Who's Online
10 visitors online now
1 guests, 9 bots, 0 members
Support my Sponsor

Archive for October, 2014

SharePoint Server 2007, 2010, 2013 HTTP Error 503. The service is unavailable

From last few days I have seen lot of people come across error 503 Service Unavailable. Mostly people come up with Plan to update password to resolve the issue. It is 90 % of time that Update Password in IIS and Central Admin does the trick but if you come across a scenario where you are still stuck with “503 Service Unavailable” try below. Verify that all SharePoint services are started, this error mostly occurs because of changing the service account password.

Here is screenshot of error how it looks

0076

Error you might see in Log file

Exception: System.ServiceModel.ServiceActivationException: The service ‘/SecurityTokenServiceApplication/securitytoken.svc’ cannot be activated due to an exception during compilation.  The exception message is: Exception has been thrown by the target of an invocation.. —> System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. —>

What is “503 Service Unavailable” error?
Http 503 errors are generated by the IIS and it happens when web server sends data stream back to the web site.

+> First I would like to make sure below steps are followed to update the password.

  • Open IIS on SharePoint server > Expand Server > Expand Website
  • Check the web site properties in IIS > under home directory tab, check the application pool value and then open that application pool from the application pools (separate node in the IIS tree)
  • Click the identity tab and see who the pool is assigned to. For the sake of testing, you can select “Predefined” and select local service from the drop down.
  • Restart IIS and see if things work out for you.
  • You may need to change the new password to SharePoint timer service in services.msc console.
    0078

Here are the Advance troubleshooting steps I followed to resolve this issue

  1. Incorrect Authentication Settings: Please ensure that the authentication settings for the SecureTokenServiceApplication are correctly configured by completing the following steps:a) Open IIS Manager
    Expand “Sites”
    Expand “SharePoint Web Services”
    Select “SecurityTokenServiceApplication”
    From the “Features” pane, double click on “Authentication” under “IIS”
    Right click “Forms Authentication” and select “Disable”
    0077The authentication settings page should only have Windows and Anonymous access enable for the security token service to issue tokens properly (and for claims authentication to work properly)
  1. Incorrect data in the configuration file: Please review the web.config file of the secure token service application and compare it to a web.config file from a “working” secure token service application or secure token service application on different machine. Lot of people event copy web.config from a working machine which resolves the issue. Here is a copy of my web.config for security token

