Recently, When I export message from office365, some messages reply errors:
ErrorAccessDenied
Access is denied. Check credentials and try again., The item is opened in read-only mode.
Is this possibie that user modified the settings on O365 conducting this lock?
Or this is just a back-end problem on ews-webservice? because I still can request data from GRAPH API.
Thanks for help!
updates #4/15
More information about this kinds of mails, they are all same t:ItemClass:
<t:ItemClass>IPM.Note.NotSupportedICal</t:ItemClass>
And contain a "not supported calendar message.ics" attachment
<t:Attachments>
<t:FileAttachment>
<t:AttachmentId Id="XXX"/>
<t:Name>not supported calendar message.ics</t:Name>
<t:ContentType>text/calendar</t:ContentType>
<t:Size>3924</t:Size>
<t:LastModifiedTime>2016-04-11T14:25:12</t:LastModifiedTime>
<t:IsInline>false</t:IsInline>
<t:IsContactPhoto>false</t:IsContactPhoto>
</t:FileAttachment>
</t:Attachments>
So it is obvious that something wrong in MS server side with endpoint
https://outlook.office365.com/EWS/Exchange.asmx
Related
I am trying to fetch users profile photo using the beta endpoint beta/users/{id}/photo of the Microsoft Graph API
but I get a 404 MailboxNotEnabledForRESTAPI error
error: {
code: 'MailboxNotEnabledForRESTAPI',
message: 'REST API is not yet supported for this mailbox.'
...
The error does not make sense because I am trying to access Azure Ad profile picture which should not have anything to do with mailbox.
Would anyone know if I am missing something?
The endpoint you're using says the following about getting a user picture:
Note: When attempting to GET a user photo, this operation first attempts to retrieve the specified photo from Microsoft 365. If the photo is not available in Microsoft 365, the API attempts to retrieve the photo from Azure Active Directory.
Historically the user profile picture was stored in the Exchange server, apparently they are now also saving the image somewhere else.
To check your issue, I've added a picture to a user that doesn't have any license. And started trying requests in the Graph Explorer
Request to v1.0/users/upn_here/photo ❌ failed with ResourceNotFound -> Resource could not be discovered.
Request to beta/users/upn_here/photo ✔ gives me information about the image (eg. size)
Request to v1.0/users/upn_here/photo/$value ❌ failed with ResourceNotFound -> Resource could not be discovered.
Request to beta/users/upn_here/photo/$value ✔ gives me the image. (I see the picture I uploaded before).
You should check the used access token, copy the token and paste it here https://jwt.ms (Microsoft owned page to show you the data in the token).
According to the docs you'll need at least the delegated User.Read scope or the application scope User.Read.All.
I'm having issue with https://graph.microsoft.com/v1.0/users/<userId>/sendMail.
I get 202 Accepted as response, however when I browsed to the user's mailbox above, I'm receiving delivery failure notification as below:
Delivery has failed to these recipients or groups:
<username>#outlook.com
Your message wasn't delivered because the recipient's email provider rejected it.
Remote Server returned '550 5.7.708 Service unavailable. Access denied, traffic not accepted from this IP. For more information please go to http://go.microsoft.com/fwlink/?LinkId=526653 AS(7171) [SYBPR01MB4428.ausprd01.prod.outlook.com]'
When I logon to Outlook and send email to <username>#outlook.com from <userId>'s Outlook, the email was sent successfully.
Anyone know what's happening here?
I've tried to add a SMTP connector, but doesn't fixed the problem. When SMTP connector send an email to test Outbound Email, it works fine as I can receive at <_username_>#outlook.com.
If you follow the link provided, it explains what is happening
5.7.708 Access denied, traffic not accepted from this IP
The majority of traffic from this tenant has been detected as suspicious and has resulted in a ban on sending ability for the tenant.
Ensure that any compromises or open relays have been resolved, and then contact support through your regular channel.
For more information, see Fix email delivery issues for error codes 5.7.700 through 5.7.750 in Exchange Online.
When I try to list channel messages I get:
[...] "code": "UnknownError", "message": "Failed to execute backend request." [...]
This error is for all teams I don't belong to.
I have this error when trying to call the API from Microsoft Flow (with HTTP GET) but also with Graph Explorer: the account I used has FULL permission but still asks to check my permission:
Failure - Status Code 403, 656ms Looks like you may not have the permissions for this call. Please modify your permissions
And the registered application has the delegated permission needed to call this endpoint regarding the documentation:
GET /teams/{id}/channels/{id}/messages
https://learn.microsoft.com/en-us/graph/api/channel-list-messages?view=graph-rest-beta
Is it a bug because of the "beta" or something I've missed?
After searching and testing I can confirm that I was miss understanding how the delegated permission works.
The user need to have the permission to read the chat message meaning that the user need to be at least a member of the team who is concerned by the call.
I confirmed it by testing on a teams/groups where the account is not member of (result = Satus code 403) and everything is working with success after adding the account in the teams/groups
Does this mean that at the moment to be able to List channel messages from all teams in organisation we need to have a unique account member of each teams (=account used in the microsoft-graph call) ?
if anyone faced same situation this video helps to understand more easly the concept : https://www.youtube.com/watch?v=UPkHvy3eRCM
I am trying to implement user creation in Azure AD. Tried graph explorer with the below link. But it is not working, showing "We had an issue sending this request to the Graph API".
https://login.windows.net/oauth2/token?api-version=2.0
Also tried in localhost, then shows:
Curl error: Unknown SSL protocol error in connection to
login.window.net:443
Please help me?
That link is to try and acquire a token. That is unnecessary in Graph Explorer. Just click the "Sign-in with Microsoft" button, and enter your tenant admin credentials. Then select POST for the operation and https://graph.microsoft.com/v1.0/users. In the request body put the properties that are required to created a new user, as described in https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/user_post_users. NOTE: When trying this operation, you may be required to consent for administrative permissions - make sure you select User.ReadWrite.All, and consent.
Hope this helps,
I have configured smtp settings in web.config and I was able to successfully send email when working on my local machine. But when I uploaded the code on the server, its giving me following exception
Mailbox unavailable. The server response was: 5.7.3 Requested action aborted
Meanwhile, I also received an email from Microsoft telling me that an attempt to login to my account from a new location was blocked. I clearly understand the problem that server is in a different part of the world than where I usually login to a Windows Live account. That's why it is blocking the account to login. But I want it to login and send email using my credentials on from remote server. There must be some settings in Windows Live account but I failed to find one.
Contacting Hotmail Support Center first to find out if its really possible what you are intending to do might be helpful. I think if hotmail web administration has put a security check, it must be for a purpose of stopping such remote login activities.