Configuration:
Exchange Servers 2007 With SP1 On Server 2008 (Qty=3) All servers have OutlookAnywhere configured.
Newly Installed Exchange Server 2013 With CU9 on Windows 2012 R2 With all updates.
OWA and Mobile email works perfectly.
When I use the Microsoft RCA tool, for user 1, All tests pass.
When I test with user 2, Test fails. Both users are located on the same legacy 2007 Server and are contained in the same mailbox database. THey are also located in the same OU. The user that works is a normal user. The user that fails is a domain admin (not
sure if that matters). Enable inheritance is enabled for both users. Have been working with Microsoft Support for the last week and still not resolved.
Here is the result for the failing user:
Attempting to ping RPC proxy mydomain.myorg.com.
RPC Proxy can't be pinged.
Additional Details
An unexpected network-level exception was encountered. Exception details:
Message: The remote server returned an error: (401) Unauthorized.
Type: Microsoft.Exchange.Tools.ExRca.Extensions.MapiTransportException
Stack trace:
at Microsoft.Exchange.Tools.ExRca.Extensions.MapiRpcTestClient.PingProtocolProxy(String endpointIdentifier)
at Microsoft.Exchange.Tools.ExRca.Tests.MapiPingProxyTest.PerformTestReally()
Exception details:
Message: The remote server returned an error: (401) Unauthorized.
Type: System.Net.WebException
Stack trace:
at System.Net.HttpWebRequest.GetResponse()
at RpcPingLib.RpcPing.PingProxy(String internalServerFqdn, String endpoint)
at Microsoft.Exchange.Tools.ExRca.Extensions.MapiRpcTestClient.PingProtocolProxy(String endpointIdentifier)
Elapsed Time: 392 ms.
Here is the result of the working user:
Testing Outlook connectivity.
The Outlook connectivity test completed successfully.
Additional Details
Elapsed Time: 9279 ms.
Test Steps
Testing RPC over HTTP connectivity to server mydomain.myorg.com
RPC over HTTP connectivity was verified successfully.
Additional Details
HTTP Response Headers:
request-id: 12b3bcd6-ea1a-4658-b2c5-a06adf5ad78d
Set-Cookie: ClientId=BRASCDK0XUESOOXJZSNLA; expires=Wed, 31-Aug-2016 18:40:28 GMT; path=/; HttpOnly
Server: Microsoft-IIS/8.5
WWW-Authenticate: Basic realm="mydomain.myorg.com",Negotiate,NTLM
X-Powered-By: ASP.NET
X-FEServer: 01SERVER014
Date: Tue, 01 Sep 2015 18:40:28 GMT
Content-Length: 0
Elapsed Time: 9279 ms.
Test Steps
Attempting to resolve the host name mydomain.myorg.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 8.36.32.164
Elapsed Time: 240 ms.
Testing TCP port 443 on host mydomain.myorg.com to ensure it's listening and open.
The port was opened successfully.
Additional Details
Elapsed Time: 176 ms.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Additional Details
Elapsed Time: 189 ms.
Test Steps
The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server mydomain.myorg.com on port 443.
The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate.
Additional Details
Remote Certificate Subject: CN=01SERVER.myorg.com, OU=Domain Control Validated, Issuer: CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US.
Elapsed Time: 146 ms.
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
Host name mydomain.myorg.com was found in the Certificate Subject Alternative Name entry.
Elapsed Time: 1 ms.
Certificate trust is being validated.
The certificate is trusted and all certificates are present in the chain.
Test Steps
The Microsoft Connectivity Analyzer is attempting to build certificate chains for certificate CN=01server.myorg.com, OU=Domain Control Validated.
One or more certificate chains were constructed successfully.
Additional Details
A total of 1 chains were built. The highest quality chain ends in root certificate CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US.
Elapsed Time: 17 ms.
Analyzing the certificate chains for compatibility problems with versions of Windows.
Potential compatibility problems were identified with some versions of Windows.
Additional Details
The Microsoft Connectivity Analyzer can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled.
