多林环境中的模拟会引发ErrorNonExistentMailbox

Question

我正在尝试使用位于用户林中的用户访问资源林中的Exchange，并模拟资源林中的邮箱。

为此，我们创建了一个联系人as described here，并将其添加到ApplicationImpersonation安全组as described here。

首先，模仿似乎有效，因为错误

  

该帐户无权模拟所请求的用户。

帐户一旦添加到ApplicationImpersonation群组，

就会消失。

但是，模拟用户仍然无法访问应该访问的文件夹;抛出的错误是

  

SMTP地址没有与之关联的邮箱。

现在，该错误消息似乎是错误的，不仅因为AutoDiscover将该服务器作为与该邮箱关联的Exchange服务器返回。但是这个错误消息的原因是什么？查找附加的EWS跟踪。

AutodiscoverConfiguration: <Trace Tag="AutodiscoverConfiguration" Tid="19" Time="2017-12-06 11:47:15Z">
Starting SCP lookup for domainName='maildomain.com', root path=''
</Trace>

AutodiscoverConfiguration: <Trace Tag="AutodiscoverConfiguration" Tid="19" Time="2017-12-06 11:47:15Z">
Searching for SCP entries in LDAP://CN=Configuration,DC=resourceforest,DC=local
</Trace>

AutodiscoverConfiguration: <Trace Tag="AutodiscoverConfiguration" Tid="19" Time="2017-12-06 11:47:15Z">
Scanning for SCP pointers Domain=maildomain.com
</Trace>

AutodiscoverConfiguration: <Trace Tag="AutodiscoverConfiguration" Tid="19" Time="2017-12-06 11:47:15Z">
No SCP pointers found for 'Domain=maildomain.com' in configPath='CN=Configuration,DC=resourceforest,DC=local'
</Trace>

AutodiscoverConfiguration: <Trace Tag="AutodiscoverConfiguration" Tid="19" Time="2017-12-06 11:47:15Z">
Scanning for SCP urls for the current computer Site=Default-First-Site-Name
</Trace>

AutodiscoverConfiguration: <Trace Tag="AutodiscoverConfiguration" Tid="19" Time="2017-12-06 11:47:15Z">
Adding (prio 1) 'https://autodiscover.maildomain.com/Autodiscover/Autodiscover.xml' for the 'Site=Default-First-Site-Name' from 'LDAP://CN=EXCHSRV,CN=Autodiscover,CN=Protocols,CN=EXCHSRV,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=EXCH,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=resourceforest,DC=local' to the top of the list (exact match)
</Trace>

AutodiscoverConfiguration: <Trace Tag="AutodiscoverConfiguration" Tid="19" Time="2017-12-06 11:47:15Z">
Determining which endpoints are enabled for host autodiscover.maildomain.com
</Trace>

AutodiscoverConfiguration: <Trace Tag="AutodiscoverConfiguration" Tid="19" Time="2017-12-06 11:47:15Z">
Request error: The remote server has returned an error: (401) Not authorized.
</Trace>

AutodiscoverConfiguration: <Trace Tag="AutodiscoverConfiguration" Tid="19" Time="2017-12-06 11:47:15Z">
Host returned enabled endpoint flags: Legacy, Soap, WsSecurity, OAuth
</Trace>

AutodiscoverRequestHttpHeaders: <Trace Tag="AutodiscoverRequestHttpHeaders" Tid="19" Time="2017-12-06 11:47:15Z">
POST /autodiscover/autodiscover.svc HTTP/1.1
Content-Type: text/xml; charset=utf-8
Accept: text/xml
User-Agent: ExchangeServicesClient/15.00.0913.015


