Ews returns unauthorized error while logging in with the 2fa app password

March 18, 2020, 12:04 am

≫ Next: setting EwsAllowList does not seem to work

≪ Previous: ‘Repeat’ field of Outlook 365 Calendar is incorrect when booking recurring meeting on Outlook 2016 calendar

$

0

0

Hi,

I am using ews services for mailing services in my application and lately one of my clients reported an issue where they are not able to send a mail through ews services and when I checked, the error reported back from server was 401. She has enabled 2fa in her office 365 accounts and has used the app password provided. I have asked her to turn off 2fa at her end to check the normal connectivity and authentication, but she says she cannot switch that off as well.

Can you please advise me steps to follow for authentication when a client has enabled 2fa?

Thank you.

---

setting EwsAllowList does not seem to work

March 19, 2020, 9:32 am

≫ Next: Migrating Exchange Server 2013 CU4 to Exchange Server 2016 in Azure VM

≪ Previous: Ews returns unauthorized error while logging in with the 2fa app password

$

0

0

1] I setup an Office 365 Developer Site as suggested @ https://docs.microsoft.com/en-us/exchange/client-developer/exchange-web-services/get-started-with-ews-managed-api-client-applications

2] I setup 2 mail boxes

3] Used Powershell and executed these commands:

3.1] Set-OrganizationConfig -EwsEnabled $False

3.2] Set-OrganizationConfig -EwsAllowList @{add='WelcomeList'}

3.3] Set-CASMailbox -EwsEnabled $False

4] Created the sample app @ https://docs.microsoft.com/en-us/exchange/client-developer/exchange-web-services/how-to-authenticate-an-ews-application-by-using-oauth

5] Executed EWS with ImpersonatedUserId = mail ID in [3.3]

Result: I am able to access the list of folders as well as mails in the Inbox

My Assumption : Because of 3.1 to 3.3, i must not get the above result

Assuming i am right, looking for help on where could i be going wrong.

Migrating Exchange Server 2013 CU4 to Exchange Server 2016 in Azure VM

March 22, 2020, 11:48 pm

≫ Next: Update Exchange Server 2013 Hybrid to Exchange Server 2016 Hybrid

≪ Previous: setting EwsAllowList does not seem to work

$

0

0

We are trying to know the possibility of migrating Exchange server 2013 Hybrid Setup from On-premises to Azure.

These are the thongs we are trying to accomplish

1.Migrating Exchange Server to Azure- Is it possible? Explain How?

2. Can i deploy a VM in Azure and Install Exchange 2016 in the VM and replicate the changed? is it possible? how?

3. How to replicate the On-Prem Exchange server configurations to azure?

Update Exchange Server 2013 Hybrid to Exchange Server 2016 Hybrid

March 23, 2020, 6:14 am

≫ Next: DR options for a hybrid deployment of O365. specifically for the on premise exchange?

≪ Previous: Migrating Exchange Server 2013 CU4 to Exchange Server 2016 in Azure VM

$

0

0

I need to Update Exchange Server 2013 Hybrid to Exchange Server 2016 Hybrid. THhe exchange 2013 is running in Windows server 2008 R2. I'm planning to upgrade the OS also.

Is it possible to create a new VM in azure possibly Windows server 2016 Datacenter and Install Exchange 2016 in it. 

I would like to know the whether the above scenario is possible or not?

DR options for a hybrid deployment of O365. specifically for the on premise exchange?

March 23, 2020, 1:06 pm

≫ Next: How to setup ASR fail-over for Exchange DAG

≪ Previous: Update Exchange Server 2013 Hybrid to Exchange Server 2016 Hybrid

$

0

0



What are the DR options for on premise exchange portion of a hybrid O365 deployment?   How does on-premise exchange stay connected with a O365 which can geolocate anywhere within the US?   How would the geolocated O365 communicate with on-premise exchange which is connected the original colocation site?  Do we need a additional colocation site with another on-premise exchange server (same exchange organization as original on premise exchange)?  Would we need to add another connector to the O365 from the on premise exchange at the DR site.   The on premise exchange would be replicating between the primary site and the DR site so free/busy would be preserved.

---

dsk

How to setup ASR fail-over for Exchange DAG

March 24, 2020, 4:58 am

≫ Next: Exchange Hybrid connection verification script fail

≪ Previous: DR options for a hybrid deployment of O365. specifically for the on premise exchange?

$

0

0

There is an on-prem server running on Exchange DAG. Is it possible using ASR to replicate for onprem Exchange DAG.