———————- Security Token Service Application web.config———–Start ——————

<?xml version=”1.0″ encoding=”utf-8″ ?>
<configuration>
<system.serviceModel>
<!– Behavior List: –>
<behaviors>
<serviceBehaviors>
<behavior name=”SecurityTokenServiceBehavior” >
<!– The serviceMetadata behavior allows one to enable metadata (endpoints, bindings, services) publishing.
This configuration enables publishing of such data over HTTP GET.
This does not include metadata about the STS itself such as Claim Types, Keys and other elements to establish a trust.
–>
<serviceMetadata httpGetEnabled=”true” />
<!– Default WCF throttling limits are too low –>
<serviceThrottling maxConcurrentCalls=”65536″ maxConcurrentSessions=”65536″ maxConcurrentInstances=”65536″ />
</behavior>
<behavior name=”ApplicationSecurityTokenServiceBehavior” >
<serviceMetadata httpGetEnabled=”false” httpsGetEnabled=”false” />
<serviceThrottling maxConcurrentCalls=”65536″ maxConcurrentSessions=”65536″ maxConcurrentInstances=”65536″ />
</behavior>
</serviceBehaviors>
</behaviors>
<!– Service List: –>
<services>
<service name=”Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceContract”
behaviorConfiguration=”SecurityTokenServiceBehavior” >
<!– This is the HTTP endpoint that supports clients requesing tokens. This endpoint uses the default standard ws2007HttpBinding which requires that clients authenticate using their Windows credentials. –>
<endpoint
address=””
binding=”customBinding”
bindingConfiguration=”spStsBinding”
contract=”Microsoft.IdentityModel.Protocols.WSTrust.IWSTrust13SyncContract” />
<!– This is the HTTP endpoint that supports clients requesting service tokens. –>
<endpoint
name =”ActAs”
address=”actas”
binding=”customBinding”
bindingConfiguration=”spStsActAsBinding”
contract=”Microsoft.IdentityModel.Protocols.WSTrust.IWSTrust13SyncContract” />
<!– This is the HTTP endpoint that supports IMetadataExchange. –>
<endpoint address=”mex”
binding=”mexHttpBinding”
contract=”IMetadataExchange” />
</service>
<service
name=”Microsoft.SharePoint.IdentityModel.ApplicationSecurityTokenService”
behaviorConfiguration=”ApplicationSecurityTokenServiceBehavior”>
<endpoint
name=”app”
address=””
binding=”customBinding”
bindingConfiguration=”spStsApplicationBinding”          contract=”Microsoft.SharePoint.IdentityServices.IApplicationSecurityTokenServiceContract” />
</service>
<servicename=”Microsoft.SharePoint.Administration.Claims.SPWindowsTokenCacheService”>
<endpoint address=””
binding=”customBinding”
bindingConfiguration=”SPWindowsTokenCacheServiceHttpsBinding”                 contract=”Microsoft.SharePoint.Administration.Claims.ISPWindowsTokenCacheServiceContract” />
</service>
</services>
<!– Binding List: –>
<bindings>
<customBinding>
<binding
name=”spStsBinding”>
<binaryMessageEncoding>
<readerQuotas
maxStringContentLength=”1048576″
maxArrayLength=”2097152″/>
</binaryMessageEncoding>
<httpTransport
maxReceivedMessageSize=”2162688″
authenticationScheme=”Negotiate”
useDefaultWebProxy=”false” />
</binding>
<binding
name=”spStsActAsBinding”>
<security
authenticationMode=”SspiNegotiatedOverTransport”
allowInsecureTransport=”true”
defaultAlgorithmSuite=”Basic256Sha256″            messageSecurityVersion=”WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12″ />
<binaryMessageEncoding>
<readerQuotas
maxStringContentLength=”1048576″
maxArrayLength=”2097152″/>
</binaryMessageEncoding>
<httpTransport
maxReceivedMessageSize=”2162688″
authenticationScheme=”Negotiate”
useDefaultWebProxy=”false”/>
</binding>
<binding
name=”spStsApplicationBinding”>
<binaryMessageEncoding>
<readerQuotas
maxStringContentLength=”1048576″
maxArrayLength=”2097152″ />
</binaryMessageEncoding>
<namedPipeTransport
maxPendingAccepts=”250″
maxPendingConnections=”250″
maxReceivedMessageSize=”2162688″>
<connectionPoolSettings
idleTimeout=”00:30:00″
maxOutboundConnectionsPerEndpoint=”250″/>
</namedPipeTransport>
</binding>
<binding name=”SPWindowsTokenCacheServiceHttpsBinding”>
<security
authenticationMode=”IssuedTokenOverTransport”
defaultAlgorithmSuite=”Basic256Sha256″ />
<textMessageEncoding>
<readerQuotas maxStringContentLength=”1048576″ maxArrayLength=”2097152″/>
</textMessageEncoding>
<httpsTransport maxReceivedMessageSize=”2162688″ authenticationScheme=”Anonymous” useDefaultWebProxy=”false” />
</binding>
</customBinding>
</bindings>
</system.serviceModel>
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled=”true” />
<windowsAuthentication enabled=”true”>
<providers>
<clear />
<add value=”Negotiate” />
<add value=”NTLM” />
</providers>
</windowsAuthentication>
</authentication>
</security>
<modules>
<add name=”WindowsAuthenticationModule” />
</modules>
</system.webServer>
<system.net>
<connectionManagement>
<clear />
<add address=”*” maxconnection=”10000″ />
</connectionManagement>
</system.net>
</configuration>

———————- Security Token Service Application web.config———–End ——————

 

  1. SecureTokenServiceApplication not provisioned: Use the following power shell commands to provision the secure token service application

$sts = Get-SPServiceApplication | ?{$_ -match “Security”}
$sts.Status
$sts.Provision()​
$farm = [Microsoft.SharePoint.Administration.SPFarm]::Local
$webServiceCollection = new-object Microsoft.SharePoint.Administration.SPWebServiceCollection($farm)
foreach ($service in $webServiceCollection)

After I run above command I got below error:
Exception calling “SecurityTokenForContext” with “1” argument(s): “The requested service,’http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc/actas’ could not be activated. See the server’s diagnostic trace logs

  • > If you get above error try below in powershell
    $sts = Get-SPServiceApplication | ?{$_ -match “Security”}
    $sts.Status
    $sts.Provision() 

Event log :
The Execute method of job definition Microsoft.SharePoint.Publishing.Internal.PersistedNavigationTermSetSyncJobDefinition.

