Mailbox Move onPrem EX2019 to EXO doesn't work - EWS problem

Schwandtner Roland 20 Reputation points
2024-03-13T14:08:21.13+00:00

When we try to migrate a onprem mailbox to exo we get an error in the migration batch:

The call to 'https://<ServerName>/EWS/mrsproxy.svc' failed. Error details: The HTTP request was forbidden with client authentication scheme 'Negotiate'. --> The remote server returned an error: (403) Forbidden.. --> The HTTP request was forbidden with client authentication scheme 'Negotiate'. --> The remote server returned an error: (403) Forbidden.

We check with HealthChecker.ps1 -> all OK:

[...]

MRS Proxy Enabled: True

Keep MRS Proxy disabled if you do not plan to move mailboxes cross-forest or remote

[...]

Name ExtendedProtection SslFlags IPFilteringEnabled URLRewrite Authentication


Default Web Site/EWS Allow True (128-bit) False Windows (Negotiate,NTLM) & anonymous (default setting)

[...]

In the Windows Application Eventlog I saw this:

Exception information: 

    Exception type: HttpException 

    Exception message: MRS proxy service is disabled

   bei Microsoft.Exchange.HttpProxy.MrsProxyRequestHandler.IsMrsRequest(HttpRequest request)

   bei Microsoft.Exchange.HttpProxy.ProxyModule.SelectHandlerForAuthenticatedRequest(HttpContext httpContext)

   bei Microsoft.Exchange.HttpProxy.ProxyModule.OnPostAuthorizeInternal(HttpApplication httpApplication)

   bei Microsoft.Exchange.HttpProxy.ProxyModule.<>c__DisplayClass21_0.<OnPostAuthorizeRequest>b__0()

   bei Microsoft.Exchange.Common.IL.ILUtil.DoTryFilterCatch(Action tryDelegate, Func2 filterDelegate, Action1 catchDelegate)

   bei System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()

   bei System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step)

   bei System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

I reenabled the MRSProxy by this commands without success:

Set-WebServicesVirtualDirectory "<ServerName>\EWS (Default Web Site)" -MRSProxyEnabled $false

Set-WebServicesVirtualDirectory "<ServerName>\EWS (Default Web Site)" -MRSProxyEnabled $true

I am running the HCW in newest version without errors.

Is there an another hint, who I can try???

Microsoft Exchange Hybrid Management
Microsoft Exchange Hybrid Management
Microsoft Exchange: Microsoft messaging and collaboration software.Hybrid Management: Organizing, handling, directing or controlling hybrid deployments.
1,873 questions
0 comments No comments
{count} votes

Accepted answer
  1. Kael Yao-MSFT 37,491 Reputation points Microsoft Vendor
    2024-03-14T01:49:58.8333333+00:00

    Hi @Schwandtner Roland

    Have you enabled basic authentication on the EWS virtual directory?

    If not please enable it and see if it can help with this issue.


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment". 

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful