Troubleshooting server-side synchronization

Dynamics CRM 2015
 

This page is your source for issues and resolutions for troubleshooting server-side synchronization. Check back for updated information as issues are discovered and resolutions recorded.

Alert: The mailbox has been disabled for synchronizing appointments, contacts, and tasks for the mailbox because an error occurred while establishing a secure connection to the Microsoft Exchange server. The owner of the email server profile has been notified.

Solution: http://support.microsoft.com/kb/2993502

Alert: Email cannot be received for the mailbox because an error occurred while establishing a secure connection to the email server. The mailbox has been disabled for receiving email and the owner of the email server profile has been notified.

Solution: http://support.microsoft.com/kb/2993502

Alert: Email cannot be sent/received because the email address of the mailbox <User Name> requires an approval by an Office 365 administrator. The mailbox has been disabled for sending/receiving email and the owner of the email server profile Exchange Online has been notified.

Cause:

This error will occur if a user is configured to use the Microsoft Exchange Online email server profile but their email address has not been approved by an Office 365 administrator. A user with the global administrator role in Office 365 needs to approve the email address for each user that uses the Microsoft Exchange Online email server profile. The Microsoft Exchange Online profile uses server-to-server authentication between Microsoft Dynamics CRM Online and Exchange Online. This authentication is dependent on a trust between CRM Online and Exchange Online. By verifying the email address in CRM as an Office 365 global administrator, CRM Online will be able to send and receive email for that user without the need to provide any email credentials within CRM.

Solution:

To approve one or more mailboxes:

  1. Sign in to CRM Online as a user with the global administrator role in Office 365.

  2. Go to Settings > Email Configuration.

  3. Choose Mailboxes.

  4. Select Active Mailboxes or perform an Advanced Find query to identify a list of mailboxes to update.

  5. Select the list of mailboxes you want to approve and then choose Approve Email.

  6. Choose OK to approve the email addresses.

  7. Choose Test & Enable Mailboxes to retest email processing for the enabled mailboxes.

Alert: One or more mailboxes have been disabled for sending/receiving email because their email addresses have not been approved. Approve the email addresses, and then enable the mailboxes for sending/receiving email." or "Email cannot be received for the mailbox <Mailbox Name> because the email address of the mailbox <Mailbox Name> is not approved and the mailbox has been disabled. The owner of the associated email server profile <Email Server Profile name> has been notified.

Solution:

Mailboxes must be approved before the email will be processed. To approve mailboxes:

  1. Sign in to CRM Online as a user with the global administrator role in Office 365.

  2. Go to Settings > Email Configuration.

  3. Choose Mailboxes.

  4. Select Active Mailboxes or perform an Advanced Find query to identify a list of mailboxes to update.

  5. Select the list of mailboxes you want to approve and then choose Approve Email.

  6. Choose OK to approve the email addresses.

  7. Choose Test & Enable Mailboxes to retest email processing for the enabled mailboxes.

System_CAPS_noteNote

You can remove the requirement for approving mailboxes using: Settings > Administration > System Settings > Email tab. Uncheck Process emails only for approved users and Process emails only for approved queues, then choose OK. If you are using the Microsoft Exchange Online profile, email addresses must still be approved by an Office 365 global administrator.

Alert: The mailbox location could not be determined while sending/receiving the email message <Message Subject>. The mailbox <Mailbox Name> has been disabled for sending/receiving email and the owner of the associated email server profile <Email Server Profile name> has been notified.

Solution: You will see this alert if your email server profile (Settings > Email Configuration > Email Server Profiles) is configured to use the Auto Discover Server Location option but auto discover cannot detect the location of your mailbox. If this issue occurs, check with your Exchange administrator to verify your network is configured for auto discover. You can update the email server profile and choose No for Auto Discover Server Location. Then provide the Exchange web services URL for your Exchange deployment. For example: https://ExchangeServerName/EWS/Exchange.asmx.

Alert: Email cannot be sent/received because the credentials specified in the associated email server profile are incorrect or have insufficient permissions for sending/receiving email. The mailbox <Mailbox Name> has been disabled for sending/receiving email and the owner of the email server profile <Email Server Profile name> has been notified.

Solution:

This error can appear if incorrect credentials are provided or if the user account specified to access the mailbox does not have sufficient permissions to the mailbox. Check credentials and permissions for the mailbox. If you are providing credentials within an email server profile, make sure the user has impersonation permissions and mailbox access to each associated mailbox.

For more information on configuring Exchange impersonation and granting mailbox access, see:

Alert: Appointments, contacts, and tasks can't be synchronized because the email address of the mailbox <Mailbox Name> is configured with another Microsoft Dynamics CRM organization. The best practice is to overwrite the configuration when you test and enable the mailbox in your primary organization. Also, change the synchronization method for your mailbox in non-primary organizations to None.

Solution:

To change the primary synchronization organization and overwrite the setting stored in Exchange, choose: Settings > Email Configuration > Mailbox > open a mailbox > Test & Enable Mailbox > select Sync items with Exchange from this CRM Organization only, even if Exchanges was set to sync with a different Organization. This will allow server-side synchronization to work for this CRM instance but the other instance would no longer work for synching that mailbox through server-side synchronization. To change the synchronization method for Appointments, Contacts, and Tasks, choose: Settings > Email Configuration > Mailbox > open a mailbox > select None for Appointments, Contacts, and Tasks.

For more information, see: When would I want to use this check box?

Alert: You can't set the user name and password in this email server profile and its associated mailboxes because the Microsoft Dynamics CRM server requires using a secure mode (SSL) to specify credentials. Use another mode of authentication, or contact the Microsoft Dynamics CRM server admin to allow setting credentials on a nonsecure channel.

