Aug 23 2017 01:53 PM
Exchange 2007/2013 Hybrid setup with a single Exchange 2013 CAS server. Hybrid Config Wizard completes without issue and mail is flowing - but I'm unable to move mailboxes to Exchange Online as end point creation fails with the following (appended)
1 - Certificate is issued by third party, valid and contains the server name as a SAN
2 - Internal mailbox moves work from 2007 to 2013 server
3 - mrsproxy is enabled on 2013 CAS
4 - Connecting to /ews/mrsproxy.svc on 2013 CAS asks for auth - as expected
5 - Account used is a member of Org Admins & Recipient Admins in Exchange on-premise
6 - Basic auth enabled on the EWS virtual directory on 2013 CAS
I've worked through this excellent article but I'm still stumped ..
PS C:\WINDOWS\system32> Test-MigrationServerAvailability -RemoteServer srv1.domain.com -ExchangeRemoteMove -Credentials (Get-Credential)
cmdlet Get-Credential at command pipeline position 1
Supply values for the following parameters:
RunspaceId : 87bd0333-22f5-423d-b176-15b90fede9c1
Result : Failed
Message : The connection to the server 'srv1.domain.com' could not be completed.
ConnectionSettings :
SupportsCutover : False
ErrorDetail : Microsoft.Exchange.Migration.MigrationServerConnectionFailedException: The connection to the server
'srv1.domain.com' could not be completed. --->
Microsoft.Exchange.MailboxReplicationService.RemoteTransientException: The call to
'https://srv1.domain.com/EWS/mrsproxy.svc' failed. Error details: Access is denied.. --->
Microsoft.Exchange.MailboxReplicationService.RemotePermanentException: Access is denied.
--- End of inner exception stack trace ---
at
Microsoft.Exchange.MailboxReplicationService.MailboxReplicationServiceFault.<>c__DisplayClass97_0.<ReconstructAndThrow>b__0()
at Microsoft.Exchange.MailboxReplicationService.ExecutionContext.Execute(Action operation)
at Microsoft.Exchange.MailboxReplicationService.MailboxReplicationServiceFault.ReconstructAndThrow(String serverName,
VersionInformation serverVersion)
at Microsoft.Exchange.MailboxReplicationService.WcfClientWithFaultHandling`2.<>c__DisplayClass7_0.<CallService>b__0()
at Microsoft.Exchange.Net.WcfClientBase`1.CallService(Action serviceCall, String context)
at Microsoft.Exchange.MailboxReplicationService.WcfClientWithFaultHandling`2.CallService(Action serviceCall, String
context)
at Microsoft.Exchange.Migration.MigrationExchangeProxyRpcClient.CanConnectToMrsProxy(Fqdn serverName, Guid mbxGuid,
NetworkCredential credentials, LocalizedException& error)
--- End of inner exception stack trace ---
at Microsoft.Exchange.Migration.DataAccessLayer.ExchangeRemoteMoveEndpoint.VerifyConnectivity()
at Microsoft.Exchange.Management.Migration.MigrationService.Endpoint.TestMigrationServerAvailability.InternalProcessEndpoin
t(Boolean fromAutoDiscover)
IsValid : True
Identity :
ObjectState : New
Aug 24 2017 02:39 AM
Hi Ian,
Can you try to do a IISReset ?
Aug 24 2017 02:58 AM
Hi Nuno - we actually bounced the server on several ocassions to no avail.
Aug 24 2017 03:05 AM
SolutionHi Ian,
Maybe the error is that Exchange Servers group could be a nested member of Organizational Management group. Once you removed it from Organization Management Group and set the admincount value to 0 and then reboot, the issue could be resolved.
You can see this article that describe your error https://support.microsoft.com/en-us/help/2975731/-access-is-denied-error-when-you-try-to-move-mailbo...
Aug 24 2017 05:44 AM
Sending you a virtual hug ! That was the issue. Thanks Nuno.
Aug 03 2020 05:58 AM
@Nuno Silva legend...thank you
Aug 24 2017 03:05 AM
SolutionHi Ian,
Maybe the error is that Exchange Servers group could be a nested member of Organizational Management group. Once you removed it from Organization Management Group and set the admincount value to 0 and then reboot, the issue could be resolved.
You can see this article that describe your error https://support.microsoft.com/en-us/help/2975731/-access-is-denied-error-when-you-try-to-move-mailbo...