ULS log :
The HTTP service located at http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc/actas is unavailable.  This could be because the service is too busy or because no endpoint was found listening at the specified address. Please ensure that the address is correct and try accessing the service again later

+> If you get above in Powershell try below:

PSCONFIG.EXE -cmd upgrade -inplace b2b –force
Psconfig -cmd Secureresources

Note: Above needs to run in SharePoint Powershell with account which has Farm Admin permission.

 

  1. You might have the URL http://+:80 reserved. To check the same run command “netsh http show urlacl” in SharePoint Powershell. If this shows an output similar to

Reserved URL            : http://+:80/
User: BUILTIN\IIS_IUSRS
Listen: Yes
Delegate: Yes
User: BUILTIN\Administrators
Listen: Yes
Delegate: Yes
User: NT AUTHORITY\NETWORK SERVICE
Listen: Yes
Delegate: Yes
SDDL: D:(A;;GA;;;IS)(A;;GA;;;BA)(A;;GA;;;NS)

Then you have this port reserved which takes precedence over your http://localhost calls. Go ahead and remove this URL reservation by running the following command,

netsh http delete urlacl url=http://+:80/ 

  1. Web Application started out as a 32-bit ASP.NET application, and subsequently got converted (upgraded) to a SharePoint 2010 Web Application. In this case you will see that the application pool has the “Enable 32-Bit Applications” property set to true, which is incompatible with SharePoint 2010. Setting this property to false should solve the problem. In some cases some SharePoint 2013 server Web Applications have this setting as true which is incorrect

0079

Ensure that the enable32BitAppOnWin64 setting for the “SharePoint Central Administration” app pool is set to False, and the same for Other Application pool

+> You can do the same by Editing applicationHost.config located at C:\Windows\System32\inetsrv\config  :
Change:
<globalModules>

<add name=”SharePoint14Module” image=”C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\isapi\owssvr.dll” preCondition=”appPoolName=SharePoint Central Administration v4″ />
</globalModules>
To:
<add name=”SharePoint14Module” image=”C:\Program Files\Common Files\Microsoft
Shared\Web Server Extensions\14\isapi\owssvr.dll” preCondition=”appPoolName=SharePoint Central Administration v4,bitness64” />

I hope would help you resolve your isue 🙂

Reference:
http://blogs.msdn.com/b/govindr/archive/2007/08/30/503-server-unavailable-failure-with-iis-7-0.aspx

Cumulative Update October 2014 for SharePoint 2010

Microsoft has released SharePoint 2010 Cumulative Update in October 2014.

Its per-requisites is Sharepoint 2010 SP2. Rather I would recommend you to install September 2014 CU before installing October 2014 CU.

Note: This CU does NOT(!) include all SharePoint 2010 fixes previously released! It is recommended to install September 2014 CU before installing this CU. Be aware that for SharePoint Server you have to install the SharePoint Foundation fixes as well! Same for Project Server where you have to install the SharePoint Foundation and the SharePoint Server fixes.

All are available by clicking the same Hotfix Download Available link in the KB article for the release.

Here is link for all the updates:

For Sharepoint server you need setup 479094_intl_x64_zip.exe

Download SharePoint Server 2010 October 2014 CU

 

For Project server you need setup 479099_intl_x64_zip.exe, 479098_intl_x64_zip.exe (You need to install both the below updates)

Download Project Server 2010 October 2014 CU (KB 2899485)

Download Project server 2010 October 2014 CU (KB 2880539)

 

The KB articles for October CU are available at the following locations:

  • SharePoint Foundation 2010: no fixes released in October CU
  • SharePoint Server 2010: KB 2899490
  • Project Server 2010: KB 2899485, KB 2880539

Once the updated are downloaded, you need run the main setup file ubersrv.exe file, you will be able to extract and install the update:

Follow the same steps on all SharePoint servers in farm. Now run SharePoint PSconfig wizard on all servers.