---

Dileepa S. Rajapaksa
---------------------------------
Cloud Soulution Architect
----------------
Twitter : @dsrajapaksa
Blog : http://windowsgeek.lk/

Exchange Hybrid connection verification script fail

March 25, 2020, 8:05 am

≫ Next: Exchnage Online EOP DLP not working with Hybrid

≪ Previous: How to setup ASR fail-over for Exchange DAG

$

0

0

Hi, I am in process of migrating to O365. Setting up Exchange Hybrid, but when running Hybrid connection verification script found here in this guide "https://docs.microsoft.com/en-us/exchange/hybrid-deployment/hybrid-agent", it fails.
Probably because certificate at "https://aadap-portcheck-seaus.connectorporttest.msappproxy.net" is expired.
Can you help fix this problem?

Exchnage Online EOP DLP not working with Hybrid

March 25, 2020, 7:37 pm

≫ Next: AUTHENTICATE failed. when connecting imap-mail.outlook.com using XOAUTH2

≪ Previous: Exchange Hybrid connection verification script fail

$

0

0

• I have centralize mailflow selected in Hybrid configuration. I have found that my DLP and Exchange transport rules are not working or getting skipped for outbound email. Can you please help me with KB article or document which explains why DLP and ETR are not working after configuring CENTRALIZE Email flow in Hybrid Configuration.

---

AUTHENTICATE failed. when connecting imap-mail.outlook.com using XOAUTH2

March 29, 2020, 10:41 am

≫ Next: Exchange Online MFA code for C# batch jobs

≪ Previous: Exchnage Online EOP DLP not working with Hybrid

$

0

0

getting javax.mail.AuthenticationFailedException: AUTHENTICATE failed. when connecting imap-mail.outlook.com using XOAUTH2 mail.smtp.sasl.mechanisms and accesstoken(Oauth2). DEBUG IMAPS: SASL Mechanisms:

I'm using XOAUTH2 (oauth2 acceess token) with IMAP to access my email from java application.

Please confirm if support for XOAUTH2 is available for O365 accounts or not. my email is ram@ramxxx.onmicrosoft.com.

Thanks,

Ram

Exchange Online MFA code for C# batch jobs

March 27, 2020, 6:25 am

≫ Next: Does EWS count towards the Submission Rate? Is the Submission rate count based on Connections or Transmissions (Successful/Failed) of emails?

≪ Previous: AUTHENTICATE failed. when connecting imap-mail.outlook.com using XOAUTH2

$

0

0

We have been using a batch job using Exchange Web Services to send emails to users. Recently, our organisation has implemented MFA and mandated it for the account we have been using for the application. So, the job could not authenticate and send the emails. The security team is very strict about security of the account.

1. Is there white listing the IP in Office 365 to accept authentication?

2. Is app passwords help in this case?

3. Is there any sample C# code for authenticate a EWS based background job?

Appreciate any of your help.

Does EWS count towards the Submission Rate? Is the Submission rate count based on Connections or Transmissions (Successful/Failed) of emails?

March 31, 2020, 12:08 am

≫ Next: POP3 OAuth Authentication gives “-ERR Protocol error. Connection is closed”

≪ Previous: Exchange Online MFA code for C# batch jobs

$

0

0

Microsoft Dynamics CRM has recently been displaying unreliability in its handling of Email, there has been several issues seen, these are:
• Emails stuck in “Pending Send” that never send.
• Emails stuck in “Pending Send” that never send and finally mark as failed.
• Emails stuck in “Pending Send” that have actually sent, on some occasions have sent multiple times.
• Multiple Copies of the same Email sent from CRM in the “Drafts” folder of the mailbox sending the email – Both Individual Mailbox and Shared Mailbox.

Infrastructure Overview
Microsoft Dynamics CRM 2016 (v8.1) On-Premise
Microsoft Exchange Server Online E5
These 2 are connected via Microsoft CRM Exchange Hybrid Connector – Configured as per https://docs.microsoft.com/en-us/dynamics365/customerengagement/on-premises/deploy/connect-dynamics-365-on-premises-exchange-online
NOTE: This setup has been in place for some time and no CRM modifications have been made recently, However Exchange Online has been subject to changes via Microsoft’s Own Policy.

