Hallo,
ich bin dabei, zwei Exchange Organisation zu verbinden.
Verbindungen mit dem Microsoft Federation Gateway ist eingericht.
Folgende Information kann ich auf auf den einzeln Servern erfolgreich abfragen (Siehe weiter unten).
Rufe ich Get-FederationInformation mit den Daten der gewünschten Verbunddomäne auf kommt es zu einem Fehler das die Daten nicht abgerufen werden können.
Autodiscover ist jeweils von außen erreichbar.
Hat jemand eine Idee was noch eine Fehlerursache sein kann.
Vielen Dank für mögliche Hinweise.
Exchangeversionen:
Domain1: Version 15.1 (Build 1466.3)
Domain2: Version 15.1 (Build 466.34)
Fehlermeldung:
Get-FederationInformation -DomainName domain1.de -verbose
Verbundinformationen konnten nicht von der externen Organisation empfangen werden.
+ CategoryInfo : NotSpecified: (:) [Get-FederationInformation], GetFederationInformationFailedException
+ FullyQualifiedErrorId : [Server=EXCHANGE,RequestId=67067cfd-6a0e-4c91-ace5-25b59bb2dde8,TimeStamp=08.07.2019 08:
05:07] [FailureCategory=Cmdlet-GetFederationInformationFailedException] 6A2A119,Microsoft.Exchange.Management.Syst
emConfigurationTasks.GetFederationInformation
+ PSComputerName : exchange.domain2.lokal
Abgerufene Informationen.
Auf Exchangeserver in Domain1:
Get-FederationInformation -DomainName domain1.de -verbose
RunspaceId : 0734808f-3508-49d1-954e-7c091e145999
TargetApplicationUri : FYDIBOHF25SPDLT.domain1.de
DomainNames : {domain1.de}
TargetAutodiscoverEpr : https://autodiscover.domain1.de/autodiscover/autodiscover.svc/WSSecurity
TokenIssuerUris : {urn:federation:MicrosoftOnline}
Identity :
IsValid : True
ObjectState : Unchanged
Test-FederationTrust
Begin process.
STEP 1 of 6: Getting ADUser information for extest_57544029cdb44...
RESULT: Success.
STEP 2 of 6: Getting FederationTrust object for extest_57544029cdb44...
RESULT: Success.
STEP 3 of 6: Validating that the FederationTrust has the same STS certificates as the actual certificates published by the STS in the federation metadata.
RESULT: Success.
STEP 4 of 6: Getting STS and Organization certificates from the federation trust object...
RESULT: Success.
Validating current configuration for FYDIBOHF25SPDLT.domain1.de...
Validation successful.
STEP 5 of 6: Requesting delegation token...
RESULT: Success. Token retrieved.
STEP 6 of 6: Validating delegation token...
RESULT: Success.
Closing Test-FederationTrust...
RunspaceId : 0734808f-3508-49d1-954e-7c091e145999
Id : FederationTrustConfiguration
Type : Success
Message : FederationTrust object in ActiveDirectory is valid.
RunspaceId : 0734808f-3508-49d1-954e-7c091e145999
Id : FederationMetadata
Type : Success
Message : The federation trust contains the same certificates published by the security token service in its
federation metadata.
RunspaceId : 0734808f-3508-49d1-954e-7c091e145999
Id : StsCertificate
Type : Success
Message : Valid certificate referenced by property TokenIssuerCertificate in the FederationTrust object.
RunspaceId : 0734808f-3508-49d1-954e-7c091e145999
Id : StsPreviousCertificate
Type : Success
Message : Valid certificate referenced by property TokenIssuerPrevCertificate in the FederationTrust object.
RunspaceId : 0734808f-3508-49d1-954e-7c091e145999
Id : OrganizationCertificate
Type : Success
Message : Valid certificate referenced by property OrgPrivCertificate in the FederationTrust object.
RunspaceId : 0734808f-3508-49d1-954e-7c091e145999
Id : TokenRequest
Type : Success
Message : Request for delegation token succeeded.
RunspaceId : 0734808f-3508-49d1-954e-7c091e145999
Id : TokenValidation
Type : Success
Message : Requested delegation token is valid.
Get-FederatedOrganizationIdentifier
RunspaceId : 0734808f-3508-49d1-954e-7c091e145999
AccountNamespace : FYDIBOHF25SPDLT.domain1.de
Domains : {domain1.de}
DefaultDomain :
Enabled : True
OrganizationContact :
DelegationTrustLink : Microsoft Federation Gateway
Identity : Federation
IsValid : True
ExchangeVersion : 0.10 (14.0.100.0)
Name : Federation
DistinguishedName : CN=Federation,CN=AAA,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=domain1,DC=local
Guid : f0685bb8-78db-4291-95b5-3a992306fc07
ObjectCategory : domain1.local/Configuration/Schema/ms-Exch-Fed-OrgId
ObjectClass : {top, msExchFedOrgId}
WhenChanged : 04.07.2019 15:41:40
WhenCreated : 21.06.2018 14:30:17
WhenChangedUTC : 04.07.2019 13:41:40
WhenCreatedUTC : 21.06.2018 12:30:17
OrganizationId :
Id : Federation
OriginatingServer : DC.domain1.local
ObjectState : Unchanged
Auf Exchangeserver in Domain2
Get-FederatedOrganizationIdentifier
RunspaceId : 23f05c96-bf86-40a1-831e-f8e7d36be933
AccountNamespace : FYDIBOHF25SPDLT.domain2.de
Domains : {domain2.de}
DefaultDomain :
Enabled : True
OrganizationContact :
DelegationTrustLink : Microsoft Federation Gateway
Identity : Federation
IsValid : True
ExchangeVersion : 0.10 (14.0.100.0)
Name : Federation
DistinguishedName : CN=Federation,CN=First Organization,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=domain2,DC=lokal
Guid : b1e04145-4d9a-4483-b04a-6bcce15beb98
ObjectCategory : domain2.lokal/Configuration/Schema/ms-Exch-Fed-OrgId
ObjectClass : {top, msExchFedOrgId}
WhenChanged : 05.07.2019 14:55:58
WhenCreated : 17.05.2016 15:13:18
WhenChangedUTC : 05.07.2019 12:55:58
WhenCreatedUTC : 17.05.2016 13:13:18
OrganizationId :
Id : Federation
OriginatingServer : DC.domain2.lokal
ObjectState : Unchanged
