When you use a single server in your organization, but wish to publish Free/Busy for Exchange users from another organization (using the Add-AvailabilityAddressSpace cmdlet and InterOrg replication or third party solutions), it is important to remember the following:
DAV requests made by the Availability Service to the Schedule+ Free/Busy Public Folder in your organization are sent using HTTP, not HTTPS, to the /public virtual directory. By default, when you install the Client Access Server role on a computer, the virtual directories are configured to require SSL. In a single server environment, this will prevent the Availability Service from retrieving the Free/Busy information from Public Folders.In this scenario:
- You use the Add-AvailabilityAddressSpace cmdlet to define the access method and associated credentials that are used to publish and view free/busy information across organizations.
- Replication tools or scripts are typically used to create the disabled users/contacts and Free/Busy data in your organization.
Event Type: Error Event Source: MSExchange Availability Event Category: Availability Service Event ID: 4003 Description: Process 4204[w3wp.exe:/LM/W3SVC/1/ROOT/EWS-1-128632060327053920]: Microsoft.Exchange.InfoWorker.Common.Availability.PublicFolderRequest failed. The exception returned is Microsoft.Exchange.InfoWorker.Common.Availability.PublicFolderRequestProcessingException: The remote server returned an error: (403) Forbidden.. The request information is http://mail.domainname.com/public/?Cmd=freebusy&start=2008-08-04T12:00:00Z&end=2008-09-03T12:00:00Z&interval=30&u=user.name@domainname.com.. The Availability service could not successfully retrieve Schedule+ free/busy data for one or more legacy Exchange mailboxes. To find the root cause of this error, increase the diagnostic logging level of the MSExchange Availability service.For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. There are three workarounds for this scenario: 1. Move the Client Access Server role to another server. 2. Disable "Require SSL" for the /public virtual directory in the IIS manager. **You will likely wish to close port 80 for Internet access in to this server for security reasons. Using this method will allow external clients to successfully connect and use HTTPS, and will not lessen the security of the connections. Just because SSL is not required does not mean that it cannot be used. 3. A workaround that will allow ONLY Outlook 2007 clients to retrieve Free/Busy data (Outlook Web Access will still fail for these replicated users) could be to introduce the registry value below. This will force the clients to retrieve and publish Free/Busy data to a Public Folders folder - bypassing the Availability Service. The value is: Key: HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\Options\Calendar DWORD: UseLegacyFB Value: 1 The value choices for this key are: 0 (or not present) = default behavior of using the Availability Service 1 = Use public folder free/busy information It is important to remember that if the UseLegacyFB registry value is used, only Outlook users will be able to access Free/Busy data for the external users you have replicated! References: http://technet.microsoft.com/en-us/library/bb124122(EXCHG.80).aspx - Will Duff
Published Dec 04, 2008
Version 1.0The_Exchange_Team
Microsoft
Joined April 19, 2019
Exchange Team Blog
You Had Me at EHLO.