For more information:

http://blogs.technet.com/b/stefan_gossner/archive/2014/10/14/october-2014-cu-for-sharepoint-2010-has-been-released.aspx

Cumulative Update October 2014 for SharePoint 2013

Microsoft has released SharePoint 2013 Cumulative Update in October 2014.

Its per-requisites is Sharepoint 2013 SP1. It is said that it can work on Sharepoint 2013 March PU as well, but we found couple of issue with just March PU so I would recommend install October update after SP1. Rather I would recommend you to install September 2014 CU before installing October 2014 CU.

Note: This CU does NOT(!) include all SharePoint 2013 fixes previously released! It is recommended to install September 2014 CU before installing this CU. Be aware that for SharePoint Server you have to install the SharePoint Foundation fixes as well! Same for Project Server where you have to install the SharePoint Foundation and the SharePoint Server fixes.

All are available by clicking the same Hotfix Download Available link in the KB article for the release.

Here is link for all the updates:

For Sharepoint foundation you need 479135_intl_x64_zip.exe

Download SharePoint Foundation 2013 October 2014 CU

 

For Sharepoint server you need setup 479137_intl_x64_zip.exe, 479129_intl_x64_zip.exe, 479131_intl_x64_zip.exe (All below update needs to be installed)

Download SharePoint server 2013 October 2014 CU (KB2899469)

Download SharePoint server 2013 October 2014 CU (KB 2880962)

Download SharePoint server 2013 October 2014 CU (KB 2880485)

 

For Project server you need setup 479132_intl_x64_zip.exe

Download Project server 2013 October 2014 CU

 

For Office Web App you need setup 479136_intl_x64_zip.exe

Download Office web App server 2013 October 2014 CU

 

The KB articles for October CU are available at the following locations:

  • KB 2889946 – SharePoint Foundation 2013 October 2014 CU
  • KB 2899469, KB 2880962, KB 2880485 – SharePoint Server 2013 October 2014 CU
  • KB 2752098 – Fix for SharePoint 2013 Indexing Connector for Documentum (if installed)
  • KB 2889959 – Project Server 2013 October 2014 CU
  • KB 2889898 – Office Web Apps Server 2013 October 2014 CU

Once the updated are downloaded, you need run the main setup file ubersrv.exe file, you will be able to extract and install the update:

Follow the same steps on all SharePoint servers in farm. Now run SharePoint PSconfig wizard on all servers.

For more information:

http://blogs.technet.com/b/stefan_gossner/archive/2014/10/14/october-2014-cu-for-sharepoint-2013-has-been-released.aspx

SharePoint DeadLock high CPU\Memory usage caused by SQL server

Yesterday there was a resource Dead lock in our environment. Here is the analysis of same.

