Server 2008 - SETSPN duplicated (UM voice mail drops)

-

 

 

How to use SPNs when you configure Web applications that are hosted on Internet Information Services

UM Temporary authentication failure

Validate SPN mappings using Windows PowerShell

Exchange 2010 UM calls to voicemail drops

 

search for duplicate SPNs

c:\>setspn -X
Checking domain DC=msft,DC=com,DC=tw
Processing entry 0
SmtpSvc/TWmsftEX01 is registered on these accounts:
        CN=Administrator,CN=Users,DC=msft,DC=com,DC=tw
        CN=TWmsftEX01,CN=Computers,DC=msft,DC=com,DC=tw

SmtpSvc/TWmsftEX01.msft.com.tw is registered on these accounts:
        CN=Administrator,CN=Users,DC=msft,DC=com,DC=tw
        CN=TWmsftEX01,CN=Computers,DC=msft,DC=com,DC=tw

found 2 groups of duplicate SPNs.


c:\>setspn -D smtpsvc/twmsftex01.msft.com.tw twmsftex01
Unregistering ServicePrincipalNames for CN=TWmsftEX01,CN=Computers,DC=msft,DC=com,
DC=tw
        smtpsvc/twmsftex01.msft.com.tw
Updated object

 

Import-Module C:\Users\administrator.TSS\Documents\WindowsPowerShell\Modules\SPNValidation\spn.psm1

image

image

image

 

Log Name: System

Source: Microsoft-Windows-Security-Kerberos

Date: 1/13/2011 1:17:30 PM

Event ID: 3

Task Category: None

Level: Error

Keywords: Classic

User: N/A

Computer: TWMSFTEX01.msft.com.tw

Description:

A Kerberos Error Message was received:

on logon session

Client Time:

Server Time: 5:17:30.0000 1/13/2011 Z

Error Code: 0x7 KDC_ERR_S_PRINCIPAL_UNKNOWN

Extended Error: 0xc0000035 KLIN(0)

Client Realm:

Client Name:

Server Realm: MSFT.COM.TW

Server Name: smtpsvc/TWMSFTEX01.msft.com.tw

Target Name: smtpsvc/TWMSFTEX01.msft.com.tw@MSFT.COM.TW

Error Text:

File: 9

Line: efb

Error Data is in record data.

Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

<System>

<Provider Name="Microsoft-Windows-Security-Kerberos" Guid="{98E6CFCB-EE0A-41E0-A57B-622D4E1B30B1}" EventSourceName="Kerberos" />

<EventID Qualifiers="32768">3</EventID>

<Version>0</Version>

<Level>2</Level>

<Task>0</Task>

<Opcode>0</Opcode>

<Keywords>0x80000000000000</Keywords>

<TimeCreated SystemTime="2011-01-13T05:17:30.000000000Z" />

<EventRecordID>21458</EventRecordID>

<Correlation />

<Execution ProcessID="0" ThreadID="0" />

<Channel>System</Channel>

<Computer>TWMSFTEX01.msft.com.tw</Computer>

<Security />

</System>

<EventData>

<Data Name="LogonSession">

</Data>

<Data Name="ClientTime">

</Data>

<Data Name="ServerTime">5:17:30.0000 1/13/2011 Z</Data>

<Data Name="ErrorCode">0x7</Data>

<Data Name="ErrorMessage"> KDC_ERR_S_PRINCIPAL_UNKNOWN</Data>

<Data Name="ExtendedError">0xc0000035 KLIN(0)</Data>

<Data Name="ClientRealm">

</Data>

<Data Name="ClientName">

</Data>

<Data Name="ServerRealm">MSFT.COM.TW</Data>

<Data Name="ServerName">smtpsvc/TWMSFTEX01.msft.com.tw</Data>

<Data Name="TargetName">smtpsvc/TWMSFTEX01.msft.com.tw@MSFT.COM.TW</Data>

<Data Name="ErrorText">

</Data>

<Data Name="File">9</Data>

<Data Name="Line">efb</Data>

<Binary>3015A103020103A20E040C350000C00000000001000000</Binary>

</EventData>

</Event>

================================

Log Name: Application

Source: MSExchange Unified Messaging

Date: 1/13/2011 1:13:44 PM

Event ID: 1360

Task Category: UMCore

Level: Warning

Keywords: Classic

User: N/A

Computer: TWMSFTEX01.msft.com.tw

Description:

The Message Waiting Indicator Assistant failed to deliver the MWI notification '2/0 (unread/read)' for the UM-enabled mailbox 'Chen, David (TW - Taipei)(c62f437f-26a7-486b-a969-a2d2e1e8c69c)' associated with UM extension 'dachen@msft.com.tw'. Until this problem is corrected, the MWI state for this user may be out of sync. Additional information:

There are no more targets available to send an MWI message for user Chen, David (TW - Taipei).

Server TWMSFTEX01 failed with 1753 Error 0x6d9 (There are no more endpoints available from the endpoint mapper) from SendMwiMessage

Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

<System>

<Provider Name="MSExchange Unified Messaging" />

<EventID Qualifiers="32772">1360</EventID>

<Level>3</Level>

<Task>2</Task>

<Keywords>0x80000000000000</Keywords>

<TimeCreated SystemTime="2011-01-13T05:13:44.000000000Z" />

<EventRecordID>78366</EventRecordID>

<Channel>Application</Channel>

<Computer>TWMSFTEX01.msft.com.tw</Computer>

<Security />

</System>

<EventData>

<Data>2</Data>

<Data>0</Data>

<Data>Chen, David (TW - Taipei)(c62f437f-26a7-486b-a969-a2d2e1e8c69c)</Data>

<Data>dachen@msft.com.tw</Data>

<Data>

There are no more targets available to send an MWI message for user Chen, David (TW - Taipei).

Server TWMSFTEX01 failed with 1753 Error 0x6d9 (There are no more endpoints available from the endpoint mapper) from SendMwiMessage

</Data>

</EventData>

</Event>

==================================

Log Name: Application

Source: MSExchange Unified Messaging

Date: 1/13/2011 1:17:30 PM

Event ID: 1423

Task Category: UMCore

Level: Error

Keywords: Classic

User: N/A

Computer: TWMSFTEX01.msft.com.tw

Description:

The Unified Messaging server encountered an error while trying to process the message with header file "C:\Program Files\Microsoft\Exchange Server\V14\UnifiedMessaging\voicemail\c841f4cf-a203-4ea4-a48e-c0c5711362de.txt". Error details: "Microsoft.Exchange.UM.UMCore.SmtpSubmissionException: Submission to the Hub Transport server failed. The operation will be retried. ---> Microsoft.Exchange.Net.ExSmtpClient.AuthApiFailureException: Authentication failed to the SMTP server: The specified target is unknown or unreachable

at Microsoft.Exchange.Net.ExSmtpClient.SmtpAuth.AuthenticationProvider.GemsftPIClientResponse(Byte[] serverBlob)

at Microsoft.Exchange.Net.ExSmtpClient.SmtpAuth.AuthenticationProvider.GetAuthenticationString(String responseBlob, Boolean is64bitEncode)

at Microsoft.Exchange.Net.ExSmtpClient.SmtpAuth.HandleOutboundAuth(String mutualBlob, String targetSPN, Byte[] sslCertificatePublicKey, Byte[] sslSessionKey, Boolean firstTime)

at Microsoft.Exchange.Net.ExSmtpClient.SmtpTalk.Authenticate(NetworkCredential networkCredential)

at Microsoft.Exchange.Net.ExSmtpClient.SmtpClient.Submit(Boolean disableDelayedAck)

at Microsoft.Exchange.UM.UMCore.SmtpSubmissionHelper.SubmitMessage(MessageItem message, String senderAddress, String recipientAddress, OutboundConversionOptions submissionConversionOptions, InternalExchangeServer smtpServer)

at Microsoft.Exchange.UM.UMCore.SmtpSubmissionHelper.SubmitMessage(MessageItem message, String senderAddress, String recipientAddress, OutboundConversionOptions submissionConversionOptions, String requestId)

--- End of inner exception stack trace ---

Server stack trace:

at Microsoft.Exchange.UM.UMCore.SmtpSubmissionHelper.HandleTransientSmtpFailure(Exception e, InternalExchangeServer smtpServer, String recipientAddress)

at Microsoft.Exchange.UM.UMCore.SmtpSubmissionHelper.SubmitMessage(MessageItem message, String senderAddress, String recipientAddress, OutboundConversionOptions submissionConversionOptions, String requestId)

at Microsoft.Exchange.UM.UMCore.SmtpSubmitStage.InternalDoSynchronousWork()

at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr md, Object[] args, Object server, Int32 methodPtr, Boolean fExecuteInContext, Object[]& outArgs)

at System.Runtime.Remoting.Messaging.StackBuilderSink.AsyncProcessMessage(IMessage msg, IMessageSink replySink)

Exception rethrown at [0]:

at System.Runtime.Remoting.Proxies.RealProxy.EndInvokeHelper(Message reqMsg, Boolean bProxyCase)

at System.Runtime.Remoting.Proxies.RemotingProxy.Invoke(Object NotUsed, MessageData& msgData)

at Microsoft.Exchange.UM.UMCore.SynchronousPipelineStageBase.SynchronousWorkDelegate.EndInvoke(IAsyncResult result)

at Microsoft.Exchange.UM.UMCore.SynchronousPipelineStageBase.EndSynchronousWork(IAsyncResult r)"

Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

<System>

<Provider Name="MSExchange Unified Messaging" />

<EventID Qualifiers="49156">1423</EventID>

<Level>2</Level>

<Task>2</Task>

<Keywords>0x80000000000000</Keywords>

<TimeCreated SystemTime="2011-01-13T05:17:30.000000000Z" />

<EventRecordID>78473</EventRecordID>

<Channel>Application</Channel>

<Computer>TWMSFTEX01.msft.com.tw</Computer>

<Security />

</System>

<EventData>

<Data>C:\Program Files\Microsoft\Exchange Server\V14\UnifiedMessaging\voicemail\c841f4cf-a203-4ea4-a48e-c0c5711362de.txt</Data>

<Data>Microsoft.Exchange.UM.UMCore.SmtpSubmissionException: Submission to the Hub Transport server failed. The operation will be retried. ---&gt; Microsoft.Exchange.Net.ExSmtpClient.AuthApiFailureException: Authentication failed to the SMTP server: The specified target is unknown or unreachable

at Microsoft.Exchange.Net.ExSmtpClient.SmtpAuth.AuthenticationProvider.GemsftPIClientResponse(Byte[] serverBlob)

at Microsoft.Exchange.Net.ExSmtpClient.SmtpAuth.AuthenticationProvider.GetAuthenticationString(String responseBlob, Boolean is64bitEncode)

at Microsoft.Exchange.Net.ExSmtpClient.SmtpAuth.HandleOutboundAuth(String mutualBlob, String targetSPN, Byte[] sslCertificatePublicKey, Byte[] sslSessionKey, Boolean firstTime)

at Microsoft.Exchange.Net.ExSmtpClient.SmtpTalk.Authenticate(NetworkCredential networkCredential)

at Microsoft.Exchange.Net.ExSmtpClient.SmtpClient.Submit(Boolean disableDelayedAck)

at Microsoft.Exchange.UM.UMCore.SmtpSubmissionHelper.SubmitMessage(MessageItem message, String senderAddress, String recipientAddress, OutboundConversionOptions submissionConversionOptions, InternalExchangeServer smtpServer)

at Microsoft.Exchange.UM.UMCore.SmtpSubmissionHelper.SubmitMessage(MessageItem message, String senderAddress, String recipientAddress, OutboundConversionOptions submissionConversionOptions, String requestId)

--- End of inner exception stack trace ---

Server stack trace:

at Microsoft.Exchange.UM.UMCore.SmtpSubmissionHelper.HandleTransientSmtpFailure(Exception e, InternalExchangeServer smtpServer, String recipientAddress)

at Microsoft.Exchange.UM.UMCore.SmtpSubmissionHelper.SubmitMessage(MessageItem message, String senderAddress, String recipientAddress, OutboundConversionOptions submissionConversionOptions, String requestId)

at Microsoft.Exchange.UM.UMCore.SmtpSubmitStage.InternalDoSynchronousWork()

at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr md, Object[] args, Object server, Int32 methodPtr, Boolean fExecuteInContext, Object[]&amp; outArgs)

at System.Runtime.Remoting.Messaging.StackBuilderSink.AsyncProcessMessage(IMessage msg, IMessageSink replySink)

