Sharepoint 2019 on-premise + site mailbox (401)

Tonyba 1 Reputation point
2020-12-05T00:48:55.353+00:00

we have a sharepoint 2019 farm

  • exchange

We have set up site mailbox for this article
https://learn.microsoft.com/ru-ru/sharepoint/administration/configure-site-mailboxes-in-sharepoint

4 months everything worked fine.

now site mailbox only works that have been created ,when trying to create a new site mail box

an error

"https://site/gpsites/gpsem" SharePoint, ошибка: "WebException - Status:RequestCanceled; Message:The request was aborted: The request was canceled.;HttpStatusCode:Unauthorized;HttpStatusDescription:Unauthorized;HttpResponseUri:https://site/gpsites/gpsem/_vti_bin/client.svc/ProcessQuery;ServerMicrosoft-IIS/10.0;ClientMachine:EXCH1;ResponseHeaders:{SPRequestDuration:3}{SPIisLatency:0}{x-ms-suspended-features:features=""}{MicrosoftSharePointTeamServices:16.0.0.10337: 1; RequireReadOnly}{Content-Type:text/plain; charset=utf-8}{Server:Microsoft-IIS/10.0}{WWW-Authenticate:NTLM,Bearer realm="c75851bd-836d-4a06-a573-44cba5a08042",client_id="00000003-0000-0ff1-ce00-000000000000",trusted_issuers="00000005-0000-0000-c000-000000000000@*,00000002-0000-0ff1-ce00-000000000000@keyman ,00000003-0000-0ff1-ce00-000000000000@c75851bd-836d-4a06-a573-44cba5a08042"}{X-Powered-By:nosniff}{Date:Tue, 24 Nov 2020 23:12:54 GMT}{Content-Length:16}".

The Get-AuthConfig command shows that an expired certificate was used

after replacing the certificate, the error changed

Can not connect site
"https://site/sed" SharePoint, ошибка: "WebException - Status:ProtocolError; Message:The remote server returned an error: (401) Unauthorized.;HttpStatusCode:Unauthorized;HttpStatusDescription:Unauthorized;HttpResponseUri:https://site/sed/_vti_bin/client.svc/ProcessQuery;ServerMicrosoft-IIS/10.0;ClientMachine:EXCH1;ResponseHeaders:{x-ms-diagnostics:3000006;reason="Token contains invalid signature.";category="invalid_client"}{SPRequestGuid:957393dd-b755-4094-a463-375847a23eab}{request-id:957393dd-b755-4094-a463-375847a23eab}{X-FRAME-OPTIONS:SAMEORIGIN}{client-request-id:957393dd-b755-4094-a463-375847a23eab}{SPRequestDuration:3}{SPIisLatency:0}{MicrosoftSharePointTeamServices:16.0.0.10337: 1; RequireReadOnly}{Server:Microsoft-IIS/10.0}{WWW-Authenticate:NTLM,Bearer realm="c75851bd-836d-4a06-a573-44cba5a08042",client_id="00000003-0000-0ff1-ce00-000000000000",trusted_issuers="00000005-0000-0000-c000-000000000000@*,00000002-0000-0ff1-ce00-000000000000@SB .gpsm.ru,00000003-0000-0ff1-ce00-000000000000@c75851bd-836d-4a06-a573-44cba5a08042"}{X-Powered-By:nosniff}{Date:Tue, 01 Dec 2020 19:08:13 GMT}{Content-Length:74}"

Test-SiteMailbox -BypassOwnerCheck -SharePointUrl "https://site"

Task ResultType
---- ----------
Loading AuthServer Success
Loading PartnerApplications Success
Checking PartnerApplication 'Exchange Online' Warning
Checking PartnerApplication 'SharePointEnterprise-70d3cf... Success
Loading AuthConfig Success
Checking ServiceName Success
Checking Current Certificate Success
Checking Previous Certificate Warning
Checking Next Certificate Warning
Checking SharePoint API Call Under Oauth Error

Test-OAuthConnectivity -Service EWS -TargetUri https://site -Mailbox aaaaa@site

Task ResultType
---- ----------
Checking EWS API Call Under Oauth Error

What do I need to fix to make the site mail box work?

Please help me

SharePoint Server Management
SharePoint Server Management
SharePoint Server: A family of Microsoft on-premises document management and storage systems.Management: The act or process of organizing, handling, directing or controlling something.
2,789 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Itch Sun-MSFT 2,556 Reputation points
    2020-12-07T07:52:59.337+00:00

    Hi @Tonyba

    Please try the steps below:

    1.Open IIS manager (Start | Control Panel | Administrative Tools | Internet Information Services Manager).  
    2. Expand the “Application Pools” node.  
    3. Right click the application pool which your project is using, and then select “Properties”.  
    4. Click “Identity” tab.  
    5. Choose “Local System” in the Predefined dropdown list.  
    

    If an Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


  2. Tony Bar 1 Reputation point
    2021-01-28T20:12:49.75+00:00

    I solved this problem in the following way.

    On Exchange

    1. Remove-PartnerApplication -Identity SharePointEnterprise-*********************

    On Sharepoint

    We need remove TrustedSecurityToken

    This command will help you

    Get-SPSecurityTokenServiceConfig

    Get-SPAppPrincipal -NameIdentifier

    Get-SPTrustedSecurityTokenIssuer

    Remove-SPTrustedSecurityTokenIssuer

    3) agane create site mail box

    Check-SiteMailboxConfig.ps1
    Set-SiteMailboxConfig.ps1

    0 comments No comments