We have an application that uses the exchange from IAS to XSUAA token. We send multiple requests to sync the folder and file but unfortunately, it is giving the unauthorized. Can you please help tell me if has any limit for multithreading?
Thanks
Related
I´m trying to get data from On-Prem Exchange Server (2016, with latest version) using MS Graph API in a non-hybrid environment.
I´ve registered the application in Azure AD, using application permissions and granted the admin consent already. After performing a http get operation it will give the following error:
Error authenticating with resource
After some research throughout the web I´ve found this article https://www.signorellidenis.com/en/graph-authenticationerror-trying-to-get-the-exchange-server-on-premises/
It seems that on Exchange side there is a missing authentication provider, so that all requests aren´t even forwarded from MS Graph to Exchange.
My questions are:
Does it work to perform requests to Exchange via MS Graph in a non-hybrid environment? There are no information in the official documentation about this issue.
Does it work without an authentication provider? Is there another way to perform requests in the environment? Or is the hybrid authentication necessary to do this?
Thank you very much in advance for any hints on this issue!
Just get a confirmation from Microsoft Support that It's not supported to make requests to pure on-premise Exchange 2016 via MS Graph.
MS Graph is designed for O365 cloud data. There is no permission to access on-premise resources.
In a hybrid environment, we can say that we use MS Graph as the interface to require the data. But it still most likely uses EWS to request data from on-premise.
The only way to access data from on-prem Exchange 2016 currently is hybrid deployments. See this document.
I have a requirement where I have to schedule a console application, which fetches certain records from database and calls an ASP.NET web API. Could someone help me with how to restrict the web API to not get called from anywhere else?
Please help me with any useful links, tips, or steps to follow.
There are a few ways you can lock down access to your application for an rpc call.
You can restrict access via IP with IP filtering.
If you're using windows authentication, you can grant permission to specific AD User or Groups in your web config file.
If you're using forms authentication and basically just need to make an RPC call, you can create an endpoint for your console app which accepts a username/password parameter (using https, of course).
If your setup is more advanced, you can use tokens and ASPNET Identity to limit access.
These are just a few ideas. Basically just google ASPNET security and you'll get a ton of ideas.
code:5001
message:"An internal error has occurred."
name:"Internal Error"
I get this error when I call getAccessTokenAsync in my outlook addin. In desktop version I get a another error with code:13003. With the AttachemntDemo sample I get the same errors.
You are most likely using an on-premises Exchange Server with a local Domain Account.
From the documentation:
13003
User Type not supported. The user isn't signed into Office with a valid Microsoft Account or Work or School account. This may happen if Office runs with an on-premises domain account, for example. Your code should ask the user to sign in to Office.
Also confirm that your server meets these requirements:
If the user is connected to Office 365 or Outlook.com, mail server requirements are all taken care of already. However, for users connected to on-premises installations of Exchange Server, the following requirements apply.+
The server must be Exchange 2013 or later.
Exchange Web Services (EWS) must be enabled and must be exposed to the internet. Many add-ins require EWS to function properly.
The server must have a valid authentication certificate in order for the server to issue valid identity tokens. New installations of Exchange server include a default authentication certificate. For more information, see Digital certificates and encryption in Exchange 2016 and Set-AuthConfig.
In order to access add-ins from the Office Store, the client access servers must be able to communicate with https://store.office.com.
:
Try to inspect the network traffic and see the actual request - there is more information about the error as this function is just a wrapper around the network request and does not give enough information.
I was receiving the same error and when checked the network request - discovered that I have to add one more application as a Pre-authorized application.
anyone can help me understand how to authenticate to exchange server for a server application on behalf of a user? My use case is to sync the mails of a user's mailbox and update the read state and deleted states with our server. Exchange online has rest API and Oauth to authenticate but that does not work with On Premise account? Is there a way I can authenticate for all the different deployments[exchange online and on premise] and access the Outlook mail?
We need to way to authenticate the user without trying to getting any credentials, so that our service can access mailbox without any need for prompt.
Seems your best bet would be to use impersonation, which would work in either EXO on on-prem. Your sever would require a service account in Exchange, then authenticate with the creds for that single account. Before synching mailbox, it would set the impersonation ID to the MB it was synching. Of course an Exchange admin would need to set up impersonation rights for your service account for every MB your service would examine, but that's easily done with a little PowerShell, and willingness on their part, of course.
I am trying to send mail using Exchange web service api.I am using autodiscover in order to retrieve the client profile.When I am trying send mail I am getting this error:
Microsoft.Exchange.WebServices.Data.ServiceResponseException:
The mailbox database is temporarily unavailable.
Any tips on how to resolve this would be greatly appreciated.