Investigation To Date
OA Systems have investigated the issue from the CRM server side of things by looking at and diagnosing the following areas:
• Crm Server Event Logs – No Issues related to Outbound Mail Found.
• Crm Email Entity – No identifiable patterns for the issue found.
• Crm Email Entity – Delivery Attempts are sporadic and range between 1 retry to 80+ retries
• Crm Emails with the same content, sender and recipient will result in different outcomes, Sent and Failed, even when sent within 2 minutes of each other.
• On a day that we monitored and observed as only sending 400 emails in total for the day, issues with sending was still apparent with the same cause of “SenderExceededSubmissionRateLimit” (see below)

Careerforce have investigated the Exchange logs for some of the emails sent from CRM and have uncovered an issue where Exchange is throttling the mail submissions:
S:MailboxDatabaseGuid=f6e5dc2d-fb66-41a7-96aa-f2ea9eced0e9;
S:MapiNotifyTime=2020-03-04T20:16:28.299Z;
S:TenantEopForest=APC01;
S:DeliveryPriority=Low;
S:PrioritizationReason=SenderExceededSubmissionRateLimit;
S:AccountForest=AUSPR01A005.PROD.OUTLOOK.COM

So far the sending seems to have stabilised, but why was the Submission Rate Limit exceeded? The Hybrid exchange connector is using EWS not SMTP.
Question: Does EWS count towards the Submission Rate? Is the Submission rate count based on Connections or Transmissions (Successful/Failed) of emails?

POP3 OAuth Authentication gives “-ERR Protocol error. Connection is closed”

March 31, 2020, 1:43 pm

≫ Next: chrome-extension://

≪ Previous: Does EWS count towards the Submission Rate? Is the Submission rate count based on Connections or Transmissions (Successful/Failed) of emails?

$

0

0

My company needs to upgrade an application to integrate two-legged OAuth 2.0 for POP3. I'm testing with an outlook online account and trying to authenticate on outlook.office365.com.

I registered for an Exchange Online trial using my test outlook account and I have tried testing with the Exchange email address as well (gives the same error).

I've registered my app on Azure and have enabled API Application Permissions for MS Graph (Mail.ReadWrite, Mail.Send) and Exchange (full_access_as_app). The same outlook account I used for the Exchange registration is the Global Admin of the Azure tenant.

I'm able to request a valid OAuth token from both the Graph and Exchange endpoints. However, when I use the token and try to log into the POP server, I get the following error:

<PopCmdResp>-ERR Protocol error. Connection is closed. 10</PopCmdResp>

Followed by:

<error>POP3 authentication failed</error>

I'm not sure what this error means. Does my mail component need to be set up to use a different protocol (not sure if this is possible)? Could this be an issue with the way my application is registered/authenticated or with the Exchange security settings?

The login works fine if I use Basic Auth instead of OAuth.

I'm not sure how to troubleshoot this. Any info or suggestions would be much appreciated!

EDIT
I thought I'd post the tokens I'm getting back from both endpoints in case they're useful. Apologies for the formatting, I'm having trouble figuring out how to format this cleanly and my edits keep getting flagged as spam.

Graph Endpoint:

{"aud": "https://graph.microsoft.com","iss": "https://sts.windows.net/04669076-130f-49aa-b6b8-171a9e74b324/","iat": 1585688162,"nbf": 1585688162,"exp": 1585692062,"aio": "42cAAh59R94bYs4Je0Kn290+uwUA","app_displayname": "Remindex","appid": "ad2ead7c-edb9-476f-8209-ecb29e1b7355","appidacr": "1","idp": "https://sts.windows.net/04669076-130f-49aa-b6b8-171a9e74b324/","oid": "0f7a5174-fcce-4752-ae07-ba8e64de467f","roles": ["Mail.ReadWrite","Mail.Send"

],

"sub": "0f7a5174-fcce-4752-ae07-ba8e64de467f","tid": "04669076-130f-49aa-b6b8-171a9e74b324","uti": "gpIYvaSYikuDnd6CFQAnAA","ver": "1.0","xms_tcdt": 1585156686

}

Exchange Endpoint:

{"aud": "https://outlook.office365.com","iss": "https://sts.windows.net/04669076-130f-49aa-b6b8-171a9e74b324/","iat": 1585688002,"nbf": 1585688002,"exp": 1585691902,"aio": "42dgYNjxvn/mtBN+7zm3/vu4L0yyAgA=","app_displayname": "Remindex","appid": "ad2ead7c-edb9-476f-8209-ecb29e1b7355","appidacr": "1","idp": "https://sts.windows.net/04669076-130f-49aa-b6b8-171a9e74b324/","oid": "0f7a5174-fcce-4752-ae07-ba8e64de467f","roles": ["full_access_as_app","Mail.ReadWrite","MailboxSettings.ReadWrite","Mail.Read","Mail.Send","MailboxSettings.Read"

],

"sid": "f4596631-bebc-4308-8b46-8ea14b842739","sub": "0f7a5174-fcce-4752-ae07-ba8e64de467f","tid": "04669076-130f-49aa-b6b8-171a9e74b324","uti": "0lyqmDTwPEqSeXwQYHUlAA","ver": "1.0"

}

chrome-extension://

April 1, 2020, 9:59 pm

≫ Next: How do I add a cc or BCC through a transport agent?

