Exchange

SPAMfighter 交換模組未集成

  • July 27, 2015

禁用 SSLv3 後,SPAMfighter 交換模組出現問題。嘗試登錄控制面板時沒有顯示圖像和 ASP 錯誤。所以我刪除了它,然後重新安裝了應用程序。沒有變化,我收到了一些錯誤消息,希望可以縮小範圍,但我正試圖找出導致 SPAMfighter 死亡的根本原因。嘗試集成到交換中時,我收到一條錯誤消息,上面寫著

An error occured while saving credentials. This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms. 

我已經閱讀了有關 FIPS 的幾篇文章,但似乎找不到任何有助於找到解決方案的內容。

我的偶數查看器中有這個。

Failed to save admin audit log for this cmdlet invocation. 
Organization: First Organization 
Log content:
Cmdlet Name: New-ManagementRoleAssignment
Object Modified: SPAMfighter Service Account Impersonation
Parameter: Name = SPAMfighter Service Account Impersonation
Parameter: Role = ApplicationImpersonation
Parameter: User = cssd.local\SPAMfighterService
Caller: cssd.local/Users/Administrator
ExternalAccess: False
Succeeded: True
Run Date: 2015-07-23T18:51:13
OriginatingServer: CSSDVS1 (15.00.0847.030)

Error:
   Microsoft.Exchange.Management.SystemConfigurationTasks.AuditLogAccessDeniedException: The requesting account doesn't have permission to access the audit log. ---> System.Web.Services.Protocols.SoapException: The requesting account does not have permission to serialize tokens. 
at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall) at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters) 
at Microsoft.Exchange.SoapWebClient.EWS.ExchangeServiceBinding.GetFolder(GetFolderType GetFolder1) at Microsoft.Exchange.Management.SystemConfigurationTasks.EwsAuditClient.<>c__DisplayClass5.<CheckAndCreateWellKnownFolder>b__3() at Microsoft.Exchange.Management.SystemConfigurationTasks.EwsAuditClient.CallEwsWithRetries(Func`1 delegateEwsCall, Func`3 responseMessageProcessor)

--- End of inner exception stack trace --- 
at Microsoft.Exchange.Management.SystemConfigurationTasks.EwsAuditClient.CallEwsWithRetries(Func`1 delegateEwsCall, Func`3 responseMessageProcessor)
at Microsoft.Exchange.Management.SystemConfigurationTasks.EwsAuditClient.CheckAndCreateWellKnownFolder(DistinguishedFolderIdNameType parentFolder, DistinguishedFolderIdNameType targetFolder, FolderIdType& targetFolderId)
at Microsoft.Exchange.ProvisioningAgent.EwsAuditLogger.InitializeAdminAuditLogsFolder()
at Microsoft.Exchange.ProvisioningAgent.EwsAuditLogger..ctor(ExchangePrincipal principal)
at Microsoft.Exchange.ProvisioningAgent.AuditLoggerFactory.Create(ExchangePrincipal principal, ArbitrationMailboxStatus status)
at Microsoft.Exchange.ProvisioningAgent.ConfigWrapper.get_MailboxLogger()
at Microsoft.Exchange.ProvisioningAgent.AdminLogProvisioningHandler.WriteAuditRecord(Stopwatch stopwatch) 

目前,我不得不更改 FIPS 算法密鑰以禁用經過驗證的加密算法。

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy

將值更改為 0

引用自:https://serverfault.com/questions/708040