none
ConfigureMsgService() 0x81002746 RRS feed

  • Question

  • I am trying to create an admin profile to enumerate contents of all mailboxes.  Here is what all I have done so far. 

    • I have ensured that all mailboxes are not hidden from Exchange address lists.
    • The user has access to all other mailboxes.

    The information store service was running in "Local System" account.  So I tried to change that and run it in domain admin user account.  However, I can't get the service to start in this account.  Looking at the event logs, I found the following messages.

    Unable to initialize the Microsoft Exchange Information Store service. Failed to initialize Security - Error 0x3f5.

    and

    Error 0x514 occurred while attempting to enable the "Generate Security Audits" privilege.
     
    To grant the Generate Security Audits privilege to the Microsoft Exchange service account, open the Windows Group Policy editor.
    If the computer is not a domain controller, select the Local Computer policy object.  
    If it is a domain controller, select the Browse button and select the "Domain Controllers.<domain>" container.  Within this container, select the "Default Domain Controllers Policy" object.
     Under either "Local Computer policy" or "Default Domain Controllers Policy", select the "Computer Configuration" container.  Under the "Computer Configuration" container, select the "Windows Settings" container.  Under the "Windows Settings" container, select the "Security Settings" container.  Under the "Security Settings" container, select the "Local Policies" container.  Under the "Local Policies" container, select the "User Rights Assignment" container.
      Under "User Rights Assignment", double-click the "Generate Security Audits" object and add the Microsoft Exchange service account to the  list of users granted the "Generate Security Audits" right.  Click "OK", and close the editor.

    When I try to update "Generate Security Audits" from "Local Group Policy Editor" I see that I can't update it, it is read only.  As shown in the attached screen.

    I have Exchange 2007 on Windows Server 2008 R2.  Is there any workaround for this problem?

    Friday, July 20, 2012 8:29 AM

Answers

  • Ok - so my article walks through several possible causes:

    • The mailbox really doesn’t exist.
    • The mailbox exists, but is hidden from the GAL.
    • The mailbox exists, isn’t hidden, but strange permissions have been set. Here are a couple examples.
    • Multiple GALs

    Which of these causes have you examined and eliminated as possible suspects?

    • Proposed as answer by DamianD Thursday, July 26, 2012 10:02 AM
    • Marked as answer by Quist ZhangModerator Friday, July 27, 2012 9:37 AM
    Wednesday, July 25, 2012 6:58 PM
    Answerer

All replies

  • Why would you want to change the way Exchange service runs? Don't do that!

    This needs to be done on the client side, not on the server (especially if it is a production server).

    Why can't you connect from Outlook? Or are you doing this programmatically?


    Dmitry Streblechenko (MVP)
    http://www.dimastr.com/redemption
    Redemption - what the Outlook
    Object Model should have been
    Version 5.3 is now available!


    Friday, July 20, 2012 5:44 PM
  • Dmitry,

    I need to be on Exchange Server, I want to create an admin profile that has access to other mailboxes.  I am trying iterate mailboxes and upload mailbox data to PST files.  I have created a user that has access to other mailboxes, but not able to create the profile.

    Thanks.
    Sunday, July 22, 2012 4:15 PM
  • No, it does not need to be on the server. And even if it is, there is absolutely no reason to mess with Exchange settings.

    What happen if you create a profile in Outlook and add the mailboxes in question as delegate mailboxes?


    Dmitry Streblechenko (MVP)
    http://www.dimastr.com/redemption
    Redemption - what the Outlook
    Object Model should have been
    Version 5.3 is now available!

    Monday, July 23, 2012 4:50 AM
  • Thanks for responding.

     

    I was trying to change Exchange settings because of information I got when looking for ConfigureMsgService() - 0x81002746.  Based on the following links I decided to update the Exchange Information Store service.