Exception rethrown at [0]:

at System.Runtime.Remoting.Proxies.RealProxy.EndInvokeHelper(Message reqMsg, Boolean bProxyCase)

at System.Runtime.Remoting.Proxies.RemotingProxy.Invoke(Object NotUsed, MessageData&amp; msgData)

at Microsoft.Exchange.UM.UMCore.SynchronousPipelineStageBase.SynchronousWorkDelegate.EndInvoke(IAsyncResult result)

at Microsoft.Exchange.UM.UMCore.SynchronousPipelineStageBase.EndSynchronousWork(IAsyncResult r)</Data>

</EventData>

</Event>

==================================

Comments

Post a Comment

Popular posts from this blog

E15 CU3–Update Failed–AD replicated Exceeded the tombstone lifetime.

-
Image
  Exchange 2013 CU3 The naming context is in the process of being removed or is not replicated http://technet.microsoft.com/en-us/library/replication-error-8452-the-naming-context-is-in-the-process-of-being-removed-or-is-not-replicated-from-the-specified-server(v=ws.10).aspx   C:\> REPADMIN /SHOWREPS Root\RDC01 DSA Options: IS_GC Site Options: (none) DSA object GUID: f1694974-47c4-4555-a214-db3c86854aeb DSA invocationID: f1694974-47c4-4555-a214-db3c86854aeb ==== INBOUND NEIGHBORS ====================================== CN=Schema,CN=Configuration,DC=lab7,DC=root     TW\AD02 via RPC         DSA object GUID: bfcc1053-e1da-46fd-8b9d-179c7992...
Read more

202301 - Exchange onpreme - PowerShell Serialization Payload Signing

-
Image
Released: January 2023 Exchange Server Security Updates https://techcommunity.microsoft.com/t5/exchange-team-blog/released-january-2023-exchange-server-security-updates/ba-p/3711808 https://microsoft.github.io/CSS-Exchange/Diagnostics/HealthChecker/SerializedDataSigningCheck/ 1.  Update KB5022143 (Exchange SU) 2. Run latest HealthCherker 3.  PowerShell Serialization Payload Signing https://microsoft.github.io/CSS-Exchange/Diagnostics/HealthChecker/SerializedDataSigningCheck/ Certificate signing of PowerShell serialization payload in Exchange Server https://support.microsoft.com/en-us/topic/certificate-signing-of-powershell-serialization-payload-in-exchange-server-90fbf219-b0dd-4b2c-8a68-9d73b3309eb1 4.  MonitorExchangeAuthCertificate    https://microsoft.github.io/CSS-Exchange/Admin/MonitorExchangeAuthCertificate/ 5.                 New-SettingOverride -Name "EnableSigningVerification" -Component Data -Secti...
Read more

Ticket: RemoteAPP certificate revocation check error

-
Image
  . certutil -f –urlfetch -verify <your_certificate>.cer From internet client (Win7 ultimate x64) Issuer:     CN=TWCA Secure CA -Evaluation Only     OU=SSL Certification Service Provider-Evaluation Only     O=TAIWAN-CA INC.     C=TW Subject:     CN=deep2.msft.com     OU=ITS     O=Msft Corporation     L=Taipei     S=Taiwan     C=TW Cert Serial Number: 04bd dwFlags = CA_VERIFY_FLAGS_ALLOW_UNTRUSTED_ROOT (0x1) dwFlags = CA_VERIFY_FLAGS_IGNORE_OFFLINE (0x2) dwFlags = CA_VERIFY_FLAGS_FULL_CHAIN_REVOCATION (0x8) dwFlags = CA_VERIFY_FLAGS_CONSOLE_TRACE (0x20000000) dwFlags = CA_VERIFY_FLAGS_DUMP_CHAIN (0x40000000) ChainFlags = CERT_CHAIN_REVOCATION_CHECK_CHAIN (0x20000000) HCCE_LOCAL_MACHINE CERT_CHAIN_POLICY_BASE -------- CERT_CHAIN_CONTEXT -------- ChainContext.dwErrorStatu...
Read more