Exchange 2010/2013 troubleshooting notes
Continuing my exchange 2010 troubleshooting notes.
Server Error in ‘/ecp’ Application (EAC in Exchange 2013)
Issue: When we try to login to the Exchange Control Panel (ECP) we will get the following error:
Server Error in ‘/ecp’ Application
Runtime Error
Description: An exception occurred while processing your request. Additionally, another exception occurred while executing the custom error page for the first exception. The request has been terminated.
We get the following event ID for ASP.NET
Log Name: Application
Source: ASP.NET 4.0.30319.0
Event ID: 1310
Task Category: Web Event
Level: Warning
Keywords: Classic
User: N/A
Description:
Event code: 3008
Event message: A configuration error has occurred.
Event time: 5/1/2015 8:11:30 PM
Event ID: 2f6f040d6c6648d5b546aa5a48f76f39
Event sequence: 1
Event occurrence: 1
Event detail code: 0
Application information:
Application domain: /LM/W3SVC/2/ROOT/ecp-106-130719545516088102
Trust level: Full
Application Virtual Path: /ecp
Application Path: D:Program FilesMicrosoftExchange ServerV15ClientAccessecp
Machine name: EXCHANGE
Process information:
Process ID: 13044
Process name: w3wp.exe
Account name: NT AUTHORITYSYSTEM
Exception information:
Exception type: ConfigurationErrorsException
Exception message: Could not load file or assembly ‘Microsoft.Exchange.Common, Version=15.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35’ or one of its dependencies. The system cannot find the file specified.
at System.Web.Configuration.ConfigUtil.GetType(String typeName, String propertyName, ConfigurationElement configElement, XmlNode node, Boolean checkAptcaBit, Boolean ignoreCase)
at System.Web.Configuration.Common.ModulesEntry.SecureGetType(String typeName, String propertyName, ConfigurationElement configElement)
at System.Web.Configuration.Common.ModulesEntry..ctor(String name, String typeName, String propertyName, ConfigurationElement configElement)
at System.Web.HttpApplication.BuildIntegratedModuleCollection(List`1 moduleList)
at System.Web.HttpApplication.GetModuleCollection(IntPtr appContext)
at System.Web.HttpApplication.RegisterEventSubscriptionsWithIIS(IntPtr appContext, HttpContext context, MethodInfo[] handlers)
at System.Web.HttpApplication.InitSpecial(HttpApplicationState state, MethodInfo[] handlers, IntPtr appContext, HttpContext context)
at System.Web.HttpApplicationFactory.GetSpecialApplicationInstance(IntPtr appContext, HttpContext context)
at System.Web.Hosting.PipelineRuntime.InitializeApplication(IntPtr appContext)
Could not load file or assembly ‘Microsoft.Exchange.Common, Version=15.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35’ or one of its dependencies. The system cannot find the file specified.
at System.RuntimeTypeHandle.GetTypeByName(String name, Boolean throwOnError, Boolean ignoreCase, Boolean reflectionOnly, StackCrawlMarkHandle stackMark, IntPtr pPrivHostBinder, Boolean loadTypeFromPartialName, ObjectHandleOnStack type)
at System.RuntimeTypeHandle.GetTypeByName(String name, Boolean throwOnError, Boolean ignoreCase, Boolean reflectionOnly, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean loadTypeFromPartialName)
at System.Type.GetType(String typeName, Boolean throwOnError, Boolean ignoreCase)
at System.Web.Compilation.BuildManager.GetType(String typeName, Boolean throwOnError, Boolean ignoreCase)
at System.Web.Configuration.ConfigUtil.GetType(String typeName, String propertyName, ConfigurationElement configElement, XmlNode node, Boolean checkAptcaBit, Boolean ignoreCase)
Request information:
Request URL: https://Exchange.domain.com:444/ecp/
