Suppose you're testing your permissions and get either a
‘500’ or a ‘401’ error.
Use the following table to sort those issues
out.
HTTP
Response |
Most Likely Issue
|
Solution
|
500
|
The "test user" does
not exist in Exchange
or
is not mailbox enabled
|
Verify account exists in the
domain, it is enabled, a mailbox user (try to access the account in OWA
using the service account credentials)
|
The "SERVICE
ACCOUNT" cannot impersonate the "test user"
|
Verity there is a
management_role assignment "ApplicationImpersonation" (Ex10) or
ExtendedRights:"ms-Exch-EPI-Impersonation","ms-Exch-EPI-May-Impersonate"
(ex07) for the SERVICE ACCOUNT that is applied to the server or the user you
are attempting to test.
|
|
401
|
BASIC authentication is not
enabled for the EWS virtual directory in IIS
|
Set Basic authentication in IIS;
remember to restart IIS
|
The "SERVICE
ACCOUNT" is not authorized to submit requests to the CAS Server
|
Is this the account you granted
impersonate rights to? Are the creds correct? Paste the "ews
url" into a browser. Enter the service account creds, when
prompted. Do you see an EWS WSDL page?
|
Start with IIS Basic authentication on the
EWSvirtual directory. It’s the easiest to see / fix.