Elapsed Time: 3 ms.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 8/31/2015 5:22:03 PM, NotAfter = 8/17/2016 5:19:38 PM
Elapsed Time: 0 ms.
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates isn't configured.
Elapsed Time: 333 ms.
Testing HTTP Authentication Methods for URL https://mydomain.myorg.com/rpc/rpcproxy.dll?01server14.myorg.com:6002.
The HTTP authentication methods are correct.
Additional Details
The Microsoft Connectivity Analyzer found all expected authentication methods and no disallowed methods. Methods found: Basic, Negotiate, NTLM
HTTP Response Headers:
request-id: 12b3bcd6-ea1a-4658-b2c5-a06adf5ad78d
Set-Cookie: ClientId=BRASCDK0XUESOOXJZSNLA; expires=Wed, 31-Aug-2016 18:40:28 GMT; path=/; HttpOnly
Server: Microsoft-IIS/8.5
WWW-Authenticate: Basic realm="mydomain.myorg.com",Negotiate,NTLM
X-Powered-By: ASP.NET
X-FEServer: 01SERVER14
Date: Tue, 01 Sep 2015 18:40:28 GMT
Content-Length: 0
Elapsed Time: 221 ms.
Attempting to ping RPC proxy mydomain.myorg.com.
RPC Proxy was pinged successfully.
Additional Details
Elapsed Time: 470 ms.
Attempting to ping the MAPI Mail Store endpoint with identity: 01SERVER14.myorg.com:6001.
The endpoint was pinged successfully.
Additional Details
The endpoint responded in 78 ms.
Elapsed Time: 83 ms.
Testing the MAPI Address Book endpoint on the Exchange server.
The address book endpoint was tested successfully.
Additional Details
Elapsed Time: 2463 ms.
Test Steps
Attempting to ping the MAPI Address Book endpoint with identity: 01SERVER14.myorg.com:6004.
The endpoint was pinged successfully.
Additional Details
The endpoint responded in 906 ms.
Elapsed Time: 1904 ms.
Testing the address book "Check Name" operation for user user.name@myorg.com against server 01SERVER14.myorg.com
Check Name succeeded.
Additional Details
DisplayName: Name, User, LegDN: /o=MYORG/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=user.name
Elapsed Time: 558 ms.
Testing the MAPI Referral service on the Exchange Server.
The Referral service was tested successfully.
Additional Details
Elapsed Time: 4301 ms.
Test Steps
Attempting to ping the MAPI Referral Service endpoint with identity: 01server14.myorg.com:6002.
The endpoint was pinged successfully.
Additional Details
The endpoint responded in 359 ms.
Elapsed Time: 3354 ms.
Attempting to perform referral for user /o=MYORG/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=user.name on server 01server14.myorg.com.
We got the address book server successfully.
Additional Details
The server returned by the Referral service: 01SERVER14.myorg.com
Elapsed Time: 946 ms.
Testing the MAPI Address Book endpoint on the Exchange server.
The address book endpoint was tested successfully.
Additional Details
Elapsed Time: 568 ms.
Test Steps
Attempting to ping the MAPI Address Book endpoint with identity: 01SERVER14.myorg.com:6004.
The endpoint was pinged successfully.
Additional Details
The endpoint responded in 78 ms.
Elapsed Time: 83 ms.
Testing the address book "Check Name" operation for user user.name@mydomain.com against server 01SERVER14.myorg.com.
Check Name succeeded.
Additional Details
DisplayName: Name, User, LegDN: /o=MYORG/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=user.name
Elapsed Time: 485 ms.
Testing the MAPI Mail Store endpoint on the Exchange server.
We successfully tested the Mail Store endpoint.
Additional Details
Elapsed Time: 229 ms.
Test Steps
Attempting to ping the MAPI Mail Store endpoint with identity: 01server14.myorg.com:6001.
The endpoint was pinged successfully.
Additional Details
The endpoint responded in 78 ms.
Elapsed Time: 72 ms.
Attempting to log on to the Mailbox.
We were able to log on to the Mailbox.
Additional Details
Elapsed Time: 157 ms.