In the log files I see below error:
Exception returned from back end service. System.ServiceModel.ServiceActivationException: The requested service, ‘http://SPserver:32843/cebdf111573e42e68f08f730c2273460/MetadataWebService.svc‘ could not be activated. See the server’s diagnostic trace logs for more information.    Server stack trace:      at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory1 factory, WebException responseException, ChannelBinding channelBinding)     at System.ServiceModel.Channels.HttpChannelFactory1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)     at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)     at System.ServiceModel.Channels.Securit…     0e0e6254-6880-426a-97ce-03d3bc471eba
…yChannelFactory1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)     at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)     at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)     at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)    Exception rethrown at [0]:      at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)     at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&amp; msgData, Int32 type)     at Microsoft.SharePoint.Taxonomy.IMetadataWebServiceApplication.GetServiceSettings(Guid rawPartitio...  0e0e6254-6880-426a-97ce-03d3bc471eba
...nId)     at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.&lt;&gt;c__DisplayClass32.&lt;ReadApplicationSettings&gt;b__31(IMetadataWebServiceApplication serviceApplication)     at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.&lt;&gt;c__DisplayClass2f.&lt;RunOnChannel&gt;b__2d() 0e0e6254-6880-426a-97ce-03d3bc471eba
Exception returned from back end service. System.ServiceModel.ServiceActivationException: The requested service, '<a href="https://mex07a.emailsrvr.com/owa/redir.aspx?C=KRbZSeF9uU29V-5zxS1tsTPNGKdIwdFIXZhCLbBay6Qs_9lUFUpcvQ2u__5EYKOJ_IUe70_2VYM.&amp;URL=http%3a%2f%2fsynhnjseza1521%3a32843%2fcebdf111573e42e68f08f730c2273460%2fMetadataWebService.svc" target="_blank">http://SPserver:32843/cebdf111573e42e68f08f730c2273460/MetadataWebService.svc</a>' could not be activated. See the server's diagnostic trace logs for more information.    Server stack trace:      at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory
1 factory, WebException responseException, ChannelBinding channelBinding)     at System.ServiceModel.Channels.HttpChannelFactory1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)     at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)     at System.ServiceModel.Channels.Securit...     81aba100-3f92-4c5b-9d20-53923c8db760
...yChannelFactory
1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)     at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)     at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)     at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)    Exception rethrown at [0]:      at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)     at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)     at Microsoft.SharePoint.Taxonomy.IMetadataWebServiceApplication.GetServiceSettings(Guid rawPartitio…  81aba100-3f92-4c5b-9d20-53923c8db760
…nId)     at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.<>c__DisplayClass32.<ReadApplicationSettings>b__31(IMetadataWebServiceApplication serviceApplication)     at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.<>c__DisplayClass2f.<RunOnChannel>b__2d() 81aba100-3f92-4c5b-9d20-53923c8db760

When try to browse “‘http://SPserver:32843/cebdf111573e42e68f08f730c2273460/MetadataWebService.svc‘” I got message which indicate resources are not available. I found that CPU usage on server is 80 % and RAM usage 95 %. SQL server alone was using 9 GB out of 12 GB.

Cause: SQL server has a default behavior to not release RAM after it is consumed. It stores recent transaction in RAM to increase server performance. But if you have other application running on same machine then those application(e.g. Sharepoint) will not get resource to perform their operation hence causing a deadlock. Soon due to repeated request from the server effect SQL server and we start getting error “SqlError: ‘A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections.”

Solution: It is a permanent solution to put a cap on SQL server RAM\Memory utilization. To do so follow below steps:
1. Open SQL server management Studio > Connect to SQL server instance. You can connect it using SQL or windows credentials
0072

  1. Right Click server go to Properties
    0073

  2. Select Memory

  3. For Max server Memory (in MB) Set Value which is about 40 % of total Memory available. I set it to 3500
    0074

  4. Click OK

  5. Right Click server and select restart
    0075
  6. You will get 2 prompt to stop and start the service. Click on Yes(Incase of SQL server 2012, you will get only 1 prompt to restart instead of 2)
    0071

Note: This will make sure SQL does not use more then assigned memory even if it is available. This is recommended only for environment which as DATABASE and Other APPLICATION on same system.

Exchange Active sync Message Size limit (Event 1008)

Noticed numerous 1008 event IDs on Exchange server describing about one user. Checked with user and found that he was sending message from his mobile device (Iphone) that was too large.
I tried to send a message with attachment of about 15MB using my device (Android), the same event was logged on server with my name. So stop the event from getting it reoccur, I deleted the message stuck in my Outbox.
I tried to find out the message size limit for Activesync which could be around 5-10MB on Exchange server but couldn’t find it anywhere. My send connector limit is 45MB and don’t have size limit set on Active Policy.
Need to know as where could I find the message size limit for Activesync to be changed to 20MB.

Event 1008:

An exception occurred and was handled by Exchange ActiveSync. This may have been caused by an outdated or corrupted Exchange ActiveSync device partnership. This can occur if a user tries to modify the same item from multiple computers. If this is the case, Exchange ActiveSync will re-create the partnership with the device. Items will be updated at the next synchronization.

