The request failed with HTTP status 401: Unauthorized Could not retrieve e12 webservice url

  • Article

PROBLEM: 

When attempting to migrate a user with move-dominomailbox using the Transporter for Lotus Notes for Exchange 2007, you may receive the following error:

The request failed with HTTP status 401: Unauthorized
Could not retrieve e12 webservice url

 

When running the same command with a -debug at the end of it, you may receive the following error:

DEBUG: Pinging URL (https://server.domain.com/ews/exchange.asmx)
DEBUG: Request failed with the error message (The request failed with HTTP status 401: Unauthorized.).

RESOLUTION:

 If you run the Transporter for Lotus Notes on the CAS server that you have specified for the Availability Service URL, you will need to disable the loopback check (DisableLoopbackCheck) on this CAS server.

Method 1: Disable the loopback check

1. Click Start, click Run, type regedit , and then click OK.
2. In Registry Editor, locate and then click the following registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

3. Right-click Lsa, point to New, and then click DWORD Value.
4. Type DisableLoopbackCheck , and then press ENTER.
5. Right-click DisableLoopbackCheck, and then click Modify.
6. In the Value data box, type 1 , and then click OK.
7. Quit Registry Editor, and then restart your computer.

 

Method 2: Specify host names

To specify the host names that are mapped to the loopback address and can connect to Web sites on your computer, follow these steps:

1. Click Start, click Run, type regedit , and then click OK.
2. In Registry Editor, locate and then click the following registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0

3. Right-click MSV1_0, point to New, and then click Multi-String Value.
4. Type BackConnectionHostNames , and then press ENTER.
5. Right-click BackConnectionHostNames, and then click Modify.
6. In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
7. Quit Registry Editor, and then restart the IISAdmin service.

 

 

 

MORE INFORMATION:

You can additionally test this by connecting to the same URL (https://server.domain.com/ews/exchange.asmx) from both the CAS server itself, and from a different machine on the same domain. The CAS server will be unable to login and reprompt for credentials. The other machine will be able to log in fine and display the XML fine. This is an issue with how we only allow connections to the FQDN of the machine name, the external name we have specified in the url does not match this.

ie. if the server name is server.internaldomainname.com and external to your company you specify it as server.domain.com.