Exchange Web Services development

MSDN Article covering the options http://msdn.microsoft.com/en-us/library/exchange/bb204040(v=exchg.140).aspx

MSDN Getting started with the Managed API http://msdn.microsoft.com/en-us/library/exchange/dd633626(v=exchg.80).aspx

MSDN Managed API Reference http://msdn.microsoft.com/en-us/library/microsoft.exchange.webservices.data(v=exchg.80).aspx

MSDN Searching in the Managed API http://msdn.microsoft.com/en-us/library/exchange/dd633659(v=exchg.80).aspx http://msdn.microsoft.com/en-us/library/exchange/dd633627(v=exchg.80).aspx

MSDN Working with Managed API http://msdn.microsoft.com/en-us/library/exchange/dd633696(v=exchg.80).aspx

_service = new ExchangeService(ExchangeVersion.Exchange2007_SP1);
_service.Credentials = CredentialCache.DefaultNetworkCredentials;
_service.Url = new Uri(ConfigurationManager.AppSettings["ExchangeUrl"]);
_service.WebProxy = null;
// Example of accessing a shared mailbox
Mailbox mb = new Mailbox(ConfigurationManager.AppSettings["MailboxName"]);
FolderId genericInbox = new FolderId(WellKnownFolderName.Inbox, mb);
FolderId genericRoot = new FolderId(WellKnownFolderName.MsgFolderRoot, mb);

Folder rootfolder = Folder.Bind(_service, genericRoot);

// Example of retrieving first 10000 items in the inbox of the shared mailbox
ItemView view = new ItemView(10000);
view.PropertySet = new PropertySet(BasePropertySet.IdOnly, ItemSchema.DateTimeReceived);
view.Traversal = ItemTraversal.Shallow;
FindItemsResults findResults = _service.FindItems(genericInbox, view);
foreach (Item myItem in findResults.Items)
{
    // Handle the items
}

ADFS Proxy 364 Event

Log Name:      AD FS 2.0/Admin
Source:        AD FS 2.0
Date:          22/07/2013 14:54:10
Event ID:      364
Task Category: None
Level:         Error
Keywords:      AD FS
User:          NETWORK SERVICE
Computer:      xxx.yyy.com
Description:
Encountered error during federation passive request. 

Additional Data 

Exception details: 
System.ServiceModel.Security.MessageSecurityException: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail. ---> System.ServiceModel.FaultException: ID3242: The security token could not be authenticated or authorized.
   --- End of inner exception stack trace ---

Server stack trace: 
   at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.ProcessReply(Message reply, SecurityProtocolCorrelationState correlationState, TimeSpan timeout)
   at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

Exception rethrown at [0]: 
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at Microsoft.IdentityServer.Protocols.PolicyStore.IPolicyStoreReadOnlyTransfer.GetState(String serviceObjectType, String mask, FilterData filter, Int32 clientVersionNumber)
   at Microsoft.IdentityServer.PolicyModel.Client.PolicyStoreReadOnlyTransferClient.GetState(String serviceObjectType, String mask, FilterData filter, Int32 clientVersionNumber)
   at Microsoft.IdentityServer.ProxyConfiguration.ProxyConfigurationReader.GetServiceSettingsData()
   at Microsoft.IdentityServer.ProxyConfiguration.ProxyConfigurationReader.GetFederationPassiveConfiguration()
   at Microsoft.IdentityServer.Web.PassivePolicyManager.GetPassiveEndpointAbsolutePath()
   at Microsoft.IdentityServer.Web.FederationPassiveAuthentication.GetPassiveEndpointAbsolutePath()

System.ServiceModel.FaultException: ID3242: The security token could not be authenticated or authorized.


