Solved

Create office 365 apps


Userlevel 2
Badge +8

Hello everyone,


Environment : SP11.23 behind a web proxy
I deployed 365 apps through the CVO365CustomConfigHelper app.
In the admin console I add the apps created but the status remains in 'Not available',

Therefore impossible to add mailboxes to save
The service account is correct (the account is Global administrator)

If you have any idea about the problem
Regards

icon

Best answer by virgil 15 October 2021, 14:02

View original

19 replies

Userlevel 2
Badge +5

Hi Virgil,

When you create the App not using the Command Center, it usually will show as status “Not available”. This is just because Command Center has not verified the app as “Authorized” thats all. 

You can try clicking the 3 dots under “Actions” and choosing “Authorize app” :

You should then be prompted to Accept the auth:

 

After this, you should see a popup say it was successful and the app should be Authorized:

If you are not seeing this happen or getting an error here are some things to check:

  1. Check the AdminConsole.log and WebServer.log for any errors relating to the connection reaching the internet from the Web Server. 
  2. Check your web proxy machine to make sure it is not denying the required urls we need

https://documentation.commvault.com/11.24/expert/103534_exchange_mailbox_agent_user_mailbox_exchange_online_through_azure_active_directory_environment_port_requirements.html

Another reason is that Command Center / Web Server do not have their own config for setting web proxy to use. The services by default use a direct internet connection, or whatever the machine proxy settings have been configured. 

If you are seeing connection issues from the Web Server to the internet, you may have to setup the proxy settings at the machine level like so:

Set up the proxy for a system account

1) Execute

PsExec.exe -i -s cmd.exe

to run the command prompt under a system account.
Note: Check whether you have the proper login set up by executing the "whoami" command. The response should be "nt authority\network service"

2) Execute

%PROGRAMFILES%\Internet Explorer\iexplore.exe

to run Internet explorer in system context.
3) Open the Control Panel, and go to Internet Options > Connections > LAN settings.
4) Click Use a proxy server, and define your proxy settings.

Set up the proxy for a network service account

1) Execute

PsExec.exe -i -u "NT Authority\Network Service" cmd.exe

to run the command prompt under a system account.
Note: Check whether you have the proper login set up by executing the "whoami" command. The response should be "nt authority\network service"

2) Execute
%PROGRAMFILES%\Internet Explorer\iexplore.exe

to run Internet Explorer in network service context.
3) Open the Control Panel, and go to Internet Options > Connections > LAN settings.
4) Click Use a proxy server, and define your proxy settings.

Userlevel 2
Badge +5

Also forgot to mention, having the app show as “Not available” as the status does not prevent mailbox discovery. 

If you are seeing mailbox discovery issues have a look on the Access Node within the CVMailDiscover.log for errors. 

Userlevel 2
Badge +8

Thanks james for your answer

 

i check log file from admin console and i ve several error issues :

 3592 5 07/09 15:13:30 cvfow0EDCv    ERROR ServerBroker:getServerResponse:321 - Thread:148 getServerResponse failed: Failed to convert response to object: response is empty

 3592 5 07/09 15:13:30 cvfow0EDCv   ERROR MainController:handleException:194 - MainController failed to process target updateAzureApp.do. TraceId is cvfow0EDCv Exception is:java.lang.reflect.InvocationTargetException

 commvault.web.core.net.ServerException: Failed to convert response to object: response is empty

The version of powershell is : 5.1.17763.1971

I use microsoft Edge and proxy settings are conrect ( In IE too).

Userlevel 2
Badge +5

What are you seeing in the WebServer.log around this time?

Also, the Commvault services do not follow what you have configured in Edge/IE proxy settings. You may have to set the web proxy settings at the machine level as per details I put above if you are seeing connection issues to the internet.

Userlevel 2
Badge +8

Hi

i Set up the proxy for system account but doesn’t work…

regards

Userlevel 2
Badge +5

Hi

i Set up the proxy for system account but doesn’t work…

regards

Can you expand further please on what you are seeing is not working? Are you seeing connection issues in the WebServer.log to Office365 urls?

Userlevel 2
Badge +8

the errors below :

In adminconsole.log :

 3552 1 07/13 15:03:18 cvXaPdfSZq 10.90.15.6   ERROR ServerBroker:getServerResponse:321 - Thread:144 getServerResponse failed: Failed to convert response to object: response is empty
 3552 1 07/13 15:03:18 cvXaPdfSZq 10.90.15.6   ERROR MainController:handleException:194 - MainController failed to process target azureAppReadyStatus.do. TraceId is cvXaPdfSZq Exception is:java.lang.reflect.InvocationTargetException
 commvault.web.core.net.ServerException: Failed to convert response to object: response is empty

in webserver.log:

