I am trying to use EWS on an Office 365 account however I get a return of (403 Forbidden)
ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2013);
service.Credentials = new WebCredentials("mv003237", "correctpw","domain");
service.AutodiscoverUrl("mv003237#domain.co.uk");
To login and view the Webservices file on outlook.com/EWS/Exchange.asmx I need to authenticate with mv003237#live.domain.co.uk
I have tried several combinations of this and still get the same error message.
Has anyone had a similar experience of connecting to an office 365 account before?
My WINDOWS login for this account does have a domain of RDG-HOME but I haven't seen a domain for login into OWA.
Many thanks in advance
If you've already removed the domain name (as Matt suggested in his comment) the one thing that remains is to automatically follow redirects in the autodiscover process.
Change your last line to
service.AutodiscoverUrl("mv003237#domain.co.uk", redirect => true);
to follow the redirection response that Exchange Online sends.
So the complete sequence then becomes:
ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2013);
service.Credentials = new WebCredentials("mv003237", "correctpw");
service.AutodiscoverUrl("mv003237#domain.co.uk", redirect => true);
Cannot comment due to low reputation score and hence responding as an answer.
Are you able to login into OWA with "mv003237#domain.co.uk"? If yes, have you tried by hardcoding Url instead of using Autodiscover to understand if issue is with Autodiscover or EWS. Try following instead of autodiscover call:
service.Url = new Uri(#"https://outlook.office365.com/ews/exchange.asmx");
If above works fine, subscribe to RedirectionUrlValidationCallback with AutodiscoverService and see which redirected URL is throwing 403. Or enable verbose logging with Trace* properties present on service object.
Related
I'm using the below code to create a new instance of Sharepoint datacontext:
spDataContext con = new spDataContext(new Uri("http://mysite/subsite/_vti_bin/ListData.svc"));
con.Credentials = CredentialCache.DefaultCredentials;
Then I try fetching the items by using
var result = con.testingList.ToList();
Then Below error shows:
"401 UNAUTHORIZED"
Here's the screenshot of the error:
But if I change the credentials by providing the sharepoint admin username and password, I am able to fetch the items.
con.Credentials = new NetworkCredential(username, password);
But the problem is: I want to use the current user's credentials instead of administrator account, since not all the items are supposed to be seen by current user.
Some addition information from the IIS:
At first, all authentication methods are enabled, then I tried turning off basic and digest authentication to see if it helps, but the exception still throws.
So how to fix this problem??
Check what account you are actually connecting with by inspecting a breakpoint, writing to a log or checking the server's audit trail/Logs (IIS/SharePoint) - are you sure it's a valid account and not an IUSR_xyz IIS account or something like that? Also check that you are not hitting a Kerberos "double hop" if you are working with a distributed architecture. This can often trip you up when adding another server/service to the mix.
In order to get this to work, you should configure the Authentication options in IIS as follows:
Anonymous Authentication - DISABLED
ASPNET Impersonation - DISABLED
Windows Authentication - ENABLED
You can use the CredentialCache.DefaultCredentials, but I would suggest switching from using the WCF services to using CSOM (Microsoft.SharePoint.Client).
At last the reason was:
I don't have the System.Web assembly in the class library, so the system was unable to get the CredentialCache.DefaultCredentials.
When consuming a dynamics nav web service I get the following error :
The request failed with HTTP status 401: Unauthorized.
However when I try it in a browser it works . I tried the following but its still not working :
service.UseDefaultCredentials = true;
service.PreAuthenticate = true;
also :
service.Credentials = new System.Net.NetworkCredential("XXXXX", "XXXX","XXXX");
I even tried using dynamics nav acces key but also it didn't work.
Any new suggestions ?
I know this thread is more than 4 years old, but i thought if somone is currently searching for this problem he will come across this trhead, like me.
There is currently a problem with NTLM and Xamarin (at the moment i write this, the problem also exists in .net core on MacOS).
See the links:
iOS: https://github.com/xamarin/xamarin-macios/issues/7770
Android: https://developercommunity.visualstudio.com/content/problem/756697/last-visual-studio-update-brakes-ntlm-authenticati.html
The solution is to use the "MonoWebRequestHandler". For a combined Android and iOS Solution check my latest post here
I hope i could save somones time with this post!
