Troubleshooting Active Directory and Exchange Server Connectivity with NetVanta UC

Version 3

     

    Troubleshooting Active Directory and Exchange Server Connectivity with NetVanta UC

     

    Introduction

    ADTRAN NetVanta UC Server is a real-time communications system that integrates with Microsoft® Active Directory and Exchange Server (versions 5.x and above) to provide advanced unified messaging functionality. This technical note provides troubleshooting methods to resolve problems when connecting to these network resources.

     

    For a list of initial requirements that must be met to integrate with Active Directory and Exchange Server, please see the ADTRAN NetVanta UC Server Planning and Deployment Guide.

     

    Active Directory

    To enable single sign on (SSO) authentication and integration with Microsoft Exchange Server, the following prerequisites must be met:

    • The host server must be a member of a domain.  Contact your server administrator to verify membership.
    • The Windows service account used to run the ADTRAN NetVanta UC Server Application Service  must have privileges to log on as a service and to access the Active Directory user objects you wish to authenticate against.
    • The service account must have sufficient privileges to open and store messages in Exchange mailboxes.  Privilege settings vary depending on the version of Exchange Server in use; see the ADTRAN NetVanta UC Server Configuration Guide.


    If access to the domain controller(s) is interrupted, the Application Service may restart to attempt to reconnect to Active Directory, and then fail to start if unable to contact a domain controller. Voice mail and other services will be unavailable during the restart.  A fault-tolerant Active Directory infrastructure is highly recommended. Design and maintenance of Active Directory is the responsibility of the user.

     

    Exchange Server

    UC Server connects to Exchange Server in a similar manner to Outlook clients and RIM BlackBerry Enterprise Server using the Microsoft Messaging API (MAPI) protocols.  If Outlook clients and/or BlackBerry Enterprise Server are not able to connect to Exchange or are experiencing similar issues to UC Server, first ensure that the Exchange Server infrastructure is available and operating properly. 

     

    If UC Server is the only Exchange Server client that is experiencing the issue, there may be a problem accessing the service account mailbox or the Exchange Server itself from the UC Server computer. Ensure that the server name and mailbox are set correctly in UC Client; see the NetVanta UC Server Administrator Guide.  To verify connectivity to Exchange Server apart from the UC Server software, use the Outlook installation or the third-party MFCMAPI utility (http://mfcmapi.codeplex.com).

     

    The following procedures will assist in the verification or troubleshooting of proper domain and Exchange setup and permissions. Please note that these steps are provided as a courtesy only, and ADTRAN Technical Support will not assist in troubleshooting any problems encountered while using the Microsoft programs.

     

    To verify privileged Exchange Server access using MFCMAPI in Exchange 2013

    *Instructions based on version 15.0.0.1042, 32-bit - NOTE, this process is only valid in Exchange 2013

    1. Log in to Windows on the UC Server computer using the service account.
    2. Open MFCMAPI by extracting the archive and running mfcmapi.exe
    3. Select Session → Logon
    4. Select OK to accept the default profile name.
    5. Select MDB →  Open Other Mailboxes →  From GAL.
    6. Select a mailbox that is linked to a UC server user and click OK.
    7. Select OK to accept the default options.
    8. Select Actions → Open Special Folders →  Inbox.
    9. Select the Inbox on the left pane and select Actions →  Open Contents Table.
    10. The user's messages should be visible.  If an error is displayed or no messages are visible, a problem exists with the service account's permissions on the mailbox, or the MAPI profile is corrupt.  Verify the permissions on this mailbox or consider rebuilding the MAPI profile using MFCMAPI (see below).
    11. Close all MFCMAPI windows.



    To verify privileged Exchange Server access using MFCMAPI in Exchange 2010 and previous versions

    *Instructions based on version 6.0.0.1024, 32-bit - NOTE, this process is not valid in Exchange 2013

    1. Log in to Windows on the UC Server computer using the service account.
    2. Open MFCMAPI by extracting the archive and running mfcmapi.exe.
    3. Select Actions → Logon and Display Store Table. 
    4. Select OK to accept the default profile name.
    5. The window should display the service account mailbox and Public Folders.  If this action fails, consider rebuilding the MAPI profile (see below) if the Exchange server is in working order.
    6. Select MDB → Open Other User's Mailbox.
    7. Select a mailbox that is linked to a UC Server user.
    8. Select OK to accept the default options.
    9. Select Special Folders → Inbox.
    10. Select Inbox at left, and select Actions → Open Contents Table.
    11. The user's messages should be visible.  If an error is displayed or no messages are visible, a problem exists with the service account's permissions on the mailbox, or the MAPI profile is corrupt.  Verify the permissions on this mailbox or consider rebuilding the MAPI profile using MFCMAPI (see below).
    12. Close all MFCMAPI windows.


    NOTES

    It can be normal to see mailbox properties with error codes, and these can be ignored in most cases:


    As long as MAPI does not return an error code such as the following when accessing the mailbox, the Exchange connection and permissions are operating properly in most cases. If any errors like these are encountered, they will need to be troubleshot separately with the Exchange administrator before calling ADTRAN Technical Support. If MFCMAPI is unable to open another user’s mailbox, ADTRAN will not assist in troubleshooting why the NetVanta UC Server is unable to access the mailbox.


    To verify privileged Exchange Server access using Microsoft Outlook 2007

    *As of UC version 5.0 and above, Microsoft Outlook is no longer supported as a connection method to Exchange. Instead, the MAPI-CDO tools are now a required part of any upgrade or installation. Thus, the following instructions are only relevant for older installations of NetVanta UC Server that have Microsoft Outlook installed on the same server.

    1. Log in to Windows on the UC Server computer using the service account.
    2. Open Microsoft Outlook.
    3. Click on the Tools menu and select Accounts.
    4. Select Microsoft Exchange Server and click Change.
    5. Select More Settings.
    6. Select the Mailbox tab.
    7. Click Add under Additional Mailboxes.
    8. Enter the name of a mailbox linked to UC Server and select OK.
    9. Select OK twice to close the window.
    10. Locate the additional mailbox in the Folder List and expand it.
    11. Select Inbox.
    12. The user's messages should be visible.  If an error is displayed or no messages are visible, a problem exists with the service account's permissions on the mailbox, or the MAPI profile is corrupt.  Verify the permissions on this mailbox or consider rebuilding the MAPI profile using MFCMAPI (see below).
    13. Close Microsoft Outlook.


    To delete and rebuild the MAPI profile for the service account using MFCMAPI

    *Instructions based on version 6.0.0.1024, 32-bit

    1. Log in to Windows on the UC Server computer using the service account.
    2. Open MFCMAPI by extracting the archive and running mfcmapi.exe.
    3. Select Profiles → Show Profiles.
    4. Select a profile and select Actions → Delete Profile.
    5. Repeat for any remaining profiles.
    6. Select Actions → Launch Profile Wizard.
    7. Click OK in the “Enter flags for LaunchWizard” window.
    8. Select “Microsoft Exchange Server” under “Use the following information services”.
    9. Click OK to accept the profile name.
    10. Enter your Exchange server name and service account mailbox name.
    11. Select No to “Do you travel with this computer?”.
    12. Select Finish.
    13. Close the Profiles window.
    14. Verify the profile by following the procedure above.