Event Xml:

  
    
    364
    0
    2
    0
    0
    0x8000000000000001
    
    136471
    
    
    AD FS 2.0/Admin
    xxx.yyyy.com
    
  
  
    
      
        System.ServiceModel.Security.MessageSecurityException: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail. ---> System.ServiceModel.FaultException: ID3242: The security token could not be authenticated or authorized.
   --- End of inner exception stack trace ---

Server stack trace: 
   at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.ProcessReply(Message reply, SecurityProtocolCorrelationState correlationState, TimeSpan timeout)
   at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

Exception rethrown at [0]: 
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at Microsoft.IdentityServer.Protocols.PolicyStore.IPolicyStoreReadOnlyTransfer.GetState(String serviceObjectType, String mask, FilterData filter, Int32 clientVersionNumber)
   at Microsoft.IdentityServer.PolicyModel.Client.PolicyStoreReadOnlyTransferClient.GetState(String serviceObjectType, String mask, FilterData filter, Int32 clientVersionNumber)
   at Microsoft.IdentityServer.ProxyConfiguration.ProxyConfigurationReader.GetServiceSettingsData()
   at Microsoft.IdentityServer.ProxyConfiguration.ProxyConfigurationReader.GetFederationPassiveConfiguration()
   at Microsoft.IdentityServer.Web.PassivePolicyManager.GetPassiveEndpointAbsolutePath()
   at Microsoft.IdentityServer.Web.FederationPassiveAuthentication.GetPassiveEndpointAbsolutePath()

System.ServiceModel.FaultException: ID3242: The security token could not be authenticated or authorized.


      
    
  

In our instance this was due to old secondary encryption and signing certificates. Once these were removed and the proxy trust re-established the service recovered.

http://social.msdn.microsoft.com/Forums/vstudio/en-US/2b7b64e0-9a92-43d6-b071-db1e892b9d97/ad-fs-20-federation-proxy-unsecured-or-incorrectly-secured-fault-errors

http://blogs.technet.com/b/instan/archive/2011/09/16/adfs-event-id-364-on-adfs-2-0-proxy.aspx

http://dloder.blogspot.co.uk/2012/10/adfs-20-event-id-248-and-364-unsecured.html

Linux proxy configuration

Set the proxy on Linux, including Ubuntu and SecurityOnion in /ect/environment

export http_proxy=http://myproxy.server.com:8080/
export https_proxy=http://myproxy.server.com:8080/
export ftp_proxy=http://myproxy.server.com:8080/
export no_proxy="localhost,127.0.0.1,localaddress,.localdomain.com"
export HTTP_PROXY=http://myproxy.server.com:8080/
export HTTPS_PROXY=http://myproxy.server.com:8080/
export FTP_PROXY=http://myproxy.server.com:8080/
NO_PROXY="localhost,127.0.0.1,localaddress,.localdomain.com"
sudo -i
http_proxy=http://myproxy.server.com:8080 https_proxy=http://myproxy.server.com:8080 soup

Kali/Debian

On Kali/Debian:

$ cat > /etc/apt/apt.conf
Acquire::http::Proxy "http://:";
^D

Misc Information

These are random useful links that I have come across while performing invesigations or resolving issues.

ActiveX controls and web pages

http://blogs.technet.com/b/fdcc/archive/2011/11/03/enabling-initialize-and-script-activex-controls-not-marked-as-safe-in-any-zone-can-get-you-hurt-bad.aspx This provides a write up of the reasons, risks and options behind unsafe ActiveX controls in IE

http://stackoverflow.com/questions/894369/an-activex-control-on-this-page-might-be-unsafe Inheriting from IObjectSafety

IPV4 MTU, Fragmentation and Path Discovery

High level overview of IPV4 MTU: http://packetlife.net/blog/2008/aug/18/path-mtu-discovery/

Other information

ASCII table http://www.ascii-code.com/

Online encoder/decoder http://www.yellowpipe.com/yis/tools/encrypter/index.php

Windows Certificate Authority

I frequently forget the command line syntax for requesting a certificate with a specific template, so this is a quick post to act as a reminder.

certreq -submit -attrib "CertificateTemplate:WebServer" -config Server\CertificationAuthority WebServerCert.csr WebServerCert.cer

Extended validation for internal certificates http://blogs.technet.com/askds/archive/2009/08/14/extended-validation-support-for-websites-using-internal-certificates.aspx

Upgrade Certification Authority to SHA256

Windows Server 2008 R2 CAPolicy.inf Syntax

To add a subject alternative name at request submission time, use additional fields in the attrib:

certreq -submit -attrib "CertificateTemplate:WebServer\nsan:dns=altname.com&dns=altname1.com" -config Server\CertificationAuthority WebServerCert.csr WebServerCert.cer