</Trace>

AutodiscoverRequest: <Trace Tag="AutodiscoverRequest" Tid="19" Time="2017-12-06 11:47:15Z" Version="15.00.0913.015">
  <?xml version="1.0" encoding="utf-8"?>
  <soap:Envelope xmlns:a="http://schemas.microsoft.com/exchange/2010/Autodiscover" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
    <soap:Header>
      <a:RequestedServerVersion>Exchange2010_SP2</a:RequestedServerVersion>
      <wsa:Action>http://schemas.microsoft.com/exchange/2010/Autodiscover/Autodiscover/GetUserSettings</wsa:Action>
      <wsa:To>https://autodiscover.maildomain.com/autodiscover/autodiscover.svc</wsa:To>
    </soap:Header>
    <soap:Body>
      <a:GetUserSettingsRequestMessage xmlns:a="http://schemas.microsoft.com/exchange/2010/Autodiscover">
        <a:Request>
          <a:Users>
            <a:User>
              <a:Mailbox>existingmailbox@maildomain.com</a:Mailbox>
            </a:User>
          </a:Users>
          <a:RequestedSettings>
            <a:Setting>InternalEwsUrl</a:Setting>
            <a:Setting>ExternalEwsUrl</a:Setting>
          </a:RequestedSettings>
        </a:Request>
      </a:GetUserSettingsRequestMessage>
    </soap:Body>
  </soap:Envelope>
</Trace>

AutodiscoverResponseHttpHeaders: <Trace Tag="AutodiscoverResponseHttpHeaders" Tid="19" Time="2017-12-06 11:47:15Z">
HTTP/1.1 200 OK
Transfer-Encoding: chunked
request-id: 2595c423-85bb-4e19-95c0-69fff1b770cf
X-CalculatedBETarget: exchsrv.resourceforest.local
X-DiagInfo: EXCHSRV
X-BEServer: EXCHSRV
Persistent-Auth: true
X-FEServer: EXCHSRV
Cache-Control: private
Content-Type: text/xml; charset=utf-8
Date: Wed, 06 Dec 2017 11:44:00 GMT
Set-Cookie: X-BackEndCookie=S-1-5-21-1233478190-3624727864-577162443-1630=u56Lnp2ejJqBnJ7LyJ3LncnSzJvGnNLLzsma0p6eysbSnpnIns6czp3Mx5vOgYHNz87H0s/O0s/Kq87OxcvLxc/O; expires=Fri, 05-Jan-2018 11:44:01 GMT; path=/autodiscover; secure; HttpOnly
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET


</Trace>

AutodiscoverResponse: <Trace Tag="AutodiscoverResponse" Tid="19" Time="2017-12-06 11:47:15Z" Version="15.00.0913.015">
  <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:a="http://www.w3.org/2005/08/addressing">
    <s:Header>
      <a:Action s:mustUnderstand="1">http://schemas.microsoft.com/exchange/2010/Autodiscover/Autodiscover/GetUserSettingsResponse</a:Action>
      <h:ServerVersionInfo xmlns:h="http://schemas.microsoft.com/exchange/2010/Autodiscover" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
        <h:MajorVersion>15</h:MajorVersion>
        <h:MinorVersion>0</h:MinorVersion>
        <h:MajorBuildNumber>1347</h:MajorBuildNumber>
        <h:MinorBuildNumber>0</h:MinorBuildNumber>
        <h:Version>Exchange2013_SP1</h:Version>
      </h:ServerVersionInfo>
    </s:Header>
    <s:Body>
      <GetUserSettingsResponseMessage xmlns="http://schemas.microsoft.com/exchange/2010/Autodiscover">
        <Response xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
          <ErrorCode>NoError</ErrorCode>
          <ErrorMessage />
          <UserResponses>
            <UserResponse>
              <ErrorCode>NoError</ErrorCode>
              <ErrorMessage>No error.</ErrorMessage>
              <RedirectTarget i:nil="true" />
              <UserSettingErrors />
              <UserSettings>
                <UserSetting i:type="StringSetting">
                  <Name>InternalEwsUrl</Name>
                  <Value>https://exchsrv.maildomain.com/EWS/Exchange.asmx</Value>
                </UserSetting>
                <UserSetting i:type="StringSetting">
                  <Name>ExternalEwsUrl</Name>
                  <Value>https://exchsrv.maildomain.com/EWS/Exchange.asmx</Value>
                </UserSetting>
              </UserSettings>
            </UserResponse>
          </UserResponses>
        </Response>
      </GetUserSettingsResponseMessage>
    </s:Body>
  </s:Envelope>
</Trace>

