none
The impersonation principal name is invalid on Exchange 2013 RRS feed

  • Question

  • Hi,

    I have some code for accessing a mailbox of several users using an impersonation account with the role ApplicationImpersonation. This code works against my Exchange 2010 server. But when I run the same code against my 2013 Exchange server I get the error "The impersonation Principal is invalid" Account is configured on both servers with

    New-ManagementRoleAssignment –Name:impersonationAssignmentName –Role:ApplicationImpersonation –User:serviceAccount

    Any ideas?

    Regards

    Danny

    Thursday, August 27, 2015 7:24 AM

Answers

  • PrincipalName should really be the UPN of the account if you use that your code should always work on any version of Exchange. It looks like your trying to use down-level username https://msdn.microsoft.com/en-us/library/windows/desktop/aa380525(v=vs.85).aspx . You might want to take a look in the EWSLogs on the CAS server and at the EventLog messages, I would say its failing to map the down-level user correctly, I would suggest you switch to using the UPN to avoid that issue.

    Chees
    Glen

    • Marked as answer by waaromikniet Wednesday, September 2, 2015 8:31 AM
    Wednesday, September 2, 2015 3:01 AM

All replies

  • I use this code:

    exchangeService.ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.PrincipalName, "danny");

    this gives me the error "The Impersonation Principal name is invalid". When I change the code to

    exchangeService.ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.SmtpAddress, "danny#exchangedev.local");

    It works. I used this code against Exchange 2010 and there the first line with ConnectingIdType.PrincipalName works and it doesn't work on Exchange 2013. Any ideas?

    Regards

    Danny

    Tuesday, September 1, 2015 7:23 AM
  • PrincipalName should really be the UPN of the account if you use that your code should always work on any version of Exchange. It looks like your trying to use down-level username https://msdn.microsoft.com/en-us/library/windows/desktop/aa380525(v=vs.85).aspx . You might want to take a look in the EWSLogs on the CAS server and at the EventLog messages, I would say its failing to map the down-level user correctly, I would suggest you switch to using the UPN to avoid that issue.

    Chees
    Glen

    • Marked as answer by waaromikniet Wednesday, September 2, 2015 8:31 AM
    Wednesday, September 2, 2015 3:01 AM
  • Thx Glen.

    Changed to UPN and it works for both servers.

    Wednesday, September 2, 2015 8:32 AM