When we try to migrate a onprem mailbox to exo we get an error in the migration batch:
The call to 'https://<ServerName>/EWS/mrsproxy.svc' failed. Error details: The HTTP request was forbidden with client authentication scheme 'Negotiate'. --> The remote server returned an error: (403) Forbidden.. --> The HTTP request was forbidden with client authentication scheme 'Negotiate'. --> The remote server returned an error: (403) Forbidden.
We check with HealthChecker.ps1 -> all OK:
[...]
MRS Proxy Enabled: True
Keep MRS Proxy disabled if you do not plan to move mailboxes cross-forest or remote
[...]
Name ExtendedProtection SslFlags IPFilteringEnabled URLRewrite Authentication
Default Web Site/EWS Allow True (128-bit) False Windows (Negotiate,NTLM) & anonymous (default setting)
[...]
In the Windows Application Eventlog I saw this:
Exception information:
Exception type: HttpException
Exception message: MRS proxy service is disabled
bei Microsoft.Exchange.HttpProxy.MrsProxyRequestHandler.IsMrsRequest(HttpRequest request)
bei Microsoft.Exchange.HttpProxy.ProxyModule.SelectHandlerForAuthenticatedRequest(HttpContext httpContext)
bei Microsoft.Exchange.HttpProxy.ProxyModule.OnPostAuthorizeInternal(HttpApplication httpApplication)
bei Microsoft.Exchange.HttpProxy.ProxyModule.<>c__DisplayClass21_0.<OnPostAuthorizeRequest>b__0()
bei Microsoft.Exchange.Common.IL.ILUtil.DoTryFilterCatch(Action tryDelegate, Func2 filterDelegate, Action
1 catchDelegate)
bei System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
bei System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step)
bei System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
I reenabled the MRSProxy by this commands without success:
Set-WebServicesVirtualDirectory "<ServerName>\EWS (Default Web Site)" -MRSProxyEnabled $false
Set-WebServicesVirtualDirectory "<ServerName>\EWS (Default Web Site)" -MRSProxyEnabled $true
I am running the HCW in newest version without errors.
Is there an another hint, who I can try???