Comments (15)
Just realized that the Exchange server is using Kerberos for authentication so I tried to add 'auth_type=GSSAPI' to the Configuration object but I get an error stating:
'auth_type' 'gssapi' must be one of ['CBA', 'NTLM', 'OAuth 2.0', 'basic', 'digest', 'no authentication']
from exchangelib.
You need to install exchangelib with Kerberos support for that to work. See https://ecederstrand.github.io/exchangelib/#installation and https://ecederstrand.github.io/exchangelib/#kerberos-and-sspi-authentication
from exchangelib.
I installed the exchangelib[sspi] package and that got me further but now the response is 'Error server busy' even after restarting the Exchange server and there are no throttling policies in place:
Waiting for _protocol_cache_lock
Protocol call cache miss. Adding key '('https:///EWS/Exchange.asmx', Credentials('company.com\john', '********'))'
Waiting for _version_lock
Asking server for version info using API version Exchange2016
Processing chunk 1 containing 1 items
Calling service ConvertId
Trying API version Exchange2016
Server : Increasing session pool size from 0 to 1
Server : Created session 93035
Server : Waiting for session
Server : Got session 93035
Session 93035 thread 7100 timeout 120: POST'ing to https:///EWS/Exchange.asmx after 0s sleep
Timeout: 120
Session: 93035
Thread: 7100
Auth type: <requests_negotiate_sspi.requests_negotiate_sspi.HttpNegotiateAuth object at 0x09AE4C28>
URL: https:///EWS/Exchange.asmx
HTTP adapter: <exchangelib.protocol.NoVerifyHTTPAdapter object at 0x09AE4BB0>
Streaming: False
Response time: 0.030999999999039574
Status code: 413
Request headers: {'User-Agent': 'exchangelib/5.4.0 (python-requests/2.31.0)', 'Accept-Encoding': 'gzip, deflate', 'Accept': '/', 'Connection': 'Keep-Alive', 'Content-Type': 'text/xml; charset=utf-8', 'Content-Length': '481'}
Response headers: {'Server': 'Microsoft-IIS/10.0', 'X-Powered-By': 'ASP.NET', 'X-FEServer': 'exVM', 'Date': 'Wed, 15 May 2024 18:33:18 GMT', 'Connection': 'close', 'Content-Length': '0'}
Request XML: b'\n<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:m="http://schemas.microsoft.com/exchange/services/2006/messages" xmlns:t="http://schemas.microsoft.com/exchange/services/2006/types"><s:Header><t:RequestServerVersion Version="Exchange2016"/></s:Header><s:Body><m:ConvertId DestinationFormat="EntryId"><m:SourceIds><t:AlternateId Id="DUMMY" Format="EwsId" Mailbox="DUMMY"/></m:SourceIds></m:ConvertId></s:Body></s:Envelope>'
Response XML: b''
Server : Retiring session 93035
Server : Created session 49045
Server : Releasing session 49045
Got ErrorServerBusy (back off 10 seconds)
from exchangelib.
If you want GSSAPI auth, you need to install exchangelib as pip install exchangelib[kerberos]
from exchangelib.
I believe we want to use SSPI since the Exchange 2019 CU14 server has SChannel and Extended Protection enabled (as I'm told from the Exchange admin)
from exchangelib.
Ok. There's not a lot to work with here. The server just returns an empty HTTP 413 response and closes the connection.
I would suggest working with your Exchange admin to find out why the connection fails. There may be hints in the Exchange server logs.
from exchangelib.
Any idea what logs to look in for inbound connections? I noticed the error was 413 (Content Too Large)
from exchangelib.
No idea, sorry. I'm not an Exchange admin myself.
from exchangelib.
Closing because I don't think this is an issue with exchangelib itself. But please post the solution here if you find one, so others can benefit if they are having the same problem.
from exchangelib.
@ecederstrand if I'm correct exchangelib uses the requests module to issue requests to the Exchange server correct? If so do you know if that uses the CURL library under the covers? We had to recompile the CURL library with the option to support the implementation of Secure Channel and Extended Protection in Exchange 2019 CU14 in one of our other products. We were getting the same 413 errors before doing this with the standard CURL library.
from exchangelib.
requests does not use curl under the hood.
Installing exchangelib[sspi]
will install the https://pypi.org/project/requests-negotiate-sspi/ package which adds SSPI auth for requests.
from exchangelib.
@ecederstrand yes I have that installed but does that handle the Secure Channel changes in CU14?
from exchangelib.
I don't know. You'll have to check with the authors of the requests-negotiate-sspi package.
from exchangelib.
@ecederstrand just trying to understand the flow. The initial request looks like it uses the python-requests package and not the requests-negotiate-sspi package - just wanted to make sure that was expected?
Request headers: {'User-Agent': 'exchangelib/5.4.0 (python-requests/2.31.0)', 'Accept-Encoding': 'gzip, deflate', 'Accept': '/', 'Connection': 'Keep-Alive', 'Content-Type': 'text/xml; charset=utf-8', 'Content-Length': '481'}
from exchangelib.
I don't know how those two packages cooperate internally. exchangelib doesn't do anything special except creating an instance of an HttpNegotiateAuth
object when you specify SSPI aith:
exchangelib/exchangelib/transport.py
Line 55 in c310c65
from exchangelib.
Related Issues (20)
- Create calendar appointment in another account as access data, the appointment is created in the access account. HOT 3
- Get all Public Folders HOT 23
- ErrorInvalidSchemaVersionForMailboxVersion with exchangelib v5.2.1 and Exchange server version 15.2.1544.4 HOT 45
- EOF occurred in violation of protocol HOT 4
- ValueError trying to delete a rule HOT 2
- Error getting folders for v5.2.1+ (server 2010sp3 upd.29) HOT 3
- Cannot fetch calendar folder HOT 4
- The request failed schema validation HOT 9
- Get more than 100 records with a.protocol.resolve_names HOT 1
- EWS does not support returning more than 100 results. See https://learn.microsoft.com/en-us/exchange/client-developer/web-service-reference/resolvenames-operation
- How to disable check_hostname HOT 5
- some new distinguished folders cause 500 error HOT 4
- Support Custom Authentication Domains for Global and Governmental Environments (gcc-high, dod, etc) HOT 1
- Implement passing an Account object to GetUserAvailability in order to fix the "Returning naive datetime"-warning for timezone-unaware server responses. HOT 3
- Not enough scope error HOT 4
- OOF, The scheduled duration for sending automatic replies isn't valid HOT 4
- 403 Error | App Delegate Access for Personal Outlook Account HOT 5
- Accessing shared calendars does no longer work on 5.4.2 but it does work on 5.2.0 HOT 12
- Calendar items sent to users have reminder as 15 minutes regardless of reminder_is_set set to False HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from exchangelib.