≪ Previous: POP3 OAuth Authentication gives “-ERR Protocol error. Connection is closed”

$

0

0

errorcallnbdncclmgdcncolpebgiejap has been blockedInquiries to the server have been blocked by an add-on.
Try disabling extensions.
ERR_BLOCKED_BY_CLIENT

download again

 chrome-extension://felcaaldnbdncclmgdcncolpebgiejap/main.html

What going to do.

---

hassansayedissa

How do I add a cc or BCC through a transport agent?

April 2, 2020, 9:38 am

≫ Next: Exchange 2013 hybrid setup to office 365

≪ Previous: chrome-extension://

$

0

0

public override RoutingAgent CreateAgent(SmtpServer server)
{
            return new MyAgent(server);
}    

public class MyAgent : RoutingAgent
{
        public MyAgent(SmtpServer server)
        {
            this.OnSubmittedMessage += MyAgent_OnSubmittedMessage;
        }

        private void MyAgent_OnSubmittedMessage(SubmittedMessageEventSource source, QueuedMessageEventArgs e)
        {
            e.MailItem.Message.Bcc.Add(new EmailRecipient("wangdasheng", "wangdasheng@hundun.com"));
        } 
}

It doesn't work when I write it like this.

How do I add a Cc  through a transport agent?

Exchange 2013 hybrid setup to office 365

April 6, 2020, 4:15 am

≫ Next: exchange2010sp3&2013 API求助

≪ Previous: How do I add a cc or BCC through a transport agent?

$

0

0

Hi All, 

Hope all doing well and safe if this strange times. 

we are planning to migrate our mailboxes to office 365. 

we have exchange server 2013 two node dag and make uses of an ARR reverse proxy. 

is there anything i need to do on the IIS reverse proxy for the hybrid setup? 

Kind Regards

Chris

---

exchange2010sp3&2013 API求助

March 17, 2020, 1:30 am

≫ Next: The specified object was not found in the store

≪ Previous: Exchange 2013 hybrid setup to office 365

$

0

0

最近准备使用Java做系统二开，需要与exchange交互，但一直没找到2010sp3和2013的API，不知道论坛里的兄弟是否能帮忙提供一下，非常感谢。

The specified object was not found in the store

January 25, 2010, 4:31 pm

≫ Next: Keep a post always 'on top' in a public folder

≪ Previous: exchange2010sp3&2013 API求助

$

0

0

Hi,

I am facing a weird problem since last 2 days. I have a mailbox, where I try to delete all mail/calendar items using EWS.
The cleanup code used to work fine until sometime back. But for the last two days, whenever I run this code, I am getting the following message.

The specified object was not found in the store.

The calendar item does exist in the mailbox (which I can verify by logging into Outlook and seeing it there)
This happens at random (most of the times i get the error, but sometimes it goes through)

I have been breaking my head to figure out what is going on... Do any one of you have any suggestions for me??
Is it something happening from Outlook side, where two servers are out of sync or something of that sort??

Please help.

M

Keep a post always 'on top' in a public folder

April 9, 2020, 3:14 pm

≫ Next: automatically assign category to received mail

≪ Previous: The specified object was not found in the store

$

0

0

Is it possible to make a post always show first in a public folder? So I can put there a little README with some basic info.

automatically assign category to received mail

April 9, 2020, 3:15 pm

≫ Next: Public folder scripting still possible

≪ Previous: Keep a post always 'on top' in a public folder

$

0

0

Is it possible to automatically assign a category based on the email address in To:?

Public folder scripting still possible

April 9, 2020, 3:18 pm

≫ Next: how to register an exchange mail account by API interface

≪ Previous: automatically assign category to received mail

$

0

0

Is it still possible to store in the exchange server with a public folder a script or program that is being executed when eg an message enters the public folder? I can remember that his existed in old exchange servers 2003 or 2000?

Asked also here[1]

[1]
https://social.technet.microsoft.com/Forums/office/en-US/401b452e-6bc1-4c09-9d55-37eb5e5bbe9a/public-folder-scripting-still-possible?forum=Exch2016GD