Request path: /ecp/
User host address: ::1
User:
Is authenticated: False
Authentication Type:
Thread account name: NT AUTHORITYSYSTEM
Thread information:
Thread ID: 385
Thread account name: NT AUTHORITYSYSTEM
Is impersonating: False
Stack trace: at System.Web.Configuration.ConfigUtil.GetType(String typeName, String propertyName, ConfigurationElement configElement, XmlNode node, Boolean checkAptcaBit, Boolean ignoreCase)
at System.Web.Configuration.Common.ModulesEntry.SecureGetType(String typeName, String propertyName, ConfigurationElement configElement)
at System.Web.Configuration.Common.ModulesEntry..ctor(String name, String typeName, String propertyName, ConfigurationElement configElement)
at System.Web.HttpApplication.BuildIntegratedModuleCollection(List`1 moduleList)
at System.Web.HttpApplication.GetModuleCollection(IntPtr appContext)
at System.Web.HttpApplication.RegisterEventSubscriptionsWithIIS(IntPtr appContext, HttpContext context, MethodInfo[] handlers)
at System.Web.HttpApplication.InitSpecial(HttpApplicationState state, MethodInfo[] handlers, IntPtr appContext, HttpContext context)
at System.Web.HttpApplicationFactory.GetSpecialApplicationInstance(IntPtr appContext, HttpContext context)
at System.Web.Hosting.PipelineRuntime.InitializeApplication(IntPtr appContext)
In addition to above if you have a SCOM server the following errors will get triggered:
ECP Error in SCOM:
Exchange Admin Center is failing to respond to ping request on Mailbox server EXCHANGE-SERVER-MAIN. Availability has dropped to 4REPLACE_PERCENT_SIGN. You can find protocol level traces for the failures on D:Program FilesMicrosoftExchange ServerV15LoggingMonitoringECPEacBackEndPingProbe. Incident start time: 5/1/2015 8:11:30 PM Last failed result: Failing Component – Ecp Failure Reason – UnexpectedHttpResponseCode Exception: System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. —> Microsoft.Exchange.Net.MonitoringWebClient.ScenarioException: Microsoft.Exchange.Net.MonitoringWebClient.ScenarioException: Failure source: Ecp Failure reason: UnexpectedHttpResponseCode Failing component:Ecp Exception hint: UnexpectedHttpCode: Redirect Inner exception: Microsoft.Exchange.Net.MonitoringWebClient.UnexpectedStatusCodeException Expected status codes: OK Actual status codes: Redirect Microsoft.Exchange.Net.MonitoringWebClient.UnexpectedStatusCodeException: Unexpected response code received. WebExceptionStatus: Success GET https://localhost:444/ecp/exhealth.checkHTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; MSEXCHMON; ACTIVEMONITORING) Accept: */* Cache-Control: no-cache X-FeToBeTimeout: 100 X-IsFromCafe: 1 Cookie: HTTP/1.1 302 Redirect X-UA-Compatible: IE=10 Content-Length: 166 Date: GMT Location: /ecp/error.aspx?aspxerrorpath=/ecp/exhealth.check Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href=”/ecp/error.aspx?
OWA Error in SCOM:
Description:
Outlook Web Access logon is failing on Mailbox server EXCHANGE-SERVER-MAIN. Availability has dropped to 0REPLACE_PERCENT_SIGN. You can find protocol level traces for the failures on D:Program FilesMicrosoftExchange ServerV15LoggingMonitoringOWAMailboxProbe. Incident start time: 5/1/2015 8:11:30 PM Last failed result: Failing Component – Owa Failure Reason -OwaErrorPage Exception: System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. —> System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. —> Microsoft.Exchange.Net.MonitoringWebClient.ScenarioException: Microsoft.Exchange.Net.MonitoringWebClient.ScenarioException: Failure source: Owa Failure reason: OwaErrorPage Failing component:Owa Exception