URL=/Microsoft-Server-ActiveSync/default.eas?User=USERNAME&DeviceId=ApplC8WFDD8DDDP7&DeviceType=iPhone&Cmd=SendMail&SaveInSent=T

— Exception start —

Exception type: System.Web.HttpExceptionException message: Maximum request length exceeded.Exception level: 0
Exception stack trace: at System.Web.HttpRequest.GetEntireRawContent()at System.Web.HttpRequest.get_InputStream()at Microsoft.Exchange.AirSync.Command.get_InputStream()at Microsoft.Exchange.AirSync.Command.WorkerThread()

Solution:

The Exception message in Event 1008 states that Maximum request Length exceeded which is around 10MB i.e. cannot attach document to message that is more than 10 MB in size.

 

This setting can be found or changed in Web.config file in below location

C:\Program Files\Microsoft\Exchange Server\ClientAccess\Sync
<httpRuntime maxRequestLength=”10240″/> is set to 10 MB.
We can change it to 20480(25 MB)
</appSettings>
<system.web>
<!– Allow maximum 10 megs of content –>
<httpRuntime maxRequestLength=”10240″/>
<authentication mode=”Windows” />

 

Cannot access user mailbox using Outlook

In Exchange 2010 SP2 environment, trying to export mailbox to PST using command New-MailboxExportRequest which failed with the following:

VERBOSE: [14:29:34.478 GMT] New-MailboxExportRequest : Processing object “RequestGuid (5b9bbd13-eff0-491a-8d2b-a3bbf9224157), RequestQueue: (2b83b505-9dad-4f09-b2da-4c5759894e31)”. VERBOSE: [14:29:34.634 GMT] New-MailboxExportRequest : Couldn’t connect to the source mailbox. –> MapiExceptionUnknownUser: Unable to make connection to the server. (hr=0x80004005, ec=1003) Diagnostic context:     Lid: 59431   EMSMDB.EcDoConnectEx called [length=106]     Lid: 34855   EMSMDB.EcDoConnectEx returned [ec=0x3EB][length=56][latency=15]     Lid: 59505   StoreEc: 0x3EB     Lid: 52465   StoreEc: 0x3EB     Lid: 60065     Lid: 33777   StoreEc: 0x3EB     Lid: 59805     Lid: 52209   StoreEc: 0x3EB     Lid: 56583     Lid: 52487   StoreEc: 0x3EB     Lid: 19778     Lid: 27970   StoreEc: 0x3EB     Lid: 17730     Lid: 25922   StoreEc: 0x3EB VERBOSE: [14:29:34.649 GMT] New-MailboxExportRequest : Admin Audit Log: Entered Handler:OnComplete. Couldn’t connect to the source mailbox.     + CategoryInfo          : NotSpecified: (0:Int32) [New-MailboxExportRequest], RemotePermanentException     + FullyQualifiedErrorId : E8CB8120,Microsoft.Exchange.Management.RecipientTasks.NewMailboxExportRequest VERBOSE: [14:29:34.649 GMT] New-MailboxExportRequest : Ending processing &

So tried to access mailbox using Outlook, but it errors stating ‘Server cannot be found’. I can access mailbox from OWA (open another mailbox option) but when try to open mailbox as an additional mailbox in Outlook it fails.

Checked for Mapi protocol and found it to be enabled in mailbox features. Tried moving mailbox to another database, disconnected mailbox from original AD account, created new user account and reconnected to new user account to check for AD permission issue, still can’t access mailbox.

Solution:

Try to run New-MailboxExportRequest command for other users and if it works then the issue might be to a particular user mailbox. Please run following command to verify the issues related to problematic mailbox:

 

Get-Mailbox user1 | FL

Get-MailboxStatistics user1 | FL

 

Also check for AD Users and Computers and verify the attribute values for: LegacyExchangeDN and HomeMDB. LegacyExchangeDN value for any Exchange recipients (mailbox, resource mailbox, linked mailbox, contact, groups etc.) should be unique across AD forest.

While SMTP addressing is the de facto e-mail addressing standard, Exchange internally still uses an X.500 addressing scheme. Using X.500 implies that an X.500 is required, which is why mail objects in an Exchange organization such as mailboxes, require a properly populated legacyExchangeDN.

Clients like Outlook cache information like the legacyExchangeDN for name lookups.