     

    http://social.technet.microsoft.com/Forums/is/smallbusinessserver/thread/b236eedc-1df0-4b1c-a553-fb88a543cda5

    http://blogs.msdn.com/b/stephen_griffin/archive/2011/10/13/the-elusive-0x81002746-error.aspx

     

    I have worked on a MAPI based somewhat similar project few years ago, I remember I was not able to enumerate Exchange mailboxes from Outlook, I was able to do so from Exchange Server, if I remember correctly problem is with IExchangeManageStore::GetMailboxTable() it didn't work with Outlook MAPI.  It has been sometime since I worked with MAPI; please take this information with a pinch of salt.

     

    Since I am trying to backup and restore mailboxes, I need to be able to enumerate mailboxes present users with the available mailboxes, and backup and recovery them based on user selection.

    Monday, July 23, 2012 11:11 AM
  • Nothing in either post (in my reading of the first and as the author of the second) remotely suggests fiddling with the way the information store runs.

    Let's back up to before you starting messing with Exchange settings - what was the first error you encountered and what were you doing when you hit it?

    Monday, July 23, 2012 4:35 PM
    Answerer
  • Hi Stephen,

    Thanks for responding.  I have downloaded MFCMapi code and referring to it as needed.  Great code!

    The error I am getting is when I am trying to create a admin profile (have provided code at the end, bit messy right now).  The error occurs for ConfigureMsgService() - 0x81002746.  I am running on Exchange Server 2007 on Windows Server 2008 R2.  Right now connecting to MAPI32.dll at C:\Windows\sysWoW64\mapi32.dll, I am not connecting to MAPI32.DLL explicitly will do that like MFCMapi soon.

    Thanks.

    Code snippet:

    HRESULT SSExchangeServerSession::CreateExchangeProfile(wstring &strProfileName)
    {
        HRESULT hr = S_OK;
    
        LPPROFADMIN pProfAdmin = NULL;
        LPSERVICEADMIN pMsgSvcAdmin = NULL;
        LPMAPITABLE pMsgSvcTable = NULL;
        LPSRowSet pRows = NULL;
    
        string strUserName;
        string strExchange;
    
        enum {iSvcName, iSvcUID, cptaSvc};
    
        SizedSPropTagArray(cptaSvc, sptCols) = 
        {
            cptaSvc,
            PR_SERVICE_NAME,
            PR_SERVICE_UID
        };
    
        MAPIINIT_0 MAPIINIT = {0, MAPI_MULTITHREAD_NOTIFICATIONS}; //for multi-threaded support
    
        //Initialize MAPI.
        hr = MAPIInitialize(&MAPIINIT);
    
        if (FAILED(hr)) 
        {
            //TODO: Log it!
            wprintf(L"Failed to initialize MAPI.\n");
            goto cleanup;
        }
    
        hr = MAPIAdminProfiles(0, &pProfAdmin);
    
        if (FAILED(hr)) 
        {
            //TODO: Log it!
            wprintf(L"Failed to get IProfAdmin Interface - %d.\n", hr);
            goto cleanup;
        }
    
        bool bProfileRetry = true;
    
    retry_profile:
    
        hr = pProfAdmin->CreateProfile((LPTSTR)strProfileName.c_str(), NULL, NULL, 0);
    
        //TEMP: profile exists, delete it, RIGHT NOW just move on.
        if (MAPI_E_NO_ACCESS == hr)
        {
            if (true == bProfileRetry)
            {
                pProfAdmin->DeleteProfile((LPTSTR)strProfileName.c_str(), 0);
                bProfileRetry = false; //re-try only once
                goto retry_profile;
            }
        }
    
        if (FAILED(hr)) 
        {
            //TODO: Log it!
            wprintf(L"Failed to create profile - %d.\n", hr);
            goto cleanup;
        }
    
        hr = pProfAdmin->AdminServices((LPTSTR)strProfileName.c_str(), NULL, NULL, 0, &pMsgSvcAdmin);
    
        if (FAILED(hr)) 
        {
            //TODO: Log it!
            wprintf(L"Failed to get IMsgServiceAdmin interface - %d.\n", hr);
            goto delete_profile;
        }
    
