Exchange 2010 Audience Error When Browsing Directly to ECP

Follow
    Applies to:
  • Legacy SecureAuth IdP
Deployment model:
  • On Premises
  •  

    Introduction

    You may end up with an exception when browsing to Exchange 2010 ECP virtual directory directly when using SecureAuth to authenticate, although standard OWA works fine.

    The exception will be similar to below

    Exception type: Microsoft.IdentityModel.Tokens.AudienceUriValidationFailedException 

     

    Cause

    When setting up OWA and ECP to authenticate through SecureAuth if you have OWA as the default redirect set on SecureAuth this will end up throwing a Audience. 

     

    Resolution

    Change the Audience URI and Realm value to match the OWA web.config.

     

    1 > Open up the OWA web.config file locatedC:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\Owa\Web.config

     

    2 > Locate the Audience Uris and make note of the value in your config file, example below.

    <audienceUris>

    <add value="mail.example.com/owa/" />

    </audienceUris>

     

    3 > Locate the Realm value and make note of this the url, example below

     realm="mail.example.com/owa/"

     

    4 > Make a backup of the ECP config file located “C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\ECP\Web.config”

     

    5 > Open the ECP web.config file and find both the audience Uri and Realm as noted in previous steps and replace the values with them and save.

     

    0 out of 0 found this helpful

    Comments

    0 comments

    Please sign in to leave a comment.