Unable to validate EWS Connection Error
The most common error when connecting Exchange to CTS-Manager is the error listed below, and it covers an array of issues. "Failed to establish a connection to X.X.X.X with the information provided. Code: 501000... Unable to establish a connection with Microsoft Exchange server because Unable to validate exchange web service connection."
Resolution
To fix this, we need to go through each of the fields under Configure -> Microsoft Exchange Web Services as below.
- Check from the CTM CLI that we ping the CAS server with utils network ping [ip_address]. DNS also must be configured and able to resolve the CAS server in DNS forwards and backwards. Check this with utils network host [CAS_ip] and utils network host [CAS_hostname]. If either of those don't resolve, you need to fix your DNS entries
- Ensure Secure is selected if we are using an Exchange certificate. In almost almost all cases, we are.
- Ensure tcp port 443 is open between CTM and Exchange for Secure mode (80 for insecure mode). There is way to check this from CTM, you need to check your firewall rules.
- Ensure the CTS-Manager super user account exists in Active Directory. Reset its password if necessary.
- Ensure we are using the correct certificate. The best place to download this from is https://[Exchange_IP]/EWS/Exchange.asmx. If this page comes up, you also ensure EWS is running (Note: You do not need to sucessfully log in to download the cert). To download the certificate from Internet Explorer, go to the above URL and click the lock icon or Certificate error (depending on your version of IE). Click View Certificates and go to the Details tab. Click Copy to File... and save the cert as a DER encoded binary X.509 (.CER) file. Upload the certificate to CTS-Manager.