none
Sharepoint 2016 Site Mailbox issues

    Question

  • Environment: Sharepoint 2016 and Exchange 2016.

    Followed Site Mailbox setup instructions to a "T", no errors running scripts or setting up partner application in Exchange. When I add the App, I get:

    We are having trouble connecting to Exchange Server

    The server might be temporarily unavailable. Please check back on this page in a few minutes. If this problem persists, please contact your system administrator.

    Error Code 10

    I suspect there is an issue with Oath, here is a ULS debug:

    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation Authentication Authorization atkg0 Verbose DynamicAugmentationEnabled: VsiteUser login null or empty. Returning VFALSE. eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation Authentication Authorization ax5ns Verbose Leaving Monitored Scope: (VsecurableObject::initIdentityFromRowset) Execution Time=0.0617647573981734; CPU Milliseconds=0; SQL Query Count=0; Parent=SPRequest.OpenWebInternal eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation Authentication Authorization ax5ns Medium ____HResult: 0x00000000 eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation Site Cache az4z8 Medium Looking up SPSite by ID a099eba2-d380-429f-90bf-6bc3fc470590 in memory. eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation Claims Authentication a1n25 High Token is for a windows account. eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation Site Cache az4z8 Medium Looking up SPSite by ID a099eba2-d380-429f-90bf-6bc3fc470590 in memory. eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation Site Cache az4z8 Medium Looking up SPSite by ID a099eba2-d380-429f-90bf-6bc3fc470590 in memory. eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation Application Authentication aiixd High The ouput name identifier generated by SPAppPrincipalName is '00000002-0000-0ff1-ce00-000000000000@test.com'. eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation App Management azevu Medium AppMngMinDb: Got SubscriptionId 0c37852b-34d0-418e-91c6-2ac25af4be5b from partion key.  SubscriptionId 00000000-0000-0000-0000-000000000000 is in the SPServiceContext. eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation App Management awfez Medium AppMngMinDb: Executing query: dbo.proc_AM_GetAppPrincipal on Legacy db with context subId: 00000000-0000-0000-0000-000000000000 and compositeKeyId: 0c37852b-34d0-418e-91c6-2ac25af4be5b eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation Application Authentication aiixd High The ouput name identifier generated by SPAppPrincipalName is '00000002-0000-0ff1-ce00-000000000000@5cf6e709-9cc5-4f40-be3c-1782490f8f97'. eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation App Management azevu Medium AppMngMinDb: Got SubscriptionId 0c37852b-34d0-418e-91c6-2ac25af4be5b from partion key.  SubscriptionId 00000000-0000-0000-0000-000000000000 is in the SPServiceContext. eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation App Management awfez Medium AppMngMinDb: Executing query: dbo.proc_AM_GetAppPrincipal on Legacy db with context subId: 00000000-0000-0000-0000-000000000000 and compositeKeyId: 0c37852b-34d0-418e-91c6-2ac25af4be5b eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation Authentication Authorization anto4 Medium Cannot find app with id 'i:0i.t|ms.sp.ext|00000002-0000-0ff1-ce00-000000000000@5cf6e709-9cc5-4f40-be3c-1782490f8f97'. eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation Authentication Authorization apyem Verbose ClientId 00000002-0000-0ff1-ce00-000000000000 is not a well known app principal eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation Claims Authentication ajau9 Verbose SPSecurityTokenServiceManager!GetTrustedSecurityTokenServiceByNameId: Searching trusted security token issuers for input 00000002-0000-0ff1-ce00-000000000000@5cf6e709-9cc5-4f40-be3c-1782490f8f97 eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation Application Authentication atfq8 Medium SPAppPrincipal not found for {i:0i.t|ms.sp.ext|00000002-0000-0ff1-ce00-000000000000@5cf6e709-9cc5-4f40-be3c-1782490f8f97}. Returning null. eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation App Management azevu Medium AppMngMinDb: Got SubscriptionId 0c37852b-34d0-418e-91c6-2ac25af4be5b from partion key.  SubscriptionId 00000000-0000-0000-0000-000000000000 is in the SPServiceContext. eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation App Management awfez Medium AppMngMinDb: Executing query: dbo.proc_AM_GetAppPrincipalPerms on Legacy db with context subId: 00000000-0000-0000-0000-000000000000 and compositeKeyId: 0c37852b-34d0-418e-91c6-2ac25af4be5b eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation App Management aoa6z Medium The app principal instance for app principal i:0i.t|ms.sp.ext|00000002-0000-0ff1-ce00-000000000000@test.com is not available. eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation App Management azevu Medium AppMngMinDb: Got SubscriptionId 0c37852b-34d0-418e-91c6-2ac25af4be5b from partion key.  SubscriptionId 00000000-0000-0000-0000-000000000000 is in the SPServiceContext. eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.60 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation App Management awfez Medium AppMngMinDb: Executing query: dbo.proc_AM_GetAppPrincipal on Legacy db with context subId: 00000000-0000-0000-0000-000000000000 and compositeKeyId: 0c37852b-34d0-418e-91c6-2ac25af4be5b eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.61 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation General ashar Medium SPSiteSubscriptionSettings: Constructor did not get a valid SiteSubscriptionId: not checking for flight or initializing TenantStore just yet eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.61 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation User Key ayswq Medium Successfully got user key for user. UserNameSuffix: '0#.w|test\test'. eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.61 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation Claims Authentication airze Verbose Current identity context: '{"elevated":"true","nameid":"."}' eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.61 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation Application Authentication axqoo Medium CreateDiagnosticsContext: Correlation id from oauth credentials is already set, returning null. eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.61 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation Application Authentication av8s0 Medium Authenticating using cached prefixes. Request: 'https://mail.test.lan/autodiscover/autodiscover.svc' Challenge: 'Bearer client_id="00000002-0000-0ff1-ce00-000000000000", trusted_issuers="00000003-0000-0ff1-ce00-000000000000@5cf6e709-9cc5-4f40-be3c-1782490f8f97", token_types="app_asserted_user_v1 service_asserted_app_v1",Basic realm="mail.test.lan",Negotiate,NTLM' Credentials: {"realm":"test.com","_isM4ElevationBehaviorEnabled":"true"} eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.61 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation Application Authentication bjvyq Medium Get ACS bearer token. eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.61 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation Monitoring nasq Medium Entering Monitored Scope (Auth.SPOAuth2SecurityTokenManager.IssueS2SAppToken). Parent=Authenticate OAuth2 Bearer challenge eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.61 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation Application Authentication aiv3l High Token request correlation id: 'd2e2489e-28b0-70f9-b42c-ea0c9e8907e5'. eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.61 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation Application Authentication bjvyo Medium OAuth Outgoing Token: {"typ":"JWT","alg":"RS256","x5t":"vLg1euR3yuxJ8bHv8cRcLhmwU4E"}.{"aud":"00000002-0000-0ff1-ce00-000000000000/mail.test.lan@test.com","iss":"00000003-0000-0ff1-ce00-000000000000@5cf6e709-9cc5-4f40-be3c-1782490f8f97","nbf":"1518203854","exp":"1518333454","nameid":"00000003-0000-0ff1-ce00-000000000000@5cf6e709-9cc5-4f40-be3c-1782490f8f97"} eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.63 w3wp.exe (0x339C) 0x3AD4 SharePoint Server Search Exchange Integration ah9c1 Medium ServiceRequestException: The request failed. The remote server returned an error: (401) Unauthorized. eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.63 w3wp.exe (0x339C) 0x3AD4 SharePoint Server Search Exchange Integration aiwxi Medium SearchServiceApplication::ExchangeAdapter::SharePoint CorrelationId:eee3489e-c825-70f9-b42c-e8e7b6f934b7; Exchange Request Id:111ee460-54f5-41a6-8382-7a48c456cb39; Diagnostic Info:2000009;reason="The issuer of the token is unknown. Issuer was '00000003-0000-0ff1-ce00-000000000000@5cf6e709-9cc5-4f40-be3c-1782490f8f97'.";error_category="invalid_issuer" eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.63 w3wp.exe (0x339C) 0x3AD4 SharePoint Server Search Exchange Integration ai1pi Medium Autodiscover Diagnostics EWS Client Version: 15.00.0913.015. Error code: UnauthorizedUser eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.63 w3wp.exe (0x339C) 0x3AD4 SharePoint Server Search Exchange Integration ai1pj Medium Autodiscover Diagnostics Response Headers: request-id: 111ee460-54f5-41a6-8382-7a48c456cb39  client-request-id: eee3489e-c825-70f9-b42c-e8e7b6f934b7  x-ms-diagnostics: 2000009;reason="The issuer of the token is unknown. Issuer was '00000003-0000-0ff1-ce00-000000000000@5cf6e709-9cc5-4f40-be3c-1782490f8f97'.";error_category="invalid_issuer"  Server: Microsoft-IIS/8.5  WWW-Authenticate: Bearer client_id="00000002-0000-0ff1-ce00-000000000000", trusted_issuers="00000003-0000-0ff1-ce00-000000000000@5cf6e709-9cc5-4f40-be3c-1782490f8f97", token_types="app_asserted_user_v1 service_asserted_app_v1", error="invalid_token",Basic realm="mail.test.lan",Negotiate,NTLM  X-Powered-By: ASP.NET  X-FEServer: MAIL  Date: Fri, 09 Feb 2018 19:36:52 GMT  Content-Length: 0 eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.63 w3wp.exe (0x339C) 0x3AD4 SharePoint Server Search Exchange Integration ajp7q Medium Unable to autodiscover using mail.test.lan as autodiscover domain, trying autodiscover.mail.test.lan. eee3489e-c825-70f9-b42c-e8e7b6f934b7
    02/09/2018 11:36:52.65 w3wp.exe (0x339C) 0x3AD4 SharePoint Foundation User Key ayswq Medium Successfully got user key for user. UserNameSuffix: '0#.w|test\test'. eee3489e-c825-70f9-b42c-e8e7b6f934b7

    Both servers are in the same domain, both have each other's certs trusted ( AD PKI ). 

    Friday, February 09, 2018 8:40 PM

All replies

  • Hi,

    Please run the Check script and confirm that a valid, trusted instance of SharePoint is available, review prerequisites, confirm AutoDiscover has been set-up properly with the Exchange Administrator.

    There is an article about configuring site mailboxes in SharePoint Server 2016, you can refer to it, and also there are some troubleshooting about the process, check if it is useful for you:

    https://technet.microsoft.com/en-us/library/jj552524%28v=office.16%29.aspx?f=255&MSPPError=-2147217396

    Thanks,

    Wendy


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Monday, February 12, 2018 8:50 AM
    Moderator
  • All prereqs met, check script confirms valid, autodiscover working perfectly both inside and outside organization. No DNS issues. Sharepoint otherwise working fine. Scripts all complete without issue and 0 errors. Error 10 persists.
    Monday, February 12, 2018 7:52 PM