ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

ADS Endpoint Does Not Detect Exchange - Missing Permissions

book

Article ID: 241362

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Suite

Issue/Introduction

Acquired ADS endpoint but the ADS endpoint still does not detect an Exchange Server.

 

The ADS Endpoint log shows the following:

Exchange2000: License: T; EX2mdb: F; EX2servers: F

 

 

 

 

Cause

The reason that EX2mdb: F; EX2servers: F is because there is lack of permissions as shown by the following search in the ADS log returning no results:

 ADS->SEARCH: DN: [CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=xxx,DC=yyy] rc=0 (elapsed: 15 ms)
 SearchType: Subtree; filter: (objectClass=msExchAdminGroupContainer), Attributes(s) = NULL
 Page: 0, Entries returned: 0, References returned: 0

Environment

Release : 14.3

Component : IdentityMinder(Identity Manager)

Resolution

Be sure the ID used to acquire has the proper permissions needed for Exchange per the documentation:

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-management-and-governance-connectors/1-0/connectors/microsoft-connectors/microsoft-active-directory-exchange-and-skpye-for-business(lync)/privileges-to-connect-to-active-directory-exchange-and-skype-for-business.html#concept.dita_d09bc80d4cbee41083ba141e8e2c9ac2279dfacb_PrivilegesRequiredtoConnecttotheExchange

After that follow the following KB Article to try refreshing the AD Endpoint again:

https://knowledge.broadcom.com/external/article?articleId=42531

Additional Information

If an Exchange Server is installed after the ADS endpoint was created, you need to follow the instructions in the following KB Article to update the ADS endpoint and have it recognize the Exchange Server.

https://knowledge.broadcom.com/external/article?articleId=42531