Errors while configuring CRM 2011 Email router for Exchange 2010 RRS feed

  • Question

  • Hi CRM community,

    for days now we are trying to configure the Email router of our

    • non-IFD CRM 2011 on-premise 
    • to use our Exchange 2010 server
    • both in the same domain.
    • The Email router is installed on the same machine as the CRM server
    • Exchange is on a different machine
    • I created two test user in AD and CRM, and also a test queue to configure the Email routing,
    • and one of the users uses the queue es default queue (and the queue uses that email address).
    1. The CRM machine as well as Exchange machine, and the Admin + Emailrouter service are member of the PrivUserGroup
    2. Since we are using CRM without certificates I activated the following option:
    3. For second user in the account settings "Allow Email router to use my credentials..." and entered the Admin credentials
    4. In Settings > Administration > Users I set up the second account to use Outlook for incoming, Email router for outgoing
    5. In Settings > Administration > Users I set up the first account (which uses the test queue by default) to use Email router for incoming and outgoing

    Our main problem is that the test access of the Router comes up with an 403 Forbidden error for the incoming most of the times, for users as well as queues.

    What can be reasons for that?

    Thanks 'n regards

    Tuesday, June 5, 2012 12:32 PM


All replies

  • The Exchange Admin is explicitly denied from accessing mail on other users. So if you are using the same admin for Exchange and CRM, make a new Email Router user to handle email routing, and make sure to give it "send on behalf of" permission for the mailboxes you're testing.

    The postings on this site are solely my own and do not represent or constitute Hitachi Solutions' positions, views, strategies or opinions.

    Tuesday, June 5, 2012 6:34 PM
  • Actually the reason for the 403 Forbidden error in our particular case was probably that our Exchange server is configured to only allow https connections, but in the Email router we first used http.

    Now we have an Emailrouter account created and configured it for the "Access credentials" of the incoming and outgoing profile. So now that account can receive its own emails in CRM (exists as user in CRM) or forward to queue, but from no other users, since it shows "Incoming Status: Failure - The account does not have permission to impersonate the requested user." when testing access. But in Exchange we granted full permission to that account according to this article: http://blogs.msdn.com/b/crm/archive/2009/12/21/how-to-configure-microsoft-dynamics-crm-4-0-e-mail-router-on-premise-with-microsoft-exchange-server-2010.aspx

    Outgoing is no issue for any of the users, they can all send Emails on behalf of the Emailrouter user (or its queue).

    The Email router service is run by the all domain Administrator account, which is part of the PrivUserGroup as well as the Emailrouter account. But when using the Emailrouter account, the "Test access" displays error, that Email router service is not running.

    Too much confusion how to do it right. Following the CRM installation guide did not really result in successful configuration, so we are kinda trying around... How can we solve that permission issue, so that we are able to route more than one mailbox?

    • Edited by G Jones Thursday, June 7, 2012 9:35 AM
    Thursday, June 7, 2012 7:36 AM
  • Ok, now we got it up and running. Actually granting the permission has not been done properly by our Exchange admin.

    Following that site How to Configure Microsoft Dynamics CRM 4.0 E-mail Router (On-Premise) with Microsoft Exchange Server 2010 is really a big help, and it also explains how to do the Exchange 2010 Impersonation permissions.

    • Marked as answer by G Jones Thursday, June 7, 2012 10:49 AM
    Thursday, June 7, 2012 10:49 AM