The MailBox Replication Service was unable to connect to the Remote Server using the credentials provided. Please check the credentials and try again. The call to 'https://webmail.blah.com/EWS/mrsproxy.svc' Failed. Error details: The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate,NTLM'. --> The Remote Server returned an error: (401) Unauthorized.. --> The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate,NTLM'. --> The Remote Server returned an error: (401) Unauthorized. + CategoryInfo : NotSpecified: (:) [New-MoveRequest],RemotePermanentException +9,Microsoft.Exchange.Man agement.Migration.MailBoxReplication.MoveRequest.NewMoveRequest + PSComputerName : outlook.office365.com
所以我测试了Test-MigrationServerAvailability -ExchangeRemoteMove -RemoteServer webmail.blah.com -Credentials $UserName<#>使用以下3种类型的PSCredentials:
UserName1 : <domain>\<SamAccountName> UserName2 : <SamAccountName> UserName3 : <SamAccountName>@<domain> (UPN)
使用UserName1和UserName2,我得到
RunspaceId : 3966b356-0f49-46c3-9373-e914827fc6ed Result : Success Message : ConnectionSettings : <ExchangeConnectionSettings HasAdminPrivilege="True" HasAutodiscovery="False" HasMrsProxy="True" AutodiscoverUrl="" IncomingEmailAddress="" IncomingRPCProxyServer="webmail.blah.ccom" IncomingExchangeServer="webmail.blah.com" IncomingNSPIServer="" IncomingDomain="" IncomingUserName="UserName<#>" EncryptedIncomingPassword="something" IncomingAuthentication="Basic" ServerVersion="" TargetDomainName="" SourceMailBoxLegDn="" PublicFolderDatabaseServerLegacyDN="" IsPublicFolderMailBoxesMigrationSource="False" /> SupportsCutover : False ErrorDetail : IsValid : True Identity : ObjectState : New
但是使用UserName3我得到:
RunspaceId : 3966b356-0f49-46c3-9373-e914827fc6ed Result : Failed Message : The connection to the server 'webmail.blah.com' Could not be completed. ConnectionSettings : SupportsCutover : False ErrorDetail : Microsoft.Exchange.Migration.MigrationServerConnectionFailedException: The connection to the server 'webmail.blah.com' Could not be completed. ---> Microsoft.Exchange.MailBoxReplicationService.RemotePermanentException: The MailBox Replication Service was unable to connect to the Remote Server using the credentials provided. Please check the credentials and try again. The call to 'https://webmail.blah.com/EWS/mrsproxy.svc' Failed. Error details: The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate,NTLM'. --> The Remote Server returned an error: (401) Unauthorized.. --> The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate,NTLM'. --> The Remote Server returned an error: (401) Unauthorized. ---> Microsoft.Exchange.MailBoxReplicationService.RemotePermanentException: The call to 'https://webmail.blah.com/EWS/mrsproxy.svc' Failed. Error details: The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate,NTLM'. --> The Remote Server returned an error: (401) Unauthorized.. ---> Microsoft.Exchange.MailBoxReplicationService.RemotePermanentException: The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate,NTLM'. ---> Microsoft.Exchange.MailBoxReplicationService.RemotePermanentException: The Remote Server returned an error: (401) Unauthorized. --- End of inner exception stack trace --- --- End of inner exception stack trace --- --- End of inner exception stack trace --- at Microsoft.Exchange.MailBoxReplicationService.MailBoxReplicationServiceFault.<>c__displayClass97_0.<ReconstructAndThrow>b__0() at Microsoft.Exchange.MailBoxReplicationService.ExecutionContext.Execute(Action operation) at Microsoft.Exchange.MailBoxReplicationService.MailBoxReplicationServiceFault.ReconstructAndThrow(String serverName,Versioninformation serverVersion) at Microsoft.Exchange.MailBoxReplicationService.WcfClientWithFaultHandling`2.<>c__displayClass7_0.<CallService>b__0() at Microsoft.Exchange.Net.WcfClientBase`1.CallService(Action serviceCall,String context) at Microsoft.Exchange.MailBoxReplicationService.WcfClientWithFaultHandling`2.CallService(Action serviceCall,String context) at Microsoft.Exchange.Migration.MigrationExchangeProxyRpcclient.CanConnectTomrsProxy(Fqdn serverName,Guid mbxGuid,NetworkCredential credentials,LocalizedException& error) --- End of inner exception stack trace --- at Microsoft.Exchange.Migration.DataAccessLayer.ExchangeRemoteMoveEndpoint.VerifyConnectivity() at Microsoft.Exchange.Management.Migration.MigrationService.Endpoint.TestMigrationServerAvailability.InternalProcessEndpoint(Boolean fromAutodiscover) IsValid : True Identity : ObjectState : New
查看New-MoveRequest和Test-MigrationServer的TechNet文章,Credentials / RemoteCredential参数应接受UPN用户名.
这是Exchange 2013的限制吗?我可以使用UPN用户名远程PSSession到内部部署Exchange服务器,并导入CMDlet,所以我很遗憾为什么它不适用于从Office 365加载的New-MoveRequest和Test-MigrationServer?
NTLM不支持UPN格式,并且您没有kerberos票证,因此这可能是原因.您通常不会在Windows客户端/服务器上遇到此问题,因为大多数应用程序似乎都会重新格式化用户名reqeust.但是,如果您的samAccountName和UPN预修复不同,则凭据将不匹配.
我确定你的samAccountName和UPN前缀匹配帐户.如果没有,或者它们仍然失败,您应该能够在EWS上启用基本身份验证.这应该允许它回退到客户端并在服务器端被接受.由于这是O365连接,我认为我们可以安全地假设您已经使用HTTPS – 如果您使用Basic Auth作为凭据在计划文本中发送,这当然是至关重要的.
原文地址:https://www.jb51.cc/windows/368968.html
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。