Cause:

For security reasons, Microsoft Dynamics CRM will not allow you to save your email credentials in CRM if the URL is not configured for SSL (HTTPS). Microsoft Dynamics CRM also does not allow for the connection to a mail server that does not use SSL.

System_CAPS_importantImportant

You can only disable this requirement in a CRM on-premises installation.

 

Solution:

The following Windows PowerShell commands can be used to allow for the entry of credentials via HTTP and to connect to a non SSL email server:

  1. Open a PowerShell command window.

  2. Add the Microsoft Dynamics CRM PowerShell snap-in:

    Add-PSSnapin Microsoft.Crm.PowerShell
    
  3. Enter the following:

    $itemSetting = new-object 'System.Collections.Generic.KeyValuePair[String,Object]'("AllowCredentialsEntryViaInsecureChannels",1)$setting = get-crmsetting customcodesettings
    $configEntity = New-Object "Microsoft.Xrm.Sdk.Deployment.ConfigurationEntity"
    $configEntity.LogicalName="Deployment"
    $configEntity.Attributes = New-Object "Microsoft.Xrm.Sdk.Deployment.AttributeCollection"
    Set-CrmAdvancedSetting -Entity $configEntity
    
    $itemSetting = new-object 'System.Collections.Generic.KeyValuePair[String,Object]'("ECAllowNonSSLEmail",1)
    $configEntity = New-Object "Microsoft.Xrm.Sdk.Deployment.ConfigurationEntity"
    $configEntity.LogicalName="Deployment"
    $configEntity.Attributes = New-Object "Microsoft.Xrm.Sdk.Deployment.AttributeCollection"
    $configEntity.Attributes.Add($itemSetting)
    Set-CrmAdvancedSetting -Entity $configEntity
    
System_CAPS_noteNote

Before you can save a URL that uses HTTP, you will need to update the Use SSL settings for incoming and outgoing connections (Go to Settings > Email Configuration > Email Server Profiles. Then select a profile, expand Advanced, and set Use SSL for Incoming/Outgoing Connection to No).

If your company is using Exchange Online with CRM Online, note the following:

CRM Online supports server-side synchronization with Exchange Online in the same tenant with Server to Server Authentication. Other authentication methods or settings are not recommended or supported, including:

  • Using Credentials Specified by a User or Queue

  • Using Credentials Specified in Email Server Profile

  • Using Impersonation

  • Setting Auto Discover Server Location to No

  • Using an email server profile other than Exchange Online

  • Using non-default network ports

Connecting CRM Online with Exchange Online in different tenant is not supported.

Mailbox delivery errors are classified as follows:

  1. A permanent error (for example, 401 Unauthorized) or a transient error (for example, a network issue).

  2. A server error (for example, invalid profile credentials) or a mailbox error (for example, invalid mailbox credentials).

CRM responds to the error as follows:

  • For server or mailbox permanent errors, the mailbox is disabled as soon as the error is detected.

  • For server or mailbox transient errors, delivery is retried up to 10 times with a 5 minute gap between attempts. If delivery fails after 10 attempts, the error is considered permanent and the mailbox is disabled.

Review the troubleshooting steps in this topic and if the issue is successfully resolved, enable the mailbox. See Test email configuration of mailboxes set up through server-side synchronization.

 Server-side synchronization doesn’t support the following scenarios:

  • Hybrid deployments:

    • CRM Online with Exchange (on-premises).

    • Microsoft Dynamics CRM (on-premises) with Exchange Online.

  • Mix of Exchange/SMTP and POP3/Exchange.

  • Creation of mass email marketing campaigns.

  • Extensibility scenarios like extending EWS/POP3/SMTP protocols and creating custom email providers.

  • Exchange Server 2003 and Exchange Server 2007.

  • Server-side synchronization in CRM Online, or in a Microsoft Dynamics CRM (on premises) deployment that is configured for FIPS 140-2 compliancy, requires a POP3/SMTP email server that is also FIPS 140-2 compliant. Some email servers are not FIPS 140-2 compliant, such as MSN, Outlook.com, or Windows Live Mail.

For most situations not supported by server-side synchronization, you can use the Microsoft Dynamics CRM Email Router. More information: Choose a method for message synchronization

System_CAPS_noteNote

We recommend that you don’t use a mixed configuration of Outlook synchronization and server-side synchronization for appointments, contacts, and tasks in the same organization, because it may result in updated CRM data not synchronizing to all attendees.

Consider the following scenario regarding tracking an event in CRM:

  1. An event organizer uses Outlook for the synchronization method.

  2. An event invitee uses server-side synchronization for the synchronization method.

  3. In Dynamics CRM for Outlook, the organizer creates an appointment and sends an invite to the invitee.

  4. In Dynamics CRM for Outlook, the invitee tracks the appointment.

  5. The invitee logs in to CRM and navigates to Marketing > Activities > Appointment > My Appointments

Result: the appointment is not created in CRM for the invitee.

This is a known issue and is not supported. If the organizer is someone outside of the CRM organization, a CRM user who is an invitee can still track the appointment and have the record created in CRM.

Consider the following scenario:

  1. In Dynamics CRM for Outlook, choose File > CRM > Synchronize > Review Synchronization Settings.

  2. Choose the Synchronization Fields tab and the Contact entity.

Result: there is no Category: [CRM] Inactive Outlook/Exchange field and no Status Reason: Inactive CRM field.

This is a known issue and is not supported.

Changes made to Service Appointments and Activities in CRM will update in Dynamics CRM for Outlook when you synchronize but the reverse is not true. When you make changes to Service Appointments or Activities in Dynamics CRM for Outlook, the changes are not synchronized to CRM. Service appointments are scheduled by an agent and need free/busy information for resources available only in CRM.

© 2016 Microsoft Corporation. All rights reserved. Copyright

Show: