Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Wednesday, February 14, 2018 4:21 PM
Hi, I have exchange 2016. My EWS url link works when I copy and past it from EAC into a browser. But when I go to IIS on the exchange server and select the EWS and then its url link there it doesnt load the page. Then in event viewer I get the following error -
Protocol /EWS failed to process request from identity DOMAIN\Administrator. Exception: Microsoft.Exchange.Security.Authentication.BackendRehydrationException: Rehydration failed. Reason: Source server 'DOMAIN\Administrator' does not have token serialization permission.
at Microsoft.Exchange.Security.Authentication.BackendRehydrationModule.TryGetCommonAccessToken(HttpContext httpContext, Stopwatch stopwatch, CommonAccessToken& token)
at Microsoft.Exchange.Security.Authentication.BackendRehydrationModule.ProcessRequest(HttpContext httpContext)
at Microsoft.Exchange.Security.Authentication.BackendRehydrationModule.OnAuthenticateRequest(Object source, EventArgs args).
I have googled and found the following article - https://social.technet.microsoft.com/Forums/office/en-US/567586d7-e414-4235-bb13-64d2a1d86c8e/exchange-2013-ews-error-msexchange-backendrehydration-event-id-3002?forum=exchangesvrclients
This does not resolve the issue for me, as when I run the command it says-
WARNING: The appropriate access control entry is already present on the object "CN=SERVER01,CN=Se
Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=DOMAIMN,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=DOMAIN,DC=com" for account "DOMAIN\Administrator".
All replies (2)
Thursday, February 15, 2018 9:13 AM âś…Answered
Hi,
When we access to EWS URL from IIS Manager, it will access to //localhost/EWS. However, our EWS URL is "//domain.com/EWS/Exchange.asmx". It will display "HTTP 500" by "//localhost/EWS", thus it's fine.
However, for your error message, please double check the member of below Restricted Groups:
Domain Admins, Schema Admins, Enterprise Admins, Organization Management
If there're any suspicious members in this group, remove it and test it again.
Best Regards,
Allen Wang
Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact [email protected].
Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.
Tuesday, May 21, 2019 9:01 AM
Hmmm looks like CU12 has broken a few things no matter what I do (no dodgy permissions) I keep receiving the following when making EWS Calls using impersonation or real creds get the same errors....
Does MSFT really test things before deploying CU's... just seems recently the quality from MSFT has been shabby at best!
Protocol /EWS failed to process request from identity domain\user. Exception: Microsoft.Exchange.Security.Authentication.BackendRehydrationException: Rehydration failed. Reason: Source server 'domain\user' does not have token serialization permission.
at Microsoft.Exchange.Security.Authentication.BackendRehydrationModule.TryGetCommonAccessToken(HttpContext httpContext, Stopwatch stopwatch, CommonAccessToken& token)
at Microsoft.Exchange.Security.Authentication.BackendRehydrationModule.ProcessRequest(HttpContext httpContext)
at Microsoft.Exchange.Security.Authentication.BackendRehydrationModule.OnAuthenticateRequest(Object source, EventArgs args).