Disable local contacts in Outlook from getting updated by Global Address List

Outlook 2010 users report that local contacts have track changes enabled in “notes” field. The local contacts get updated with Global Address List

Solution:

This is an updated feature of Outlook Social Connector which performs automatic update of locally stored Contacts and these change logs are stored in Notes to know what changes were made.

Outlook 2010

Go to the View ribbon >  People Pane > Account Settings > Settings > change the update option from Update without prompting to Prompt before update or Never update

0068

Outlook 2013

Go to File > Info > Account settings > Social Network > Settings > change the update option from Update without prompting to Prompt before update or Never update

0069

Outlook 2003 or 2007

The Account Settings dialog is accessed from Tools, Social Networking Account settings

OWA Virtual Directory missing in IIS after reinstalling CAS Role

One of my colleague mistakenly deleted OWA virtual directory from IIS. I tried uninstalled and reinstalled CAS server role but it fails with the following error message

Exchange Server component Client Access Role failed. Error: Error: An error occurred while creating the IIS virtual directory IIS://contoso.com/W3SVC/1/ROOT/owa on CAS1.

Cannot create a file when that file already exists.  (Exception from HRESULT: 0x800700B7)

Solution:

This seems OWA file already exists but the OWA Virtual Directory is not visible in IIS, this means the last uninstallation didn’t remove the virtual directory properly and this caused a bad cache in IIS Metabase causing the reinstallation from creating the OWA virtual directory. If OWA virtual Directory is not visible in IIS doesn’t mean it not exists, please check the IIS 7.0 Metabase

  1. Find adsutil.vbs script on the CAS server, usually it’s in SystemDriver\Inetpub\AdminScripts
  2. Then open cmd window, and “cd” to the above path
  3. Use the command below to check the metabase, see if there’s any remained trace about  /OWA virtual directory

Cscript adsutil.vbs enum w3svc/1/root

  • Try to uninstall iis and reinstall it back delete ClientAccessRole Key under HKLM\software\microsoft\exchange\v8.1 Go to ADSIEDIT => Exchange Servername object and change the value of msexchcurrentserver to 34
  • And start the CAS setup again
  • The IIS configuration files are located in ApplicationHost.config. This file is located in %windir%\system32\inetsrv\config. Found the below entry even with no owa vdir in IIS manager, remove the entries below and reinstall the CAS server role

<application path=”/owa/8.1.263.0″ applicationPool=”MSExchangeOWAAppPool”>
<virtualDirectory path=”/” physicalPath=”C:\ProgramFiles\Microsoft\Exchange Server\ClientAccess\owa\8.1.263.0″ />
</application>

  • Or if this doesn’t work then try the following steps:
  1. Remove CAS and Hub roles (if exists)
  2. Remove IIS from the server
  3. Restart the server
    Notes: If the ApplicationHost.config is still present, it can be deleted
  4. Reinstall IIS, and CAS and Hub roles (if exists)

Configure Outlook to use RPC over HTTP for internal network

We have Exchange 2010 server with CAS Array configured as mail.internaldomain.com. We have also configured TMG 2010 which has a rule for Outlook Anywhere. This rule listens to requests for external URL mail.externaldomain.com and routes the filtered traffic to internal URL mail.internaldomain.com.
When I configure my Outlook from internet using autodiscover it works fine configuring mail.internaldomain.com as Exchange server name and mail.externaldomain.com as proxy servername. And once configured outlook pops up for credentials in few seconds.

Also we have internal network which has access to internet but no access to internal Exchange environment. This network clients are serviced by DHCP for LAN configuration and uses internal DNS server and uses Outlook Anywhere. So when an Outlook is configured from this network, it takes around 3minutes to have credential pop up and 4-6 minutes when outlook says all folders are in sync. This seems to be quite long.
I tried to configure this network outlook profile using external DNS server and it takes just few seconds for configuring. Then when we used Netmon trace, we found that since the outlook in internal network uses internal DNS server it first tries to connect to internal server mail.internaldomain.com and resolve this instead of connecting to proxy server mail.externaldomain.com. So once outlook fails to connect to mail.internaldomain.com it tries proxy server mail.externaldomain.com and connects to it successfully. Also found in netmon that Outlook gets a response stating that this route is inaccessible for mail.internaldomain.com URL.

Can I force Outlook to connect to it’s proxyserver and disregard the internal servername?