        // Add Exchange Server messaging service
        hr = pMsgSvcAdmin->CreateMsgService((LPTSTR)"MSEMS", (LPTSTR)"Microsoft Exchange", NULL, NULL);
    
        if (FAILED(hr)) 
        {
            //TODO: Log it!
            wprintf(L"Failed to create message service - %d.\n", hr);
            goto delete_profile;
        }
    
        hr = pMsgSvcAdmin->GetMsgServiceTable(0, &pMsgSvcTable);
    
        if (FAILED(hr)) 
        {
            //TODO: Log it!
            wprintf(L"Failed to get message service table - %d.\n", hr);
            goto delete_profile;
        }
    
        //Get the entry for the Exchange message service.
        SRestriction sres;
        sres.rt = RES_CONTENT;
        sres.res.resContent.ulFuzzyLevel = FL_FULLSTRING;
        sres.res.resContent.ulPropTag = PR_SERVICE_NAME_A;
        SPropValue spv;
        sres.res.resContent.lpProp = &spv;
        spv.ulPropTag = PR_SERVICE_NAME_A;
        spv.Value.lpszA = "MSEMS";
    
        hr = HrQueryAllRows(pMsgSvcTable, 
            (LPSPropTagArray) &sptCols,
            &sres,
            NULL,
            0,
            &pRows);
    
        if (FAILED(hr)) 
        {
            //TODO: Log it!
            wprintf(L"Failed to query all rows - %d.\n", hr);
            goto delete_profile;
        }
    
        //ConfigureMsgService() can't get along with UNICODE
        strUserName = SSWString2String(m_strUserName);
        strExchange = SSWString2String(m_strExchangeServer);
    
        //Set Exchange Server and user name.
        SPropValue spval[2];
        spval[0].ulPropTag = PR_PROFILE_UNRESOLVED_NAME;
        spval[0].Value.lpszA = (LPSTR)strUserName.c_str();
        spval[1].ulPropTag = PR_PROFILE_UNRESOLVED_SERVER;
        spval[1].Value.lpszA = (LPSTR)strExchange.c_str();
    
        // Configure msg service
        hr = pMsgSvcAdmin->ConfigureMsgService(
            (LPMAPIUID) pRows->aRow->lpProps[iSvcUID].Value.bin.lpb,
            0, NULL, 2, spval);
    
        if (FAILED(hr)) 
        {
            //TODO: Log it!
            wprintf(L"Failed to configure message service - %d.\n", hr);
            goto delete_profile;
        }
    
        hr = MAPILogonEx(
            0, 
            (LPTSTR)strProfileName.c_str(), 
            (LPTSTR)m_strPassword.c_str(), 
            MAPI_EXTENDED | MAPI_NO_MAIL | MAPI_NEW_SESSION, 
            &m_lpMapiSession);
    
        if (FAILED(hr)) 
        {
            //TODO: Log it!
            wprintf(L"Failed to logon - %d.\n", hr);
            goto delete_profile;
        }
    
    delete_profile:
    
        //delete profile, session stays valid.
        pProfAdmin->DeleteProfile((LPTSTR)strProfileName.c_str(), 0);
    
    cleanup:
    
        _SS_MAPI_FREE_PROWS(pRows);
        _SS_MAPI_RELEASE(pMsgSvcTable);
        _SS_MAPI_RELEASE(pMsgSvcAdmin);
        _SS_MAPI_RELEASE(pProfAdmin);
    
        //MAPIUninitialize();
    
        return hr;
    }
    

    Output:

    Failed to configure message service - -2130696378.


    Tuesday, July 24, 2012 9:17 AM
  • Ok - so my article walks through several possible causes:

    • The mailbox really doesn’t exist.
    • The mailbox exists, but is hidden from the GAL.
    • The mailbox exists, isn’t hidden, but strange permissions have been set. Here are a couple examples.
    • Multiple GALs

    Which of these causes have you examined and eliminated as possible suspects?

    • Proposed as answer by DamianD Thursday, July 26, 2012 10:02 AM
    • Marked as answer by Quist ZhangModerator Friday, July 27, 2012 9:37 AM
    Wednesday, July 25, 2012 6:58 PM
    Answerer
  • Thanks, I was able to resolve the problem.  The reason was Multiple GALs.

    Thursday, July 26, 2012 9:12 AM