Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

Users from a federated organization cannot see the free/busy information of anotherExchange organization


View products that this article applies to.

When you configure a federation trust between a local Microsoft Exchange Server organization and a remote Exchange Server organization, users from cannot see the free/busy information of the users in the remote organization.

Additionally, the following errors are logged in the event log on the local Exchange server:

Event ID: 4001
Task Category: Availability Service
Level: Error
Keywords: Classic
User: N/A
Computer: <Computer-Name>
Description:
\rocess Microsoft.Exchange.InfoWorker.Common.Delayed`1[System.String]: SMTP:user@contoso.com failed. Exception returned is Microsoft.Exchange.InfoWorker.Common.Availability.AutoDiscoverFailedException: Autodiscover failed for e-mail address SMTP:user@contoso.com with exception Microsoft.Exchange.InfoWorker.Common.Availability.AutoDiscoverFailedException: The request to the Autodiscover service at 'https://autodiscover.right.com/autodiscover/autodiscover.svc/WSSecurity' failed due to an invalid response.

Also, HTTP 500 responses returned for Availability requests on the remote forest Exchange server are logged as follows in the W3SVC logs:

↑ Back to the top


Cause

This issue occurs because the WSSecurity property of the "EWS" virtual directory or the "Autodiscover" virtual directory is disabled on the Client Access servers in the local Exchange Server 2010 organization.

↑ Back to the top


Resolution

Exchange 2016 or Exchange 2013
To resolve this issue, reset the WSSecurity authentication for the virtual directories on the Exchange Back End site for each server in the remote organization.

  1. Open Windows Powershell and add the Exchange Management snap-in.
    Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn 
  2. Disable WSSecurity authentication for the EWS virtual directory using the Set-WebServicesVirtualDirectory cmdlet.
    Set-WebServicesVirtualDirectory "<ServerName>\ews (Exchange Back End)" -WSSecurityAuthentication:$False 
  3. Enable WSSecurity authentication for the EWS virtual directory using the Set-WebServicesVirtualDirectory cmdlet.
    Set-WebServicesVirtualDirectory "<ServerName>\ews (Exchange Back End)" -WSSecurityAuthentication:$True 
  4. Disable WSSecurity authentication for the Autodiscover virtual directory using the Set-AutodiscoverVirtualDirectory cmdlet.
    Set-AutodiscoverVirtualDirectory "<ServerName>\Autodiscover (Exchange Back End)" -WSSecurityAuthentication:$False 
  5. Eable WSSecurity authentication for the Autodiscover virtual directory using the Set-AutodiscoverVirtualDirectory cmdlet.
    Set-AutodiscoverVirtualDirectory "<ServerName>\Autodiscover (Exchange Back End)" -WSSecurityAuthentication:$True 
  6. Restart the application pools using the Restart-WebAppPool cmdlet.
    Restart-WebAppPool MSExchangeAutodiscoverAppPool
    Restart-WebAppPool MSExchangeServicesAppPool

Exchange 2010
To resolve this issue, reset the WSSecurity authentication for the virtual directories on each Client Access server in the remote organization.

  1. Open the Exchange Management Shell.
  2. Disable WSSecurity authentication for the EWS virtual directory using the Set-WebServicesVirtualDirectory cmdlet.
    Set-WebServicesVirtualDirectory "<ServerName>\ews (Default Web Site)" -WSSecurityAuthentication:$False 
  3. Enable WSSecurity authentication for the EWS virtual directory using the Set-WebServicesVirtualDirectory cmdlet.
    Set-WebServicesVirtualDirectory "<ServerName>\ews (Default Web Site)" -WSSecurityAuthentication:$True 
  4. Disable WSSecurity authentication for the Autodiscover virtual directory using the Set-AutodiscoverVirtualDirectory cmdlet.
    Set-AutodiscoverVirtualDirectory "<ServerName>\Autodiscover (Default Web Site)" -WSSecurityAuthentication:$False 
  5. Enable WSSecurity authentication for the Autodiscover virtual directory using the Set-AutodiscoverVirtualDirectory cmdlet.
    Set-AutodiscoverVirtualDirectory "<ServerName>\Autodiscover (Default Web Site)" -WSSecurityAuthentication:$True 
  6. Restart the application pools using the follow syntax:
    appcmd stop appPool /appPool.name:MSExchangeAutodiscoverAppPool
    appcmd start appPool /appPool.name:MSExchangeAutodiscoverAppPool

    appcmd stop appPool /appPool.name:MSExchangeServicesAppPool
    appcmd start appPool /appPool.name:MSExchangeServicesAppPool

↑ Back to the top


Keywords: kbsurveynew, kbtshoot, kbexpertiseinter, kb

↑ Back to the top

Article Info
Article ID : 2752387
Revision : 2
Created on : 5/2/2018
Published on : 5/2/2018
Exists online : False
Views : 397