Ans: Configure Outlook to use RPC over HTTP for internal network using the following settings:

  1. On the client computer where Outlook 2003 is installed, click Start, and then click Control Pane.

  2. In Control Panel, perform one of the following tasks:

  • If you are using Category View, in the left pane, under See Also, click Other Control Panel Options, and then click Mail.
  • If you are using Classic View, double-click Mail.
  1. In Mail Setup, under Profiles, click Show Profiles.

  2. In Mail, click Add.

  3. In New Profile, in the Profile Name box, type a name for this profile, and then click OK.

  4. In the E-mail Accounts wizard, click Add a new e-mail account, and then click Next.

  5. On the Server Type page, click Microsoft Exchange Server, and then click Next.

  6. On the E-mail Accounts page, do the following:

  • In the Microsoft Exchange Server box, type the fully qualified domain name (FQDN) of your back-end Exchange server where your mailbox resides.
  • Click to clear the Use Cached Exchange Mode check box.
  • In the User Name box, type the name of the user account that you want to use.
  • Click More Settings.
  1. In the Microsoft Exchange Server dialog box, do the following:
  • On the Connection tab, in the Connection pane, select either Connect using my Local Area Network (LAN) or Connect using Internet Explorer’s or a 3rd party dialer. Select the connection type based on the method that you use to connect to the Internet.
  • On the Connection tab, in the Exchange over the Internet pane, select the Connect to my Exchange mailbox using HTTP check box.
  • Click Exchange Proxy Settings.
  1. In the Exchange Proxy Settings dialog box, in the Connections Settings pane, perform the following steps:
  • Enter the FQDN of the RPC proxy server in the Use this URL to connect to my proxy server for Exchange box. The RPC proxy server is the Exchange server that users can connect to on the Internet. For example, type mail.contoso.com.
  • Select the Connect using SSL only check box.
  • If you want to enable mutual authentication, select the Mutually authenticate the session when connecting with SSL check box.
  • If you enabled mutual authentication, enter the FQDN of the RPC proxy server in the Principle name for proxy server box. Use the format: msstd:FQDN of RPC Proxy Server.
  • As an optional step, you can configure Outlook 2003 to connect to your Exchange server by default by using RPC over HTTP. To do this, select the check box next to On fast networks, connect to Exchange using HTTP first, then connect using TCP/IP.

The following figure shows the Exchange Proxy Settings dialog box.

Exchange Proxy Settings

0067

  1. In the Exchange Proxy Settings dialog box, in the Proxy authentication settings pane, in the Use this authentication when connecting to my proxy server for Exchange list, select either Basic Authentication or NTLM Authentication.

  2. Click OK in the Exchange Proxy Settings box, click OK in the Microsoft Exchange Server box, click Next on the E-mail Accounts page, click Finish to close the wizard, and then click OK.

Refer below article for further details:

http://technet.microsoft.com/en-us/library/aa996069%28v=exchg.65%29.aspx

Understanding of Application pools

Application pools define a set of Web applications that share one or more worker processes, they provide a convenient way to administer a set of Web sites and applications and their corresponding worker processes.

Web Site = IIS Virtual Server = SharePoint Web Application
Web Applications have Application Pools… You can manage your web apps in IIS manager.
Application Pools have Worker processes… You’ll see a section in your IIS manager for managing your app pools.

  1. Application Pool is more in relation to IIS than of SharePoint

  2. As you create and manage web applications using SharePoint, it gives you to create, manage and associate web applications with Application Pool. So you see the Application Pool creation and configuration options in SharePoint but its more related to IIS

  3. An application pool provides you with a way of isolating Web sites from each other even though they are being hosted on a common server. Each application pool is given its own set of server resources. That way, if a Web site crashes, it won’t effect sites in other application pools.

Example:

A good example of this is a Web site with a memory leak. If all of the Web sites hosted on a particular server were to share system resources, and one of the Web sites had a memory leak, it could potentially take memory away from the other hosted sites. If the leaky site were in its own application pool though, the memory leak would not effect any other site because each application pool has its own server resources (including memory).

Applicationpool

 Reference : http://skdeveloper.wordpress.com/2013/10/09/application-pools/