EwsRequestHttpHeaders: <Trace Tag="EwsRequestHttpHeaders" Tid="19" Time="2017-12-06 11:47:15Z">
POST /EWS/Exchange.asmx HTTP/1.1
Content-Type: text/xml; charset=utf-8
Accept: text/xml
User-Agent: ExchangeServicesClient/15.00.0913.015
Accept-Encoding: gzip,deflate


</Trace>

EwsRequest: <Trace Tag="EwsRequest" Tid="19" Time="2017-12-06 11:47:15Z" Version="15.00.0913.015">
  <?xml version="1.0" encoding="utf-8"?>
  <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:m="http://schemas.microsoft.com/exchange/services/2006/messages" xmlns:t="http://schemas.microsoft.com/exchange/services/2006/types" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
    <soap:Header>
      <t:RequestServerVersion Version="Exchange2010_SP2" />
      <t:ExchangeImpersonation>
        <t:ConnectingSID>
          <t:SmtpAddress>existingmailbox@maildomain.com</t:SmtpAddress>
        </t:ConnectingSID>
      </t:ExchangeImpersonation>
    </soap:Header>
    <soap:Body>
      <m:GetFolder>
        <m:FolderShape>
          <t:BaseShape>AllProperties</t:BaseShape>
        </m:FolderShape>
        <m:FolderIds>
          <t:DistinguishedFolderId Id="calendar">
            <t:Mailbox>
              <t:EmailAddress>existingmailbox@maildomain.com</t:EmailAddress>
            </t:Mailbox>
          </t:DistinguishedFolderId>
        </m:FolderIds>
      </m:GetFolder>
    </soap:Body>
  </soap:Envelope>
</Trace>

EwsResponseHttpHeaders: <Trace Tag="EwsResponseHttpHeaders" Tid="19" Time="2017-12-06 11:47:15Z">
HTTP/1.1 500 Internal Server Error
Transfer-Encoding: chunked
request-id: 1027a792-caae-4b8b-99b9-33f35233e2e6
X-CalculatedBETarget: exchsrv.resourceforest.local
X-DiagInfo: EXCHSRV
X-BEServer: EXCHSRV
Cache-Control: private
Content-Type: text/xml; charset=utf-8
Set-Cookie: exchangecookie=d43cb59780624405a5f6874f3c5186f9; expires=Thu, 06-Dec-2018 11:44:01 GMT; path=/; HttpOnly,X-BackEndCookie=S-1-5-21-1233478190-3624727864-577162443-1630=u56Lnp2ejJqBnJ7LyJ3LncnSzJvGnNLLzsma0p6eysbSnpnIns6czp3Mx5vOgYHNz87H0s/O0s/Kq87OxcvLxc/O; expires=Fri, 05-Jan-2018 11:44:01 GMT; path=/EWS; secure; HttpOnly
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Persistent-Auth: true
X-Powered-By: ASP.NET
X-FEServer: EXCHSRV
Date: Wed, 06 Dec 2017 11:44:00 GMT


</Trace>

EwsResponse: <Trace Tag="EwsResponse" Tid="19" Time="2017-12-06 11:47:15Z" Version="15.00.0913.015">
  <?xml version="1.0" encoding="utf-8"?>
  <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
    <s:Body>
      <s:Fault>
        <faultcode xmlns:a="http://schemas.microsoft.com/exchange/services/2006/types">a:ErrorNonExistentMailbox</faultcode>
        <faultstring xml:lang="de-DE">The SMTP address has no mailbox associated with it.</faultstring>
        <detail>
          <e:ResponseCode xmlns:e="http://schemas.microsoft.com/exchange/services/2006/errors">ErrorNonExistentMailbox</e:ResponseCode>
          <e:Message xmlns:e="http://schemas.microsoft.com/exchange/services/2006/errors">The SMTP address has no mailbox associated with it.</e:Message>
          <t:MessageXml xmlns:t="http://schemas.microsoft.com/exchange/services/2006/types">
            <t:Value Name="SmtpAddress">existingmailbox@maildomain.com</t:Value>
          </t:MessageXml>
        </detail>
      </s:Fault>
    </s:Body>
  </s:Envelope>
</Trace>

Answer 1

我认为模拟用户也必须拥有邮箱。