hint: OwaErrorPage: System.Web.HttpUnhandledException Inner exception: Microsoft.Exchange.Net.MonitoringWebClient.OwaErrorPageException ErrorPageFailureReason: OwaErrorPage, Exception type: System.Web.HttpUnhandledException Microsoft.Exchange.Net.MonitoringWebClient.OwaErrorPageException: The response contained an OWA error page WebExceptionStatus: Success GET https://localhost:444/owa/ HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; MSEXCHMON; ACTIVEMONITORING; OWADEEPTEST) Accept: */* Cache-Control: no-cache Cookie: ClientId=KULSMSRBYKEULRCOXGKNW; $Path=/; UC=a296b3201cbb4dc0b96fae4fd…; $Path=/ X-OWA-ActionName: Monitoring X-MonitoringInstance: 79214237-0154-f865-b7cf-4bd453074563 X-FeToBeTimeout: 100 X-CommonAccessToken: VgEAVAdXaW5kb3dzQwBBCEtlcmJlcm9zTB5OUkNET01BSU5cSGVhbHRoTWFpbGJveDliYzc5MjhVL1MtMS01LTIxLTE5MjI3NzE5MzktMTU4MTY2Mzg1NS0xNjE3Nzg3MjQ1LTk3NTE3RwkAAAAHAAAALVMtMS01LTIxLTE5MjI3NzE5MzktMTU4MTY2Mzg1NS0xNjE3Nzg3MjQ1LTUxMwcAAAAHUy0xLTEtMAcAAAAHUy0xLTUtMgcAAAAIUy0xLTUtMTEHAAAACFMtMS01LTE1BwAAwBFTLTEtNS01LTAtMjQ4NjI1MgcAAAAvUy0xLTUtMjEtMTkyMjc3MTkzOS0xNTgxNjYzODU1LTE2MTc3ODcyNDUtOTAyMjIHAAAAL1MtMS01LTIxLTE5MjI3NzE5MzktMTU4MTY2Mzg1NS0xNjE3Nzg3MjQ1LTg4MjA2BwAAAAhTLTEtMTgtMkUAAAAA HTTP/1.1 400BadRequest Pragma: no-cache Transfer-Encoding: chunked X-Content-Type-Options: nosniff request-id: 20634693-2849-4bea-9aeb-f4a15655f8a8 X-OWA-Version: 15.0.1044.29 X-OWA-OWSVersion: V2_22 X-OWA-MinimumSupportedOWSVersion: V2_6 X-Frame-Options: SAMEORIGIN X-OWA-Error: System.Web.HttpUnhandledException X-BackEnd-Begin: 2015-03-26T08:40:48.555 X-BackEnd-End: 2015-03-26T08:40:48.586 Persistent-Auth: true X-DiagInfo: Exch13Server X-BEServer: Exch13Server X-UA-Compatible: IE=EmulateIE7 Cache-Control: no-cache, no-store Content-Type: text/html Date: Thu, 26 Mar 2015 12:40:48 GMT Expires: -1 Set-Cookie: X-OWA-CANARY=Y_bdrKfs0ki8rcZ46ibyl80Ok…; path=/; secure Server: Microsoft-IIS/8.5 WWW-Authenticate: Negotiate oRswGaADCgEAoxIEEAEAAABDh+CIwTbjqQAAAAA= X-Powered-By: ASP.NET Bad Request Response time: 0.0312629s —> Microsoft.Exchange.Net.MonitoringWebClient.OwaErrorPageException: Microsoft.Exchange.Net.MonitoringWebClient.OwaErrorPageException ErrorPageFailureReason: OwaErrorPage, Exception type: System.Web.HttpUnhandledException Microsoft.Exchange.Net.MonitoringWebClient.OwaErrorPageException: The response contained an OWA error page WebExceptionStatus: Success GET https://localhost:444/owa/ HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; MSEXCHMON; ACTIVEMONITORING; OWADEEPTEST) Accept: */* Cache-Control: no-cache Cookie: ClientId=KULSMSRBYKEULRCOXGKNW; $Path=/; UC=a296b3201cbb4dc0b96fae4fd…; $Path=/ X-OWA-ActionName: Monitoring X-MonitoringInstance: 79214237-0154-f865-b7cf-4bd453074563 X-FeToBeTimeout: 100 X-CommonAccessToken: VgEAVAdXaW5kb3dzQwBBCEtlcmJlcm9zTB5OUkNET01BSU5cSGVhbHRoTWFpbGJveDliYzc5MjhVL1MtMS01LTIxLTE5MjI3NzE5MzktMTU4MTY2Mzg1NS0xNjE3Nzg3MjQ1LTk3NTE3RwkAAAAHAAAALVMtMS01LTIxLTE5MjI3NzE5MzktMTU4MTY2Mzg1NS0xNjE3Nzg3MjQ1LTUxMwcAAAAHUy0xLTEtMAcAAAAHUy0xLTUtMgcAAAAIUy0xLTUtMTEHAAAACFMtMS01LTE1BwAAwBFTLTEtNS01LTAtMjQ4NjI1MgcAAAAvUy0xLTUtMjEtMTkyMjc3MTkzOS0xNTgxNjYzODU1LTE2MTc3ODcyNDUtOTAyMjIHAAAAL1MtMS01LTIxLTE5MjI3NzE5MzktMTU4MTY2Mzg1NS0xNjE3Nzg3MjQ1LTg4MjA2BwAAAAhTLTEtMTgtMkUAAAAA HTTP/1.1 400 BadRequest Pragma: no-cache Transfer-Encoding: chunked X-Content-Type-Options: nosniff request-id: 20634693-2849-4bea-9aeb-f4a15655f8a8 X-OWA-Version: 15.0.1044.29 X-OWA-OWSVersion: V2_22 X-O
Resolution:
=> Issue appears to be with the Exchange 2013 KB3040856 Security update. It had created 2 folders with empty sub-folders which was causing the issue.