Several things might be wrong.
Did you check what kind of authentication the Service Tier is setup to?
Is there a default company set (or are you selecting a company in the URL).
Is NTLM on or off; these are all possible reasons this error might popup.
I think you're code should be like that
service.UseDefaultCredentials = false;
service.Credentials = new System.Net.NetworkCredential("XXXXX", "XXXX","XXXX");
You must enabled NTLM setting properties authentification if you are using PHP or Java Or XAMARIN
Use NTLM Authentication
This piece of code below is working for me (I wasn't really adjusting the Service Tier - it has more or less the default settings):
service.ClientCredentials.Windows.ClientCredential.Domain = <domain>;
service.ClientCredentials.Windows.ClientCredential.UserName = <username>;
service.ClientCredentials.Windows.ClientCredential.Password = <password>;
service.ClientCredentials.Windows.AllowedImpersonationLevel =
System.Security.Principal.TokenImpersonationLevel.Delegation;
If that above doesn't work try to get rid of the domain from the NetworkCredential - just use your username and password (if the client and the server are in the same domain, obviously).
Since yesterday, I tried to use the exchange web service but it was not able. Firstly when I was trying to access to the web service by the browser and the test program using Microsoft.Exchange.WebServices, there was an error 403 forbidden. But this issue I solved by unchecking require SSL option in IIS. And now the problem is when I try to access on the ews using my program, I encounter 401 unauthorized error, and if I try to browse the web service on the browser, only an empty page is returned (even when I browse the wsdl).
I tried to change the role and the password but it was not working.
Please help me to find out what I am missing.
Here is my test program code:
ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2010);
service.Credentials = new WebCredentials(username, password, domain);
service.Url =new Uri("server/EWS/Exchange.asmx");
ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(OnValidationCallback);
ExpandGroupResults groupResults = service.ExpandGroup(emailAddress);
The exception is on the last line
I found why the XML for the ews was not showing. It was because the IIS was not installed with basic authentication and Windows authentication. After installing those two authentication method, the web service shows its xml.
This is the link I referred: https://migrationwiz.zendesk.com/entries/506613-how-do-i-verify-ews-is-setup-properly
I'm a pretty new programmer. One of the things I've been tasked with at work is getting our custom tools to create draft emails and drop them into the draft email folder of the user running the tool. We presently use Exchange Server 2010 (but are in the process of migrating over to Exchange Online).
This link talks about a UseDefaultCredentials but I can't seem to work out how to implement it. I created an ExchangeService object called service and managed to interact with our Exchange server using this for credentials:
service.Credentials = new WebCredentials("my login name", "my password");
I'd like to be able to eliminate that from the code and have it use the credentials of the logged-in user who is using the tool. Is that possible?
ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2010);
service.Credentials = new WebCredentials(CredentialCache.DefaultNetworkCredentials);
if you use the defaultcredentials you can eliminate your posted code. Just set "UseDefaultCredentials" to True and don't set the Credentials manually. In this case the credentials of the User who is running your tool will be taken. I use that on my own and it works finde for me.
Greets, J
I am running into a very strange issue and I am convinced it is just something stupid that I am overlooking. Using the EWS managed API, I try to connect to a mailbox to read the contacts. Originally, I used the default credentials, in which case the auto discovery worked. The problem is that later on we want to run this on a server and impersonate a user, so I changed it by manually specifying the credentials. This then broke, even when using my own credentials.
As an example, this worked:
service = new ExchangeService(ExchangeVersion.Exchange2007_SP1);
service.AutodiscoverUrl("user#example.com", redirect => true);
This did not:
service = new ExchangeService(ExchangeVersion.Exchange2007_SP1);
service.UseDefaultCredentials = false;
service.Credentials = new NetworkCredential("user", "pass", "EXAMPLE_DOMAIN");
service.AutodiscoverUrl("user#example.com", redirect => true);
The given network credentials should be exactly the same as the default credentials, but when enabling the tracing, I get the response "401 Unauthorized" in the second case, so it is not acting as if it is the same.
What am I missing?
Ok, it seems that you need to use WebCredential("user", "pass", "EXAMPLE_DOMAIN"). I am not exactly sure why WebCredentials work but NetworkCredentials does not.