8056 166   07/13 15:03:14 ### DOMAIN\user CVWeSvc::SendRequestForServiceAccountCheck
- ret = 0 respXml = <?xml version="1.0" encoding="UTF-8" standalone="no" ?>
<ExchangeVirtualAgent_ServiceAccountCheckReadiness errorCode="1" errorStr="Session(s) failed for all online service accounts.
Please re-check the credentials.">
<listServiceAccount AdminSmtpAddress="cvault_O365@domain.com" serviceType="4" status="0"/>
<listServiceAccount AdminSmtpAddress="CVEXBackupAccount1626090915@domain.onmicrosoft.com" serviceType="2" status="0"/>
</ExchangeVirtualAgent_ServiceAccountCheckReadiness> error =

the credentials are correct

Regards

Userlevel 2
Badge +5

Can you please check the App you are using has all the correct permissions:

https://documentation.commvault.com/11.24/essential/93448_registering_exchange_online_with_azure_01.html

I recommend you use “Modern Authentication” as the basic auth wont be around for long with Microsoft. 

 

Can you also try creating an App using the “Express configuration” to ensure all correct permissions are added:

 

After this, remove any Apps you have created previously then see if this works. 

Userlevel 2
Badge +5

Sorry one more thing, can you make sure that the Web Server has the Azure Active Directory powershall installed please as per this article:

https://documentation.commvault.com/11.24/essential/139356_web_server_requirements_for_azure_active_directory.html

Userlevel 2
Badge +8

Hi james

AZ Module and MSOnline module are installed on commserve.

I follow this article and i can connect to my tenant but not working in admin console…..

https://docs.microsoft.com/fr-fr/archive/blogs/keithmayer/quick-tip-using-azure-powershell-with-web-proxy-and-fiddler

Userlevel 2
Badge +5

What happens when you try using “Express Configuration” to add an App? Any errors seen in the WebServer.log at that time?

Userlevel 2
Badge +8

@James Allen 

in webserver log :
9100 72    07/15 18:38:02 ### ### valdiateAdminPermission() - Admin not logged in. Logging in..

19100 72    07/15 18:39:04 ### ### runPowerShellScript - PowerShell script returned error: 'System.Management.Automation.Internal.ObjectReader', 'Une ou plusieurs erreurs se sont produites.: La référence d'objet n'est pas définie à une instance d'un objet.', 'Une ou plusieurs erreurs se sont produites.', 'La référence d'objet n'est pas définie à une instance d'un objet.'

19100 72    07/15 18:39:04 ### ### doLogin - Connect-AzureAd Script response[False]

19100 72    07/15 18:39:04 ### ### doLogin - AzureAD Session[False]

19100 72    07/15 18:39:04 ### ### doLogin - AzureAD Session Error[Une ou plusieurs erreurs se sont produites.: La référence d'objet n'est pas définie à une instance d'un objet.]

19100 72    07/15 18:39:04 ### ### doLogin - Login Status[NotLoggedIn] Attempt[1]

19100 72    07/15 18:40:05 ### ### runPowerShellScript - PowerShell script returned error: 'System.Management.Automation.Internal.ObjectReader', 'Une ou plusieurs erreurs se sont produites.: La référence d'objet n'est pas définie à une instance d'un objet.', 'Une ou plusieurs erreurs se sont produites.', 'La référence d'objet n'est pas définie à une instance d'un objet.'

19100 72    07/15 18:40:05 ### ### doLogin - Connect-AzureAd Script response[False]

19100 72    07/15 18:40:05 ### ### doLogin - AzureAD Session[False]

19100 72    07/15 18:40:05 ### ### doLogin - AzureAD Session Error[Une ou plusieurs erreurs se sont produites.: La référence d'objet n'est pas définie à une instance d'un objet.]...

 

regards

Userlevel 2
Badge +5

Hi Virgil,

Looking at those errors it would seem the AzureAD powershell modules are having issues in connecting from the Web Server to the Internet. 

It looks like something environmental is happening here with your network/proxy in preventing access to the internet. Have you made sure the following URLs are whitelisted?

https://documentation.commvault.com/11.22/expert/103534_exchange_mailbox_agent_user_mailbox_exchange_online_through_azure_active_directory_environment_port_requirements.html

If you have, then I think the best course of action here is to open a support ticket with Commvault so we can do a remote session and troubleshoot this live with you.

Userlevel 2
Badge +8

Hi James,

All urls from Office.com are in whitelist

i can log in on the tenant with my global administrator account

With the helper tool, i’ve no problem to create Office App on the commerve.

So a open a support Ticket…

Regards

Userlevel 7
Badge +23

@virgil , once you have a case open, please share the case number so I can track accordingly.

Thanks!

Userlevel 2
Badge +8

Hi mike,

Incident 210709-379.

thanks

Userlevel 2
Badge +8

After Update to v11SP24.12, same problem….

Userlevel 7
Badge +23

That’s definitely unfortunate.  I’ll keep monitoring the case you have for the eventual solution.

Userlevel 2
Badge +8

Just update the case.

On Commserve and Proxy Node exchange , when you have a proxy web configured , active this option :

From gpedit.msc, enable policy ‘Make proxy settings per-machine (rather than per user)

and it’s roll….

Regards

Reply