Skip to main content

How to Fix Microsoft Exchange 2013 to Office 365 Error ews/mrsproxy.svc' failed.The HTTP request was forbidden with client authentication scheme ‎’Negotiate‎’

1. The first part of the denial is that the Exchange 2013 server has to be set to "0" instead of "1" in their attributes.

2. Login to your DC and then search for ADSI Edit (Windows 2012/2016/2019 Server):

Change the "adminCount" setting to "1" and then reboot the server (NOTE: I saw that even on reboot, this flag remained. So I doubt it has anything to do with the http authentication.) This is when I then ran the following commands on the Exchange 2013 Server itself in EMS. This is the Microsoft article: https://support.microsoft.com/en-us/help/2975731/access-is-denied-error-when-you-try-to-move-mailboxes-to-exchange-onli but it had no impact at all on the error even after rebooting. It just came back.


3. Login to the CAS or Exchange Server and Open the Exchange Management Shell

4. Run the following command in the EMS:
[PS] c:\Windows\system32\Get-WebServicesVirtualDirectory | select *auth*

5. Look at the output for BasicAuthentication. You will see it set to false:



6. Run the command: Get-WebServicesVirtualDirectory | Set-WebServicesVirtualDirectory –BasicAuthentication $TRUE

NOTE: if it times out in CAS you can also run it on the Exchange Server or do it in the Exchange Admin Center under Servers >> Virtual Directories >> OWA (etc)

7. After this fix. Run the Microsoft Office 365 Hybrid Connection Wizard (You will need your O365 Administrator account and an AD account that is an Exchange organization administrator so that you can complete the wizard.


8. You will need to install the application on the CAS server itself (NOTE: Do not install it on Exchange or your local machine. It will just fail).

9. Run the Data Migration from the Exchange Admin Center after you verify that you have successfully configured the Hybrid tool (also make sure you have already assigned licenses to users and you have the Azure AD Connect tool already configured on your local domain controller.

(NOTE: You have to have a subscription active in Microsoft Azure or if you purchase from Rackspace then your account will have a Tenant account and you will be able to configure the tool).

10. ADFS Configuration using AD Directory Sync:
https://channel9.msdn.com/Series/Azure-Active-Directory-Videos-Demos/Configuring-AD-FS-for-user-sign-in-with-Azure-AD-Connect
https://www.youtube.com/watch?v=C4wbyAo2-sA


Lifesaver Credit (Thanks Guys!!!): 
http://bit.ly/2zCiuP0 (Jaap Wesselius)
http://bit.ly/2RLGvuv (Dan Djurasovic)
https://deansuzuki.net/2015/05/20/exchange-online-fixing-an-perplexing-exchange-migration-issue-part-1/

Helpful (Not Used, but relevant and may help others):
http://www.azure365pro.com/the-http-request-was-forbidden-with-client-authentication-scheme-negotiate/
http://blog.djurasovic.com/migrating-to-office-365-exchange-online-tips-and-tricks-from-the-field/
https://www.techieshelp.com/exchange-2013-change-owa-log-on-options/
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-user-signin

Popular posts from this blog

How to Fix /storage/core filesystem Out of Disk Space Error on VCSA 6.0U1

How to fix the error of " The /storage/core filesystem is out of disk space or inodes" Step 1: Login to the new VCSA 6.0U1 HTML5 web client. https://ip address:5480 Step 2: Enable SSH and Bash Shell Step 3: Login as root and type "shell" at Command> shell Step 4: df -h (Check if it's out of space) /dev/mapper/core_vg-core               50G   50G     0 100% /storage/core Step 5: Stop the services of VCSA:  hostname: # service vmware-vpxd stop hostname: # service vmware-vpxd status (make sure it is stopped) Step 6:  cd /storage/core Step 7: rm -rf *.tgz ( be CAREFUL ...do this in the wrong directory and you will be retrieving from a backup .) If you need help. Go to Cybercity ( http://www.cyberciti.biz/faq/delete-all-files-folder-linux/ )  Step 8: service vmware-vpxd restart Step 9: history -c Step 10:  Refresh the browser (https://ip address:5480). Now it's all green VMware KB

VMware Tools ISO Does Not Exist

1. You attempt to Install VMware Tools and you get the following error: The required VMware Tools ISO image does not exist or is inaccessible. vix error code = 21001 Unable to install VMware Tools. An error occurred while trayin got access image file "/user'/lib/vmware/isoimages/windows.iso" needed to install VMware Tools: 2 (no such file or directory). Please refer the product documentation or KB article 2129825 for details....blah blah blah you get the point. First...that KB article is wrong. It's 1036810: https://kb.vmware.com/s/article/1036810 2. Go to the latest VMware Tools of your OS (You don't need to be logged in): https://packages.vmware.com/tools/esx/latest/index.html 3. Download the ISO and then WinSCP the file or whatever method you want to use to copy the file to /usr/lib/vmware/isoimages/ The quick and easy way is to just mount it and then install the VMware Tools. If you want to get gritty! Follow on! 4. If you don't

How to Login to AWS using CLI with AzureSSO through Azure Active Directory

Testing on Windows 10 Release 1909  Prerequisite (Install Visual Studio Code and the AWS CLI if you don't have it already installed and your Azure Active Directory is already configured and processing authentication) 1. Install Node.Js https://nodejs.org/en/ (Use the LTS Edition/Version) 2. Check the node version in PowerShell or Windows Terminal: node --version && npm --version 3. npm install -g aws-azure-login *install will take about 15-20 minutes. Be patient and let it finish.  4. Configure your profile aws-azure-login --configure --profile=<<Name of your profile>> Example:  aws-azure-login --configure --profile=migrationking Pro Tip: It installs the profile on your machine under ~/.aws/config . You can edit the file with Visual Studio Code or Notepad++ #This will prompt to Enter the Azure AD details *** Azure Tenant ID: << Enter the Azure AD Tenant ID from the Azure AD application configuration for the AWS Account to be accessed>> Azure Tenant I