This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 51%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECL%3C/text%3E%3C/svg%3E)
I'm trying to configure cross-forest availability between two trusted forest. Both forest have one 2016 Exchange server, real simple. Both share same email namespace. You know the drill, target forest has un-migrated users that are "Mail Users" and migrated users that are "Mailboxes" ... Source forest the opposite... unmigrated users are "Mailboxes" and migrated users are "Mail Users"
I have routing connectors and address space configured for source.local and target.local. Email routing is working perfectly!
Followed these articles:
https://learn.microsoft.com/en-us/exchange/architecture/client-access/availability-service-for-cross-forest-topologies?view=exchserver-2019
https://learn.microsoft.com/en-us/powershell/module/exchange/set-availabilityconfig?view=exchange-ps
Here is the info:
Email Name: contoso.com
Internal routing domains: Source.local, target.local
Step 1 Ran this on both forests:
Get-MailboxServer | Add-ADPermission -Accessrights Extendedright -Extendedrights "ms-Exch-EPI-Token-Serialization" -User "<Remote Forest Domain>\Exchange servers"
Step 2 ran this on both forest - this is where the confusion is, it says "ForestName" but it means SMTP address right? I've added contoso.com, target.local, source.local ... again I added all 3 domains because i don't know which one to use here
Add-AvailabilityAddressSpace -Forestname contoso.com -AccessMethod PerUserFB -UseServiceAccount $true
Step 3 did this on both forest - did this step because 1 and 2 weren't working
Set-AvailabilityConfig -PerUserAccount freebusyaccount (created a freebusy service account in both domains)
What am I missing? Autodiscover or something? Looking at freebusy for cross forest contact is showing the \\\\\\\\\\ .
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 22%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKY%3C/text%3E%3C/svg%3E)
Hi @Chau Le
The Forestname in step 2 is the target forest name.
Have you setup GALSync between the two forests?
The target forest name or the SMTP domain? how come for the source command you put the SMTP domain here but for target you put the forest name?
I did not set up GAL sync... I have ADMT running ... I enable non-migrated users as mail users ...which is like a contact... All that part is working.
Is there anything else I'm missing? I even turn on Outlook logging and try to look at freebusy but there is no logs that show up??? Shouldn't there be some log event in Exchange? Nothing is showing... please help
Finally got a event LOG: Migtest3 is the account in source (in target is a contact)
Log Name: Application
Source: MSExchange Availability
Date: 3/1/2022 10:15:42 PM
Event ID: 4001
Task Category: Availability Service
Level: Error
Keywords: Classic
User: N/A
Computer: NEXEX16A.NexfinityOne.local
Description:
Process Microsoft.Exchange.InfoWorker.Common.Delayed1[System.String]: <migtest3>SMTP:migtest3@source.local failed in application Free/Busy. Exception returned is Microsoft.Exchange.InfoWorker.Common.Availability.AutoDiscoverFailedException: Autodiscover failed for email address migtest3@source.local with error Microsoft.Exchange.InfoWorker.Common.Availability.AutoDiscoverFailedException: The underlying connection was closed: An unexpected error occurred on a send.. The request information is Discovery URL : https://mail.nexfinityonedev.com/autodiscover/autodiscover.xml, EmailAddress : <migtest3>SMTP:migtest3@source.local. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size) --- End of inner exception stack trace --- at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size) at System.Net.FixedSizeReader.ReadPacket(Byte[] buffer, Int32 offset, Int32 count) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result) at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size) at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size) at System.Net.ConnectStream.WriteHeaders(Boolean async) --- End of inner exception stack trace --- at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context) at System.Net.HttpWebRequest.GetRequestStream() at Microsoft.Exchange.InfoWorker.Common.Availability.AutoDiscoverRequest.BeginInvoke() --- End of inner exception stack trace --- . Name of the server where exception originated: NEXEX16A. LID: 56716. ---> Microsoft.Exchange.InfoWorker.Common.Availability.AutoDiscoverFailedException: The underlying connection was closed: An unexpected error occurred on a send.. The request information is Discovery URL : https://mail.nexfinityonedev.com/autodiscover/autodiscover.xml, EmailAddress : <migtest3>SMTP:migtest3@source.local. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size) --- End of inner exception stack trace --- at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size) at System.Net.FixedSizeReader.ReadPacket(Byte[] buffer, Int32 offset, Int32 count) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result) at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size) at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size) at System.Net.ConnectStream.WriteHeaders(Boolean async) --- End of inner exception stack trace --- at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context) at System.Net.HttpWebRequest.GetRequestStream() at Microsoft.Exchange.InfoWorker.Common.Availability.AutoDiscoverRequest.BeginInvoke() --- End of inner exception stack trace --- --- End of inner exception stack trace --- . Name of the server where exception originated: NEXEX16A. LID: 56716. This event may occur when the Free/Busy application cannot discover a corresponding application in the remote forest. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="MSExchange Availability" /> <EventID Qualifiers="49156">4001</EventID> <Level>2</Level> <Task>4</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2022-03-02T06:15:42.204397400Z" /> <EventRecordID>7313461</EventRecordID> <Channel>Application</Channel> <Computer>NEXEX16A.NexfinityOne.local</Computer> <Security /> </System> <EventData> <Data>Microsoft.Exchange.InfoWorker.Common.Delayed1[System.String]</Data>
<Data><migtest3>SMTP:migtest3@Source Technology .local</Data>
<Data>Free/Busy</Data>
<Data>Microsoft.Exchange.InfoWorker.Common.Availability.AutoDiscoverFailedException: Autodiscover failed for email address migtest3@Source Technology .local with error Microsoft.Exchange.InfoWorker.Common.Availability.AutoDiscoverFailedException: The underlying connection was closed: An unexpected error occurred on a send.. The request information is Discovery URL : https://mail.nexfinityonedev.com/autodiscover/autodiscover.xml, EmailAddress : <migtest3>SMTP:migtest3@Source Technology .local. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
--- End of inner exception stack trace ---
at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.FixedSizeReader.ReadPacket(Byte[] buffer, Int32 offset, Int32 count)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.ConnectStream.WriteHeaders(Boolean async)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context)
at System.Net.HttpWebRequest.GetRequestStream()
at Microsoft.Exchange.InfoWorker.Common.Availability.AutoDiscoverRequest.BeginInvoke()
--- End of inner exception stack trace ---
. Name of the server where exception originated: NEXEX16A. LID: 56716. ---> Microsoft.Exchange.InfoWorker.Common.Availability.AutoDiscoverFailedException: The underlying connection was closed: An unexpected error occurred on a send.. The request information is Discovery URL : https://mail.nexfinityonedev.com/autodiscover/autodiscover.xml, EmailAddress : <migtest3>SMTP:migtest3@Source Technology .local. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
--- End of inner exception stack trace ---
at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.FixedSizeReader.ReadPacket(Byte[] buffer, Int32 offset, Int32 count)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.ConnectStream.WriteHeaders(Boolean async)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context)
at System.Net.HttpWebRequest.GetRequestStream()
at Microsoft.Exchange.InfoWorker.Common.Availability.AutoDiscoverRequest.BeginInvoke()
--- End of inner exception stack trace ---
--- End of inner exception stack trace ---
. Name of the server where exception originated: NEXEX16A. LID: 56716</Data>
</EventData>
</Event>
Could this be some issue with TLS or something?
Hi @Chau Le
To my knowledge, you may need to first ensure autodiscover and GALSync for cross-forest availability to work.
Autodiscover:
You may refer to the following link (Cross-Forest Availability and the Autodiscover Service part) to either use the SCP method or DNS method:
How to Configure the Availability Service for Cross-Forest Topologies
While since there is a known issue on the DNS method, I would recommend using the SCP method.
(run cmdlet Export-AutodiscoverConfig -TargetForestDomainController "dc.contoso.com" -TargetForestCredential (Get-Credential) -MultipleExchangeDeployments $true)
For your reference: Cross forest free/busy lookup fails when target forest is Exchange Server 2013 or Exchange Server 2016
GALSync:
You may use FIM/MIM to do a GALSync between forests.
While based on my test, manually creating cross-forest mail contact should also work.
Please refer to this link: Manually Creating a cross-forest mail contact
You may need to manually configure few attributes in Active Directory.
After the configuration, the mail contact would appear as "cross-forest mail contact" in Exchange Admin Center.
Addition:
There is a known issue after you install April 2021 and May 2021 security update for Exchange 2019/2016/2013.
So I suppose you should also be affected.
Link: "(400) Bad Request" error during Autodiscover for per-user free/busy in a trusted cross-forest topology
Please refer to the workaround and check Method 1 part.
Instead of the service account, you may need to manually create a FBA account and use its credentials.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
The issue also is that both forest share the same email domain ... how does this impact autodiscover?
To me I suppose you may need an additional SMTP domain for Autodiscover to succeed. (Which is to say, use different SMTP domains for source and target forests)
Otherwise, Autodiscover would have no idea whether the target mailbox is in the source forest or in the target forest.
Right now I have the following:
Forest 1 mailbox user
Shared Email domain name: Contoso.com
2nd email address: Source.local
Send connector - target.local -> send to Forest 2
Forest 2 mail user
shared email domain name: contoso.com
2nd email address: Target.local
Send connector -> source.local -> send to Forest 2
Both forest have Contoso.com as Primary SMTP address. I think this is where the autodiscover is failing ... what should I do?
I suppose you may need to use the 2nd SMTP address (in this case use Source.local and Target.local) for autodiscover to work.
Then follow the steps to export autodiscover to scp to have Exchange servers be able to proxy availability requests between each other.
I found this:
and this
But both of these are unclear about the actual commands used. Meaning what to put for forestname? AD DOMAIN name or STMP name? This is the biggest confusion for me right now.
We have AD Domain Name, SMTP domain name, URL FQDNS, Autodiscover...
I may need a new post on this.
I suppose autodiscover would not work for a shared SMTP domain.
As you can see it is also mentioned in comments of this link: How to Configure the Availability Service for Cross-Forest Topologies
If it is possible to have the two forests to use different SMTP domains (use AD domain as SMTP domain should also work), the forestname here is the target SMTP domain (if you are using AD domain as SMTP domain, it is AD domain.Otherwise it would be SMTP domain).