=> Location of 2 folders which the update created:
-Folder 15.0.1044.29 in C:Program FilesMicrosoftExchange ServerV15ClientAccessecp
-Folder 15.0.1044.27 in C:Program FilesMicrosoftExchange ServerV15ClientAccessOwa
=>Uninstall the Security Update KB3040856
=>Move the above 2 folders to a different location (just take a copy as backup)
=>Re-create the ECP and OWA Virtual Directories (Default and BackEnd).
===================================================================================
“Your request couldn’t be completed. Please try again in a few minutes.” If I try to create a new rule, I get an error message “access denied”.
Issue: After a recovery in Exchange 2013 (CU7), when we try to access the Exchange Control Panel (ECP), try to create new Transport rules we get the following error:
“Your request couldn’t be completed. Please try again in a few minutes.” If I try to create a new rule, I get an error message “access denied”.
Having said that we will still be able to successfully create Transport rules using the Exchange Management Shell without any errors.
We get the following error in the log:
Current user: ‘mydomain.local/MyBusiness/Users/Admin’
Web service call ‘https://exchangeserver.mydomain.local:444/ecp/RulesEditor/TransportRules.svc/GetList?msExchEcpCanary=p2Zp1y_1kESsrueBkDB6T1r0z46NLdII4Q_D6294gRCkKBixfp0OnWr9OfSQ9SO205BuS7NQnns.(https://remote.mydomain.com/ecp/RulesEditor/TransportRules.svc/GetList?msExchEcpCanary=p2Zp1y_1kESsrueBkDB6T1r0z46NLdII4Q_D6294gRCkKBixfp0OnWr9OfSQ9SO205BuS7NQnns.)’ failed with the following error:
System.Security.SecurityException: Request for principal permission failed.
at System.Security.Permissions.PrincipalPermission.ThrowSecurityException()
at System.Security.Permissions.PrincipalPermission.Demand()
at Microsoft.Exchange.Management.ControlPanel.WebServiceParameters.set_Item(String cmdletParameterName, Object value)
at Microsoft.Exchange.Management.ControlPanel.ResultSizeFilter.set_ResultSize(Int32 value)
at ReadTransportRuleFilterFromJson(XmlReaderDelegator , XmlObjectSerializerReadContextComplexJson , XmlDictionaryString , XmlDictionaryString[] )
at System.Runtime.Serialization.Json.JsonClassDataContract.ReadJsonValueCore(XmlReaderDelegator jsonReader, XmlObjectSerializerReadContextComplexJson context)
at System.Runtime.Serialization.Json.JsonDataContract.ReadJsonValue(XmlReaderDelegator jsonReader, XmlObjectSerializerReadContextComplexJson context)
at System.Runtime.Serialization.XmlObjectSerializerReadContext.InternalDeserialize(XmlReaderDelegator reader, String name, String ns, Type declaredType, DataContract& dataContract)
at System.Runtime.Serialization.XmlObjectSerializerReadContext.InternalDeserialize(XmlReaderDelegator xmlReader, Type declaredType, DataContract dataContract, String name, String ns)
at System.Runtime.Serialization.Json.DataContractJsonSerializer.InternalReadObject(XmlReaderDelegator xmlReader, Boolean verifyObjectName)
at System.Runtime.Serialization.XmlObjectSerializer.ReadObjectHandleExceptions(XmlReaderDelegator reader, Boolean verifyObjectName, DataContractResolver dataContractResolver)
at System.Runtime.Serialization.Json.DataContractJsonSerializer.ReadObject(XmlDictionaryReader reader, Boolean verifyObjectName)
at System.ServiceModel.Dispatcher.DataContractSerializerOperationFormatter.PartInfo.ReadObject(XmlDictionaryReader reader, XmlObjectSerializer serializer)
at System.ServiceModel.Dispatcher.DataContractJsonSerializerOperationFormatter.DeserializeParameterPart(XmlDictionaryReader reader, PartInfo part)
at System.ServiceModel.Dispatcher.DataContractJsonSerializerOperationFormatter.DeserializeParameters(XmlDictionaryReader reader, PartInfo[] parts, Object[] parameters, PartInfo returnInfo, Object& returnValue)
at System.ServiceModel.Dispatcher.DataContractJsonSerializerOperationFormatter.DeserializeBodyCore(XmlDictionaryReader reader, Object[] parameters, Boolean isRequest)
at System.ServiceModel.Dispatcher.DataContractJsonSerializerOperationFormatter.DeserializeBody(XmlDictionaryReader reader, MessageVersion version, String action, MessageDescriptionmessageDescription, Object[] parameters, Boolean isRequest)
at System.ServiceModel.Dispatcher.OperationFormatter.DeserializeBodyContents(Message message, Object[] parameters, Boolean isRequest)
at System.ServiceModel.Dispatcher.OperationFormatter.DeserializeRequest(Message message, Object[] parameters)
at System.ServiceModel.Dispatcher.DemultiplexingDispatchMessageFormatter.DeserializeRequest(Message message, Object[] parameters)
at System.ServiceModel.Dispatcher.UriTemplateDispatchFormatter.DeserializeRequest(Message message, Object[] parameters)
at Microsoft.Exchange.Management.ControlPanel.DiagnosticsBehavior.SerializationPerformanceTracker.DeserializeRequest(Message message, Object[] parameters)
at System.ServiceModel.Dispatcher.DispatchOperationRuntime.DeserializeInputs(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)
The action that failed was:
Demand
The type of the first permission that failed was:
System.Security.Permissions.PrincipalPermission
The first permission that failed was:
<IPermission mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089″
version=”1″>
<Identity Authenticated=”true”
Role=”Get-TransportRule?ResultSize@R:Organization”/>
</IPermission>
The demand was for:
<IPermission mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089″
version=”1″>
<Identity Authenticated=”true”
Role=”Get-TransportRule?ResultSize@R:Organization”/>
</IPermission>
The assembly or AppDomain that failed was:
mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
at System.Security.Permissions.PrincipalPermission.ThrowSecurityException()
at System.Security.Permissions.PrincipalPermission.Demand()
at Microsoft.Exchange.Management.ControlPanel.WebServiceParameters.set_Item(String cmdletParameterName, Object value)
at Microsoft.Exchange.Management.ControlPanel.ResultSizeFilter.set_ResultSize(Int32 value)
at ReadTransportRuleFilterFromJson(XmlReaderDelegator , XmlObjectSerializerReadContextComplexJson , XmlDictionaryString , XmlDictionaryString[] )
at System.Runtime.Serialization.Json.JsonClassDataContract.ReadJsonValueCore(XmlReaderDelegator jsonReader, XmlObjectSerializerReadContextComplexJson context)
at System.Runtime.Serialization.Json.JsonDataContract.ReadJsonValue(XmlReaderDelegator jsonReader, XmlObjectSerializerReadContextComplexJson context)
at System.Runtime.Serialization.XmlObjectSerializerReadContext.InternalDeserialize(XmlReaderDelegator reader, String name, String ns, Type declaredType, DataContract& dataContract)
at System.Runtime.Serialization.XmlObjectSerializerReadContext.InternalDeserialize(XmlReaderDelegator xmlReader, Type declaredType, DataContract dataContract, String name, String ns)
at System.Runtime.Serialization.Json.DataContractJsonSerializer.InternalReadObject(XmlReaderDelegator xmlReader, Boolean verifyObjectName)
at System.Runtime.Serialization.XmlObjectSerializer.ReadObjectHandleExceptions(XmlReaderDelegator reader, Boolean verifyObjectName, DataContractResolver dataContractResolver)
at System.Runtime.Serialization.Json.DataContractJsonSerializer.ReadObject(XmlDictionaryReader reader, Boolean verifyObjectName)
at System.ServiceModel.Dispatcher.DataContractSerializerOperationFormatter.PartInfo.ReadObject(XmlDictionaryReader reader, XmlObjectSerializer serializer)
at System.ServiceModel.Dispatcher.DataContractJsonSerializerOperationFormatter.DeserializeParameterPart(XmlDictionaryReader reader, PartInfo part)
