A kind reader asked me if I knew of a way to reset or reinstall the MAPIoverHTTP protocol for Exchange 2016. Although there are ways to reset MAIPoverHTTP, it is questionable whether this would have helped in this case. So here is a little story about the compatibility of Trend Micro Worry Free(!?) 9 and Exchange 2016. Silke has kindly allowed me to publish the information here so that no more admins run into this problem. Thank you Silke!
So here is the e-mail from Silke:
Short version
When installing the Messaging Server Agent from Trend Micro Worry Free Business Security 9.0 SP2 on a Windows Server 2012 R2 with Exchange 2016, MAPI is irreparably destroyed.
Long version
I'm about to hit the 75 limit of my SBS 2011 Premium (Server 2008 R2 with Exchange 2010 and dedicated SQL server), and apart from that, the thing finally has to go. So I'm moving the entire system to several Server 2012 R2 and the corresponding current versions of Exchange and SQL. Server and SQL are ready, now it's Exchange's turn.
So I installed Windows Server 2012 R2 on a new machine, joined it to the domain and installed Exchange 2016 on the pristine white server. Then I completely configured and tested it and moved the users. All good, access via Outlook, OWA and ECP without any problems.
Before I move the reception to the new server, I should put a virus scanner on it... I thought to myself . The system is running Trend Micro Worry Free Business Security (TM WFBS) 9.0 (current patch level). In addition to the security agents for the desktops and servers, WFBS also has a messaging security agent for Exchange Server. This is installed by adding the new Exchange to the WFBS administration console.
Immediately after installation, my Outlook clients (2010 and 2016) could no longer connect. A new profile failed because the Exchange was supposedly no longer accessible, OWA and ECP continued to work without any problems. So I first familiarized all affected users with OWA and then contacted Trend Micro and MS.
Here are the relevant answers:
Answer Trend Micro
Dear User
First of all, let me just provide you this information. Upon checking, looks like the Messaging Security Agent is not compatible with Exchange 2016. I believe that’s why the Exchange 2016 configuration was broken or not working anymore. Unfortunately, here’s the only possible solution that I can think of for this concern.
Make sure there are no more remnants of the MSA on the machine:
Refer to this helpful article for manual removal.
http://esupport.trendmicro.com/solution/en-US/1096694.aspx
Once done, you can try to check out this article from Microsoft on how to configure the MAPI over HTTP as they’ve mentioned to you.
https://technet.microsoft.com/en-us/library/mt634322(v=exchg.160).aspx
To tell you the truth, I’m not really familiar with this function itself from Microsoft so if you need assistance on this, you can refer to them instead.
Lastly, if all else fails, I believe we might resort to the re-installation of the Exchange as the Microsoft support suggested.
*Additional note: If you want protection for your Exchange 2016, you can try our Scanmail for Exchange (SMEX) instead.
Hope this answers your concern.
Let us know the results.
Thank you and have a good day!
Answer Microsoft
This is a known issue which can be reproduced on Exchange 2016 Servers.
The installation of the TrendMicro application breaks the MAPI over HTTP protocol on the Exchange 2016 servers.
The only known workaround to the problem is an installation of a new Exchange 2016 server.
The problem arises because of the use of a third party Application and is thus not supported from Microsoft perspective.
End
At this point, no further attempt was made to bring MAPIoverHTTP back to life. Who knows what kind of rotten eggs have been laid in the nest. Reinstalling is probably the easier way here. I didn't find any information on the Trend Micro website that Worry Free (nice name in this context) is already compatible with Exchange 2016. The system requirements manual only mentions Exchange 2013, but that doesn't seem to have been updated for some time, as the SP for Exchange 2013 is still listed as N/A:
Virus scanners in particular often cause problems on Exchange servers, so it is essential to ensure compatibility beforehand. The corresponding exclusions must also be configured:
https://technet.microsoft.com/en-us/library/bb332342(v=exchg.160).aspx
If you know of any such stories, please feel free to send them to me. I always find it helpful to hear about such problems in advance :-)
Many thanks at this point once again to Silke, who agreed to the publication.
I would even go so far as to say that there is no need to install a virus scanner on Exchange servers, but that a slightly different concept leads to more success and fewer problems:
What do you think? Feel free to write your opinions in the comments.