1-S1NbMA==; path=/mapi/emsmdb; secure; HttpOnly,MapiContext=MAPIAAAAAOms6aTto+TJjNSX3/zO/s/51OTc8cP72+rY4tPh2+ragKOSpJSilaWUoZWn7QEAAAAAAAA=; path=/mapi/emsmdb; secure; HttpOnly,X-BackEndCookie=a9888e6b-81d6-4495-b4b0-bcda772e782f=u56Lnp2ejJqBy5nGz8vMz8/SysyaxtLLysqd0p3Jz5vSyMzKzpqbzJ2ancicgYHNz87J0s/G0s3Iq87Mxc7Pxc7G; expires=Tue, 27-Sep-2016 13:10:19 GMT; path=/mapi; secure; HttpOnly
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Persistent-Auth: true
X-Powered-By: ASP.NET
X-FEServer: LEEMING-EXCH
Date: Sun, 28 Aug 2016 13:10:19 GMT
ServiceCode: 1722 Unavailable
Elapsed Time: 1243 ms.

To ensure all servers are configured correctly to proxy connections between Exchange 2013 and Exchange 2016, run the following PowerShell command:

Get-MapiVirtualDirectory | Set-MAPIVirtualDirectory -IISAuthenticationMethods Ntlm, OAuth, Negotiate


Hope this post has been helpful.

If you need IT Support in Perth, contact Avantgarde Technologies today.