at System.ServiceModel.Dispatcher.DataContractJsonSerializerOperationFormatter.DeserializeParameters(XmlDictionaryReader reader, PartInfo[] parts, Object[] parameters, PartInfo returnInfo, Object& returnValue)
at System.ServiceModel.Dispatcher.DataContractJsonSerializerOperationFormatter.DeserializeBodyCore(XmlDictionaryReader reader, Object[] parameters, Boolean isRequest)
at System.ServiceModel.Dispatcher.DataContractJsonSerializerOperationFormatter.DeserializeBody(XmlDictionaryReader reader, MessageVersion version, String action, MessageDescriptionmessageDescription, Object[] parameters, Boolean isRequest)
at System.ServiceModel.Dispatcher.OperationFormatter.DeserializeBodyContents(Message message, Object[] parameters, Boolean isRequest)
at System.ServiceModel.Dispatcher.OperationFormatter.DeserializeRequest(Message message, Object[] parameters)
at System.ServiceModel.Dispatcher.DemultiplexingDispatchMessageFormatter.DeserializeRequest(Message message, Object[] parameters)
at System.ServiceModel.Dispatcher.UriTemplateDispatchFormatter.DeserializeRequest(Message message, Object[] parameters)
at Microsoft.Exchange.Management.ControlPanel.DiagnosticsBehavior.SerializationPerformanceTracker.DeserializeRequest(Message message, Object[] parameters)
at System.ServiceModel.Dispatcher.DispatchOperationRuntime.DeserializeInputs(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)
Demand: <IPermission mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089″
version=”1″>
<Identity Authenticated=”true”
Role=”Get-TransportRule?ResultSize@R:Organization”/>
</IPermission>
First Failed Demand: <IPermission mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089″
version=”1″>
<Identity Authenticated=”true”
Role=”Get-TransportRule?ResultSize@R:Organization”/>
</IPermission>
Flight info: Features:[[Global.DistributedKeyManagement, False],[Global.GlobalCriminalCompliance, False],[Global.MultiTenancy, False],[Global.WindowsLiveID, False],[Eac.AllowMailboxArchiveOnlyMigration, True],[Eac.AllowRemoteOnboardingMovesOnly, False],[Eac.BulkPermissionAddRemove, True],[Eac.CmdletLogging, True],[Eac.CrossPremiseMigration, False],[Eac.DevicePolicyMgmtUI, False],[Eac.DiscoveryDocIdHint, False],[Eac.DiscoveryPFSearch, False],[Eac.DiscoverySearchStats, False],[Eac.DlpFingerprint, False],[Eac.EACClientAccessRulesEnabled, False],[Eac.GeminiShell, False],[Eac.ManageMailboxAuditing, False],[Eac.ModernGroups, False],[Eac.Office365DIcon, False],[Eac.OrgIdADSeverSettings, False],[Eac.RemoteDomain, False],[Eac.UCCAuditReports, False],[Eac.UCCPermissions, False],[Eac.UnifiedAuditPolicy, False],[Eac.UnifiedComplianceCenter, False],[Eac.UnifiedPolicy, False],[Eac.UnlistedServices, False],], Flights:[], Constraints:[[LOC, EN-US],[MACHINE, EXCHANGESERVER],[MODE, ENTERPRISE],[PROCESS, W3WP],[USER, TECHSUPPORT@],[USERTYPE, BUSINESS],], IsGlobalSnapshot: False
Resolution:
=> Reinstall CU7 & run the following command:
- Run setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms
- Run setup.exe /PrepareAD /IAcceptExchangeServerLicenseTerms
- Run setup.exe /PrepareDomain /IAcceptExchangeServerLicenseTerms
=========================================================
Address rewriting doesn’t work in outbound message (Exchange 2013 SP1)
Issue: After creating a new Address rewrite on the Edge server with the following command,
New-AddressRewriteEntry -Name “rewrite all” -InternalAddress test.local -ExternalAddress mail.test.com the address rewrite works fine for the inbound messages, but does not work for the outbound message & they still appears as”test.local”
Resolution:
=> Check if the Send Connector is configured properly. If not configure it properly.
