The call to 'https://server.contoso.com/EWS/mrsproxy.svc' failed. Error details: The HTTP request was forbidden with client a
uthentication scheme 'Negotiate'. --> The remote server returned an error: (403) Forbidden..
+ CategoryInfo : NotSpecified: (:) [New-MoveRequest], RemoteTransientException
+ FullyQualifiedErrorId : [Server=BL2PR02MB2129,RequestId=cd8a2403-0b3c-4fee-ad2c-a27305435b36,TimeStamp=4/20/2016
8:51:30 PM] [FailureCategory=Cmdlet-RemoteTransientException] 8E22672D,Microsoft.Exchange.Management.Migration.Ma
ilboxReplication.MoveRequest.NewMoveRequest
+ PSComputerName : ps.outlook.com
Run:
Get-WebServicesVirtualDirectory |FL
Compare the URL listed above with the URLs in ExternalUrl and InternalUrl and adjust accordingly. Create a new migration endpoint in Office 365 that uses the new name.
It's been a very long day. I'll try to give a proper update once I have had some downtime.
[Edit below]
So in the planning for going from Exchange 2010 to Exchange 2013 I did a lot of research on load balancing and namespaces. I decided to go for the each service has its own namespace model so that if for some reason the address book was down that owa would still show as alive. Well I got a lesson in things you still don't know about Exchange so you're gonna learn today.
On 2010 everything was accessed via one namespace like mail.contoso.com. So in our hybrid environment with Office 365 the migration endpoint mapping pointed to mail.contoso.com. When I cut over the namespaces to 2013 I left mail.contoso.com for the friendly owa name and broke out all the other names. I started getting errors in my scripts that I made to migrate mailboxes to Office 365. The error listed above. Of course it wasn't much help to determine what the actual problem was.
After lots of digging and hair pulling I finally stumbled upon the suggestion to use Get-WebServicesVirtualDirectory |FL and look for something else that was useless. However I did note that the URL was not mail.contoso.com that was in there. Not trusting that observation I changed the authentication and got the same error. After that I removed and remade the migration endpoint mapping. It tried to autodiscover the setting and failed. I then put in ews.contoso.com and it was happy and my scripts were happy.