==========================================================
Mail flow not working in the Exchange 2013 server with error: 451 4.4.0 DNS query failed. The error was: DNS query failed with error”
Issue:
Issue with mailflow not working on Exchange 2013 server, in a mixed environment (Exchange 2010 (server 2008 R2 / Exchange 2013 (server 2012), however the mail flow works on Exchange 2010 without any issues. We get the following error:
2013-04-13T16:41:12.526Z,EX01Default Frontend EXCHANGE01,08D004497C6E9CC3,25,127.0.0.1:25,127.0.0.1:61348,*,,Message or connection acked with status Retry and response 451 4.4.0 DNS query failed. The error was: DNS query failed with error ErrorRetry
2013-04-13T16:41:12.526Z,EX01Default Frontend EXCHANGE01,08D004497C6E9CC3,26,127.0.0.1:25,127.0.0.1:61348,>,451 4.7.0 Temporary server error. Please try again later. PRX2 ,
And we see the following error in the connectivity log:
2013-04-13T23:59:44.720Z,08D006869E9DDB49,SMTP,internalproxy,>,DNS server returned ErrorRetry reported by 0.0.0.0. [Domain:Result] = EX01.xyz.priv:ErrorRetry;
2013-04-13T23:59:44.720Z,08D006869E9DDB49,SMTP,internalproxy,-,Messages: 0 Bytes: 0 (The DNS query for ‘Undefined’:’internalproxy’:’00000000-0000-0000-0000-000000000000′ failed with error : ErrorRetry)
2013-04-14T00:00:46.316Z,08D006869E9DDB4C,SMTP,internalproxy,+,Undefined 00000000-0000-0000-0000-000000000000;QueueLength=0
2013-04-14T00:01:46.404Z,08D006869E9DDB4C,SMTP,internalproxy,>,DNS server returned ErrorRetry reported by 0.0.0.0. [Domain:Result] = EX01.xyz.priv:ErrorRetry;
2013-04-14T00:01:46.404Z,08D006869E9DDB4C,SMTP,internalproxy,-,Messages: 0 Bytes: 0 (The DNS query for ‘Undefined’:’internalproxy’:’00000000-0000-0000-0000-000000000000′ failed with error : ErrorRetry)
Resolution:
=> Change the DNS settings in the Server properties to use specific DNS instead of all network adapters.
=> Also check the DNS being used by the Transport service by running: get-transportservice and get-frontendtransportservice . Look for the External & Internal DNS being used. Change the DNS settings if the Transport service is not using the appropriate one.
==========================================================
Send connector created on exchange 2013 with 2010 coexistence does not work.
Issue: Issue with Send connector created on Exchange 2013 in a co-existence scenario with Exchange 2010. The send connector created on the Exchange 2013 does not work. When dropping an email through telnet we get this error:
451 4.7.0 Temporary server error. Please try again later
Resolution:
=>Check the Server state by running: Get-ServerComponentState –Identity <ServerID> make sure the following components are active.
HubTransport
FrontendTransport.
=> Run this command to set the state to active: Set-ServerComponentState -Component xxx -Identity EXCHSERVER.domain.com -State Active
==========================================================
Some emails are not getting delivered to one external domain (from any user)
Issue: Users may experience issues with not being able to send mails to one specific external domain. The issue occurs for many users & is not user specific.
Resolution:
=> Check if the problematic domain is blocking mails & have them white list.
=> Check if any antivirus / anti spam software is blocking it.
==========================================================
Exchange 2013 acting as an open relay
Issue: Exchange 2013 started to acts as open relay. Nothing found in the send/ receive connector settings.
Resolution:
=> Search for anonymous relay by running the command:
Get-ReceiveConnector | Get-ADPermission -User “NT AuthorityAnonymous Logon” | Where-Object {$_.ExtendedRights -like “ms-Exch-SMTP-Accept-Any-Recipient”} | Format-List Identity,ExtendedRights
=> Then run this command to remove it:
get-ReceiveConnector -Identity “” | remove-ADPermission -User “NT AuthorityAnonymous Logon” -ExtendedRights “ms-Exch-SMTP-Accept-Any-Recipient”
=========================================================
StartTLS Error Event ID 12014
Issue: You will keep getting Start TLS error event 12014 on Exchange 2007 windows 2003R@ server. When we check the list of certificates in Exchange we will see invalid certs.
Resolution:
=> server not compatible with SHA2 .
=> Try this hotfix: http://support.microsoft.com/en-in/kb/938397
Ratish Nair
Microsoft MVP | Exchange Server
Team @MSExchangeGuru.com
